Google criticizes Samsung for making changes to the Android kernel |
Google this week criticized Samsung Galaxy A50 for its problems and specifically mentioned that Samsung had made unnecessary changes to the heart of the Android system. Although Samsung is the largest manufacturer of Google devices, the last step from Samsung has drawn criticism. from Google.
Critics came from the Google Security team named Project Zero, which is responsible for discovering weaknesses and weaknesses, and explained Jann Horn from the Google Project Zero Security Team, Samsung Galaxy A50 in an article. Very detailed. Android kernel concerns.
The post states that every Android device has made changes to Linux kernel for Android to make it work properly, because these changes on the device are important, but in many cases necessary, but what Samsung is doing. These changes seem to cause more functional weaknesses.
Horn said: Samsung's changes are designed to provide hardware access directly to the kernel by adding custom drivers to transfer data to the end user. These changes are not verified by kernel developers.
This means that Samsung is trying to solve the problem on its own rather than using more official Google messages that can execute possible random code on devices running Android Pie Android or even Android 10.
Horn explains this by talking about a bug in the Galaxy A50 affecting the Samsung Operations Security subsystem to review the process that Google reported to Samsung in November and released a fix this month. -ci. ,
Google says it has worked hard to protect operations that have access to device drivers to prevent security violations. Kernel changes to Samsung devices above seem to be a common cause of security breaches.
When companies like Samsung made changes to the kernel, they shut down Google, and the search giant said changes to Samsung were not necessary. For example, the change in Samsung is a safety measure designed to arbitrarily limit an attacker's ability to read and write in the kernel.
Google says this change is unnecessary, and Samsung's efforts may have prevented attackers from getting to this point better, and Horn said all sellers should strive to use and implement commonly used updates. Control the main kernel instead of working one way or another. Individual and increased risk of errors.