Linked by Thom Holwerda on Wed 4th Nov 2015 11:32 UTC
Android

Google's Project Zero, which investigates the security of popular software, recently turned its attention to the Galaxy S6 Edge.

A week of investigation showed that there are a number of weak points in the Samsung Galaxy S6 Edge. Over the course of a week, we found a total of 11 issues with a serious security impact. Several issues were found in device drivers and image processing, and there were also some logic issues in the device that were high impact and easy-to-exploit.

The majority of these issues were fixed on the device we tested via an OTA update within 90 days, though three lower-severity issues remain unfixed. It is promising that the highest severity issues were fixed and updated on-device in a reasonable time frame.

I love that Google has Project Zero, and that the Zero team is not afraid of exposing the weaknesses in the company's own products (in this case, Android). Few companies out there would allow this.

Permalink for comment 620330
To read all comments associated with this story, please click here.
Comment by gedmurphy
by gedmurphy on Wed 4th Nov 2015 13:17 UTC
gedmurphy
Member since:
2005-12-23

"I love that Google has Project Zero, and that the Zero team is not afraid of exposing the weaknesses in the company's own products (in this case, Android). Few companies out there would allow this."

When you're open source you kinda have to, to try and keep ahead of the thousands of others are doing the same. They wouldn't do this for their closed source projects.

Let's be honest, project zero is just a platform for them to try to embarrass closed source companies who can't always cohere to their 90 day deadline.

Reply Score: 3