Samsung's Changes To Android Are Making Its Phones Less Secure, Says Google

Google scolded Samsung this week for an issue discovered on the Korean phone maker's Galaxy A50. From a report: Google says Samsung made "unnecessary changes to Android's core kernel," adding the changes Samsung made threaten rather than strengthen the phone's security. The tech giant has a vested interest in making sure Android is secure for OEMs and end users alike. Earlier this week Google announced it has made measurable efforts to limit malicious apps on its Google Play Store and it's clamping down on the permissions apps can request, resulting in a 98% reduction in requests for access to user's call history and text messages. It's also been tackling more worrying bugs, like self-reinstalling ones. But in this instance, it's a hardware partner that's causing the problems. In a detailed blog post from Google's Project Zero Team, researcher Jann Honn outlines the exact issue with Samsung's changes to the Android kernel on the A50. Samsung's changes included a security feature to restrict an attacker from reading or modifying user data, but Honn says the move is "futile" and rather than bolstering security, it introduces vulnerabilities that could increase an attacker's ability to arbitrarily execute code.

Less usable too.

[rlwinm]

Samsung's changes to the UI of Android are also pretty negative in terms of usability. I love Samsung hardware but I avoid it because I just want the same Android experience I get on Pixel, Motorola, and even LG (until the HW breaks a month later). Every time I've tried to use a Samsung as my daily driver I find it too painfully different from Android and switch.

Re:

[Aighearach]

It is sad because I like their manufacturing. In `99 I paid over $1500 for a 15" IBM LCD that was actually made my Samsung, for use in a kiosk, and the build quality impressed me so much they were my go-to brand for consumer electronics until they started putting "smart" features in. And they always put the stupid "smart" features in, like, "it can talk to the internet." No thank you. If I can't trust their TV or audio receiver not to update itself, I'm sure as not going to trust them with an actual, intent

Re:

[Aighearach]

On the flip side, Samsung's large BLDC motors for the washers and driers are really great for DIY projects.

If you want a modern washer without the IoT stuff, you can get a nice Miele rebranded as a Maytag.

Re:

[youngone]

I prefer Samsung's UI.
The Samsung music player is also the best one I have found so far, on Android.
To be fair, I have just bought an old Nexus 5X to install Plasma Mobile on, just as an experiment to see how well that works.

Re:

[rlwinm]

Samsung does do a few things better. But overall the problem with their UI is twofold: It's not consistent with other Android devices and it lags behind other UI improvements in Android. Android 10 is actually pretty good as far as UI/UX goes. I would prefer if Samsung did smaller improvements and worked to get them into mainline Android rather than giant changes.

Re:

[ArmoredDragon]

Samsung's UI isn't the only problem, they load it with so much fucking trial apps and advertisements it's insane. I dusted off my Note 4 recently, odin flashed it with the last firmware, and the SOB is slow as hell because they added even more crapplets than it started with back in the day. With the few apps that I even ran for only about 8 or so minutes, I kept getting full screen advertisements (literally, the entire fucking screen, as if I switched to another app, only I didn't) telling me to try some ra

Re:

[youngone]

I have zero trial apps, or advertisements on any of my Samsung devices. Maybe those are installed by your network provider?

I kept getting full screen advertisements (literally, the entire fucking screen, as if I switched to another app, only I didn't) telling me to try some random freemium and/or paid app that was installed and can't be removed.

I have never seen that, even a single time. On any Samsung device.

Re:

[gbjbaanb]

Maybe get a Samsung and install the /e/ OS onto it [e.foundation] - which is an Android OS and ecosystem, but de-googled.

Frankly, every time I've used a plain Google OS, they issue a new version and all the damn UI changes anyway, so its really just a matter of taking the time to get used to the differences.

the kernel/security changes are more important.

[gl4ss]

knox etc basically have a call home and a backdoor.

It's very handy for kiosk type mdm installations. they work just by imei lists that samsung has. it's a remote back door controlled by samsung. but like said very handy for kiosk mdm usage scenarios if you buy from samsung and they put those imeis on the list and then you can just control them via mdm after startup.

also what sucks about the knox is that basically, if you pay samsung you can do almost everything a root app can do. including firewall rule cha

I'm honestly curious

[fuzzyfuzzyfungus]

I have to wonder if this is just Samsung being Samsung, who should really stick to hardware and stay the hell away from the software side; or whether this is Samsung being somewhere between disinterested and actively unhelpful because they have their own little security buzzword ecosystem [samsungknox.com] that's integrated with their Android devices(at least the suitably licensed ones, I think some flavors of it are an upsell) but deliberately distinct from the Android security model, such as it is, because Samsung fundamentally doesn't want to just be a hardware OEM for Google.

Re: I'm honestly curious

[Cmdln Daco]

Obviously nobody should want to be a hardware OEM for Google. Why should equipment suppliers want that. Wht should today's companies repeat the OEM enslavement Microsoft practices in the past.

Further, why would Google not spread as much FUD as Microsoft did in the past?

Re:I'm honestly curious

[Bryan Gritton]

I'd like to see Samsung become a strictly hardware vendor. They've never been good at making software. Google scolding them for not making good software shouldn't be a surprise to anyone. Hopefully when Google makes it so Android uses the Linux kernel unchanged, we'll see the end of some of this bad behavior by vendors like Samsung. But then it seems like Samsung just can't resist the urge to re-invent the wheel with their own lousy, unnecessary versions of Android apps.

Re:

[thegarbz]

but deliberately distinct from the Android security model, such as it is, because Samsung fundamentally doesn't want to just be a hardware OEM for Google.

That's hardly fair. Samsung Knox was a viable competitor to iPhone's device management and security features back when Google was still trying to figure out how to get device encryption working.

A better question is why should Samsung abandon a mature and widely supported management and data isolation platform in favour of something that came after and has distinctly fewer features. There are a large number of companies out there who support iPhones and Galaxy S devices, and nothing else. The company I work

Cinch it down

[Cmdln Daco]

Google's objective is to cinch down security to prevent info from leaking that only they should have access to. I recently had to go in and futz with my gmail accounts to get their server to allow me to fetch my gmail messages into sylpheed. I never use their web portal for anything gmail.

They wan to run as much of the internet as possible through their private channels, citing off all competitors.

They make Microsoft from the bad old days seem like a naughty little kitten

Re:

[93 Escort Wagon]

Android ain’t done until Bixby won’t run!

Re:

[NateFromMich]

Android ain’t done until Bixby won’t run!

Hmm, that wouldn't bother me in the slightest.

Re:

[eric2hill]

You're complaining that Google's objective is to prevent leaking information that should be secured, and that you had to use an app-specific password ( https://support.google.com/acc... [google.com]) to allow a third party app to fetch data?

They are literally doing security correctly, and STILL allowing you to get to your data. This is precisely what they should be doing.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[NateFromMich]

Android's not securable at all. Never was, and Google will never care. It's not a matter of degree.

-jcr

That's an insanely ignorant thing to say.
It's as "securable" as anything else.

Re:

[DogDude]

No, it isn't. An OS written and controlled by a data mining company is the definition of insecure.

Re:

[postbigbang]

Thank you.

If we geeks got behind phones using actual Linux (there are four viable vendors now), we could get rid of the spyware, the neural nets tracking us, the insipid Oracle/Java/Android morass, and just get on with actual quality of life. App source would be exposed so that it can be searched for malware, bad construction, and spying, and it's a better day. The telcos would scream, but the telcos scream about everything anyway-- the other side of this duopoly.

Re:

[Khyber]

Michigan education, ladies and gentlemen. Probably Flint-based, at that.

Re:

[account_deleted]

Comment removed based on user account deletion

I've got this bridge for sale

[ArhcAngel]

At this point I don't believe anything Google says. Android's underpinnings may be OSS but the true working are baked into Google Play Services which are not open and any Android phone without them is hamstrung out of the gate. Just try and run your favorite non-Google app and see if it doesn't give you the dreaded "This app requires Google Play Services". It looks so much like EEE I can't help but think that was the play all along. I suspect Samsung is doing something that eats into Google's data mining em

Re:

[thegarbz]

Just try and run your favorite non-Google app and see if it doesn't give you the dreaded "This app requires Google Play Services".

Well given I have an old Cyanogen phone without Google apps and most of my apps including my favourite ones work just fine I don't really "feel" your cause here. Yeah Google did move a large portion of the system into Google Play, everyone asked them to. Here on Slashdot Android security is a whole meme on lack of updates from vendors and when Google first announced some core OS service components will be managed via Google Play it was a move that was widely celebrated.

Can't please everyone I guess, especia

Re:

[WaffleMonster]

Yeah Google did move a large portion of the system into Google Play, everyone asked them to.

This is not true. I didn't ask them to do this and I don't know of anyone who did.

Here on Slashdot Android security is a whole meme on lack of updates from vendors and when Google first announced some core OS service components will be managed via Google Play it was a move that was widely celebrated.

No it was derided as ridiculous. Thinking you can meaningfully improve security by taking away pressure on vendors to update their shit is like blasting off into space by digging a bigger hole in the ground.

The only solution to lack of updates is updates. Google Play for example doesn't do jack to protect user from escape vulns which has plagued Android for all of its history.

Can't please everyone I guess

All manufacturers have to do is quit baking roms

No kidding

[OneHundredAndTen]

Samsung has a reputation for coming up with fine hardware, and the very worst software in the industry - at least in the non-bloatware space.

Re:No kidding

[twocows]

Seconding this. While it's probably the worst example, my brother's S7 Edge was an utter piece of shit that was absolutely filled with shitty Samsung bloatware after a factory reset, overheated by default (you had to change the power mode to make it not a flaming brick and factory resetting it would put it back into flaming brick mode), and couldn't easily be unlocked to flash it with something that didn't have these problems. It was truly the worst smartphone I've ever had the displeasure of encountering and it soured me on Samsung and made me always look for phones that have as close to stock Android as possible.

Re:

[thegarbz]

While it's probably the worst example, my brother's S7 Edge was an utter piece of shit that was absolutely filled with shitty Samsung bloatware

Lol you youngens. I still remember Samsung rolling their own file system for the original Galaxy S. A turd so slow that the OS frequently thought an app that read or wrote from the system has actually stopped responding simply because the I/O took so long and then force closed it.

A popular hack for that phone was to backup the entire system. Reformat both RFS partitions (no not that open source RFS) phone partitions in ext4 and then copy the OS contents back to the phone. That alone gave you an order of mag

Let's Talk About Specifics

[DigitalisAkujin]

What are we talking about here?

Your storage? Like what happens when your phone is in the hands of a cop? How easy is it for them to look at the data on your storage?

Answer: Android now has an encrypted data partition so not very easy.

How easy is it for malware to edit your phone's system? Most manufacturers lock their bootloader so that you can only boot a system partition that is signed with their certificate and if that is compromised you generally have to factory reset the phone.

It is super annoying though because if you unlock the bootloader and flash your own system the bootloader will continue to keep saying it's "not secure" even though the data partition is still encrypted.

As far as actual security in user space Android is relatively clean. There are very few zero days in the most recent versions of Android. Devs on XDA keep trying to find them just so they can modify the system partition as root.

As for your actual data? You're kinda fucked if you install an app with permission to read storage. You can data mine a ton of data from that alone.

TLDR: Don't install random stupid shit.

Re:Let's Talk About Specifics

[kwalker]

If you want to talk specifics (Not just concepts like you did), you have to RTFA.

'Samsung's changes included a security feature to restrict an attacker from reading or modifying user data, but Honn says the move is "futile" and rather than bolstering security, it introduces vulnerabilities that could increase an attacker's ability to arbitrarily execute code.'

i.e. They added a security module to do something they thought was a good idea, but itself wasn't secure, so now that security module is an attack surface.

This isn't about installing random stupid shit (Which I agree is a bad idea), this is about Samsung trying to be too cleaver by half.

Re:

[DNS-and-BIND]

The cop just opens or installs File Manager on your phone. Then looks through your files. What do you mean, "not very easy"?

Re:

[WaffleMonster]

Your storage? Like what happens when your phone is in the hands of a cop? How easy is it for them to look at the data on your storage?

Answer: Android now has an encrypted data partition so not very easy.

Since when has Android ever given the police any trouble? At least Apple actually tried which is far more than can be said of Android.

All of the security chips from Qualcomm et al have known issues that allow key extraction.

How easy is it for malware to edit your phone's system?

How often are privilege escalation vulnerabilities discovered in Android?

Most manufacturers lock their bootloader so that you can only boot a system partition that is signed with their certificate and if that is compromised you generally have to factory reset the phone.

WOW...so impressed... the answer to compromise is wipe everything and start over. What amazing security.

As far as actual security in user space Android is relatively clean.
There are very few zero days in the most recent versions of Android. Devs on XDA keep trying to find them just so they can modify the system partition as root.

Devs keep succeeding at finding new escalation vulnerabilities while device vendors respond by abandoning th

Negativity towards Google

[tuppe666]

There seems a lot of negativity towards Samsung and it's software, but really I think it's a mixture of Google's being very good and people desiring a more vanilla experience on their phone.

The reality is though Samsung's exfat has just been added to Linux and I am personally glad they did, if Google go down a fusia!? Route I want phone manufacturers to be prepared in Linux to replace them.

Hotspot blacklist

[Confused_Enemy]

They took away the ability to MAC block wifi clients. This was handy for me to control several devices in my house based on needs.

fix your own shit google

[bloodhawk]

While I think most people would agree Samsung software blows chunks and they really should not be writing anything security wise.. None of their stupid modifications would be necessary if google did the right thing security wise from the start. Their dumb arse security team spend all their time looking at other peoples stuff and publicly lambasting it while their own stuff continues to rott and fester. I have to wonder if the security team really is just a PR team meant to divert eyes from the terrible job

Really Google?

[sad_]

Even though i agree with Google and Samsung should not make all those changes to the kernel, the kernel Google uses contains just as much extra code compared to the vanilla mainline kernel.