{"id":6890,"date":"2017-04-10T14:45:59","date_gmt":"2017-04-10T14:45:59","guid":{"rendered":"https:\/\/www.kaspersky.fr\/blog\/?p=6890"},"modified":"2017-09-24T11:57:35","modified_gmt":"2017-09-24T11:57:35","slug":"tizen-40-bugs","status":"publish","type":"post","link":"https:\/\/www.kaspersky.fr\/blog\/tizen-40-bugs\/6890\/","title":{"rendered":"Syst\u00e8me d&rsquo;exploitation Tizen : 40 nouvelles vuln\u00e9rabilit\u00e9s"},"content":{"rendered":"<p>Depuis plusieurs ann\u00e9es, le plus grand d\u00e9veloppeur de smartphones, Samsung, promeut massivement le syst\u00e8me d\u2019exploitation Tizen. Tout a commenc\u00e9 en 2013, lorsque deux nouvelles cam\u00e9ras Samsung tournant sous le syst\u00e8me d\u2019exploitation Tizen ont vu le jour. Plus tard, l\u2019entreprise a lanc\u00e9 des montres intelligentes bas\u00e9es sur Tizen.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-6891\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/93\/2017\/04\/06093828\/tizen-vulnerabilities-featured.jpg\" alt=\"\" width=\"1460\" height=\"960\">En 2015, le syst\u00e8me d\u2019exploitation s\u2019est \u00e9tendu aux smartphones, le premier fut <a href=\"http:\/\/www.gsmarena.com\/samsung_z1-6894.php\" target=\"_blank\" rel=\"noopener nofollow\">le Samsung Z1, un t\u00e9l\u00e9phone relativement bon march\u00e9<\/a>. En 2016, le g\u00e9ant cor\u00e9en, a mis en place Tizen sur toutes ses t\u00e9l\u00e9visions. Finalement, en 2017, lors du Consumer Electronics Show, l\u2019entreprise a pr\u00e9sent\u00e9 une <a href=\"http:\/\/www.theverge.com\/circuitbreaker\/2016\/5\/4\/11591780\/samsung-family-hub-smart-fridge-hands-on-price-release-date\" target=\"_blank\" rel=\"noopener nofollow\">machine \u00e0 laver, un r\u00e9frig\u00e9rateur<\/a>, et un aspirateur, tous fonctionnant sous Tizen,<\/p>\n<p>Actuellement, des dizaines de millions d\u2019appareils, dont la vaste majorit\u00e9 sont des t\u00e9l\u00e9visions intelligentes, utilisent Tizen. Il semblerait que Samsung va continuer \u00e0 mettre en place et utiliser le m\u00eame syst\u00e8me d\u2019exploitation sur d\u2019autres appareils \u00e9lectrom\u00e9nagers, par cons\u00e9quent ce nombre va augmenter <em>consid\u00e9rablement <\/em>sous peu<em>. <\/em><\/p>\n<p>Il est grand temps de se poser la question\u00a0: Tizen est-il s\u00e9curis\u00e9\u00a0?<\/p>\n<p>Voici la r\u00e9ponse\u00a0: non. Pas du tout. Lors du <a href=\"https:\/\/www.kaspersky.fr\/blog\/what-is-sas\/6874\/\" target=\"_blank\" rel=\"noopener\">Security Analyst Summit 2017<\/a>, l\u2019expert en s\u00e9curit\u00e9 Amihai Neiderman a signal\u00e9 40 vuln\u00e9rabilit\u00e9s zero day, des vuln\u00e9rabilit\u00e9s inconnues et non corrig\u00e9es qui sont utilis\u00e9es pour prendre le contr\u00f4le de l\u2019appareil et le pirater. Ce qui est particuli\u00e8rement dangereux, c\u2019est que cette liste comporte des failles de s\u00e9curit\u00e9 sur la boutique et le navigateur de Tizen. La boutique poss\u00e8de les principaux privil\u00e8ges sur le syst\u00e8me, de sorte que la vuln\u00e9rabilit\u00e9 peut \u00eatre utilis\u00e9e pour r\u00e9pandre des malwares sur des appareils tournant sous Tizen.<\/p>\n<p>Comme l\u2019a d\u00e9clar\u00e9 Neiderman\u00a0: \u00ab\u00a0J\u2019ai trouv\u00e9 40 bugs diff\u00e9rents, la plupart d\u2019entre eux semblaient exploitables. La situation est similaire \u00e0 celle de 2005 par rapport aux vuln\u00e9rabilit\u00e9s que j\u2019ai trouv\u00e9es. Si vous ouvrez un livre sur la recherche des vuln\u00e9rabilit\u00e9s, ce pourrait \u00eatre un des premiers exemples que vous verrez. A l\u2019heure actuelle, Tizen n\u2019est pas suffisamment mature, il n\u2019est pas encore pr\u00eat \u00e0 \u00eatre envoy\u00e9 \u00e0 un tel public. Si moi j\u2019ai \u00e9t\u00e9 capable de trouver des vuln\u00e9rabilit\u00e9s en quelques heures de recherche, alors quelqu\u2019un qui se d\u00e9die vraiment \u00e0 \u00eatre un chercheur de Tizen trouvera beaucoup plus de vuln\u00e9rabilit\u00e9s\u00a0\u00bb.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Samsung lance de plus en plus d\u2019appareils tournant sous le syst\u00e8me d\u2019exploitation Tizen. Lors du SAS 2017, nous avons d\u00e9couvert que ce syst\u00e8me d\u2019exploitation est extr\u00eamement dangereux. <\/p>\n","protected":false},"author":421,"featured_media":6892,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[6],"tags":[2126,224,1098,552,1367,636,602,1038,730,2138],"class_list":{"0":"post-6890","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-news","8":"tag-thesas2017","9":"tag-appareils-mobiles","10":"tag-ido","11":"tag-internet-des-objets","12":"tag-montres-intelligentes","13":"tag-samsung","14":"tag-sas","15":"tag-security-analyst-summit","16":"tag-tizen","17":"tag-tv-intelligente"},"hreflang":[{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/tizen-40-bugs\/6890\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/tizen-40-bugs\/10981\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/tizen-40-bugs\/8623\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/tizen-40-bugs\/9065\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/tizen-40-bugs\/10336\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/tizen-40-bugs\/10040\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/tizen-40-bugs\/14538\/"},{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/tizen-40-bugs\/3068\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/tizen-40-bugs\/14525\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/tizen-40-bugs\/7234\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/tizen-40-bugs\/6523\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/tizen-40-bugs\/10027\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/tizen-40-bugs\/15151\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/tizen-40-bugs\/14525\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/tizen-40-bugs\/14525\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.fr\/blog\/tag\/thesas2017\/","name":"#TheSAS2017"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/posts\/6890","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/users\/421"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/comments?post=6890"}],"version-history":[{"count":1,"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/posts\/6890\/revisions"}],"predecessor-version":[{"id":6893,"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/posts\/6890\/revisions\/6893"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/media\/6892"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/media?parent=6890"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/categories?post=6890"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/tags?post=6890"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}