Google has announced that it Project Zero team have been looking into security on a popular Android device, the Samsung Galaxy S6 Edge.
The team at Project Zero found a number of security bugs on the Galaxy S6 Edge, the discovered a total of 11 different flaws with the handset which they considered to be ‘high-impact security issues’.
Having done some previous research on Google-made Nexus devices running AOSP, we wanted to see how different attacking an OEM device would be. In particular, we wanted to see how difficult finding bugs would be, what type of bugs we would find and whether mitigations in AOSP would make finding or exploiting bugs more difficult. We also wanted to see how quickly bugs would be resolved when we reported them. We chose the Samsung Galaxy S6 Edge, as it is a recent high-end device with a large number of users.
Samsung has now apparently fixed most of the security issues on the device, although there are apparently still a few to fix, you can find out more details over at Project Zero at the link below.