Samsung's Tizen OS programmed badly, containing 27,000 bugs?

One researcher said that Samsung's Tizen operating system, currently running on its millions of products, is poorly programmed, can contain nearly 27,000 programming errors, which can lead to thousands of vulnerabilities. .

Tizen is an open-source operating system based on Linux, backed by Intel and Samsung Electronics and in the development process since early 2012. It is designed for mobile phones, tablets, smart TVs, copper. Smart watch, camera and PC.

According to Andrey Karpov, founder of Program Verification Systems, created PVS-Studio (a static code analysis tool that helps programmers find and fix bugs right on the source code), his team discovered hundreds of bugs in the Tizen project by PVS-Studio.

Samsung's Tizen operating system is written in C / C ++ language, currently has 72.5 million lines of source code. Among them, Karpov's team analyzed randomly selected modules, about 3.3% of the entire project and found nearly 900 errors.

'If I extrapolate the results, my team can detect and fix about 27,000 Tizen errors', Karpov said.

In April of this year, Israeli researcher Amihai Neiderman called Tizen the "worst code I've ever seen" after testing the operating system and discovered 40 zero-day vulnerabilities. After finding thousands of Tizen errors, Karpov contacted Samsung to offer to buy PVS-Studio analysis software but Youil Kim from Samsung declined.

Samsung's Tizen OS programmed badly, containing 27,000 bugs? Picture 1 Samsung's Tizen OS programmed badly, containing 27,000 bugs? Picture 1
According to the evaluation of PVS-Studio, Tizen contains up to 27,000 bugs

According to an exchange email between Karpov and Kim, Samsung used SVACE technology (Security Vulnerabiloties and Critical Errors Detector) to detect vulnerabilities and bugs in the source code. of the application created for Tizen.

'We also know that there are other tools that can find defects. But we don't think Tizen has 27,000 errors. As you know, many static analysis warnings are usually just about making small problems, 'Kim said.

The Tizen operating system currently runs on nearly 30 million smart TVs, Gear brand watches, cameras, home appliances and a number of phones sold in Russia, India and Bangladesh markets.

Sansung also plans to bring 10 million Tizen phones to the market later this year. So if what Karpov says is true - in a way that the Samsung representative also acknowledged - then the company should shift to focus on operating system security issues on Tizen 4.0, which will be released in September. .