In light of news about Samsung’s utter failure in securing their Tizen platform, I wanted to ask if the previous plans to move SmartThings hubs to Tizen have progressed, and what that status is.
For those unfamiliar with the Tizen security situation, Ars Technica has a short writeup on it: https://arstechnica.com/gadgets/2017/04/samsungs-tizen-is-riddled-with-security-flaws-amateurishly-written/
tl;dr: an independent security researcher has found numerous inexcusable security holes riddled throughout Tizen. This isn’t just a single security breach, but a chain of breaches and poor design that puts the entire platform into question.
IF the SmartThings hubs are running Tizen, or will be running Tizen in the near future, I will be seriously considering dropping SmartThings for my home automation entirely. If it is still a ways out, I want to hear a commitment from the developer department of SmartThings that they will not push Tizen until it has passed reasonable security procedures. At this point, I would consider nothing less than a full, publicly documented and passed independent penetration test to feel safe using these products under Tizen.
This isn’t about toggling a bunch of lights anymore, folks. If you want to control our locks, and run our security cameras, you better be taking this extremely seriously.