Samsung: Security or arrogance?

When does a supplier's take-it-or-leave-it attitude cross the boundary from being a reasonable security practice to outright arrogance? I think Samsung crossed the line.

Ever since I allowed the Android 4.4.2 software update to download onto my Samsung Galaxy Note 2, I've faced several problems. The battery life appears to have dropped at least 30 to 40 percent since the update. I also get notices that I must allow security updates to be automatically applied to my system.

When asked if there was a way to back this update off of my system and go back to what I was using before, the folks at Verizon tell me that I am out of luck.

I know that I could root the phone and put on different software, but this is a production device and I don't want to lose access to timely support.

Reduced battery life

The Note 2 used to work all day without the need of a booster charge. After the 4.4.2 update, it needs to be charged several times a day. The support agents over at Verizon have tried to help me track down the battery problem.

It appears that battery life is a common challenge with the 4.4.2 software update on the Note 2.

The company's tech support agent suggested that the problem might be with a dying battery. So, I ordered a new battery.

Guess what. It made absolutely no difference. My Note 2 and I still need to make frequent visits to an electrical outlet for a quick charge. The Verizon agent believes that Samsung is working on an update that should arrive soon. Somehow, I believe the answer Samsung and Verizon really want me to accept is to upgrade to a Note 3 or Note 4.

Security updates from Samsung

Since the 4.4.2 update was installed, I get seven or eight security alerts on the phone every day. I get one every time I put the phone into airplane mode and turn off airplane mode. It is not at all clear what these notices are referring to. Do they indicate a stream of security updates or just a frustrated security system that wasn't programmed to take no for an answer?

Here's the actual message text:

Security Enhancements for Android Policy update

Samsung Electronics Co., Ltd. ("Samsung") offers an automatic update service for its Security Enhanced for Android (SE for Android) policies to enhance security for your device.

These continuous and automatically updates can help to avoid or counteract new malicious code, software bugs, and other security risks on your device, and improve overall software performance.

The updates may add new security policies and delete any existing policies, if necessary. The service may detect and delete downloaded software which contains malware.

Updates are performed wirelessly, without a USB connection, and you may incur a mobile data charge from your carrier.For the update service, the following User information is necessary and will be collected.

Your device's unique identification number, model name, carrier code, security policy records, your device's current software version, MCC (Mobile Country Code), MNC (Mobile Network Code)

The collected information is only used internally by Samsung pursuant to our privacy policy. Unless stated otherwise herein, your data will be collected, processed and used in accordance with Samsung's Privacy Policy at [https:account.samsung.com/membership.pp]. By installing the update, you agree to the terms of our privacy policy.

This notice is followed by large "Decline" and "Accept" buttons.

I have concerns

I have concerns about Samsung's bold grab of my personal data and tracking information. What would happen if I had rooted the phone? Would the company shut down my phone? Would it delete the updated software rending the phone useless?

Special Feature

BYOD and the Consumerization of IT

The Bring Your Own Device phenomenon is reshaping the way IT is purchased, managed, delivered, and secured. Our editors and analysts will delve into what it means, the key products involved, how to handle it, and where it’s going in the future.

Read More

Furthermore, there appears to be no way to know what will be updated, how large the updates might be, or what software might be installed or deleted. And, in my view, the update is asking me to paint a large target on my back and agree to be tracked by Samsung.

While this may have no evil intent, I wasn't interested and declined their gracious offer.

When declining a service isn't an acceptable answer

When I first pressed the button declining this kind offer of providing a service, I thought I was through with the matter. Wrong!  Samsung wasn't about to let me go away untracked. Every time the notice comes up and I decline, the message comes back again.

So, I called Verizon to see if their Android experts could help me say "No" once and for all. My call was passed on to higher levels of support and no one knew where the messages were coming from or how to turn them off.

So, I contacted Samsung and told them what was happening and asked how to turn off these irritating messages.

Samsung's reply

Here is the text from the message Samsung's support team responding to my request to turn off the irritating security update messages:

Dear Dan,

Thank you for contacting Samsung Telecommunications America.

After reviewing your e-mail, I see that you’re receiving notifications on security patches and you would like to decline the patches.

To ensure that your device always has the latest security to protect you and your data, Samsung will occasionally send security updates to the device as needed. I’m sorry to inform you that there is no option to disable these updates. Please follow the on-screen instructions to update your device.

Samsung recommends enabling Automatic updates. You will need to turn on this feature by following the instructions below.

NOTE: The device will display a Security policy updates notification 7 days after activation, if the Automatic updates have not been enabled.

  1. From the Home screen, select Menu > Settings > Security > Security policy updates.
  2. Check the box to the right of Automatic updates to receive security policy notifications
  3. Once you enable the Automatic updates, KNOX displays the Security Enhanced for Android (SE for Android) Policy Update dialog. Select Accept to enable Automatic updates.

Please visit the link below for your reference:

www.samsung.com/us/support/SupportOwnersFAQPopup.do?faq_id=FAQ00057510&fm_seq=75485

Please feel free to get back to us, if you have any further queries. We will be glad to assist you.

If you are looking for more details on the functionality of a product or would like to find answers to some of the questions, visit us at http://originus.samsung.com/us/smartphone-simulators-and-tutorials/# for an interactive review of some of our Samsung products.

For immediate assistance with a live agent, you can also reach out to our chat support team by accessing the following link. Live Chat is available 24 hours a day 7 days a week. Have a wonderful day!

Link: http://www.samsung.com/us/support/contact

Thank you for your continued interest in Samsung products.

Sincerely,

Vaive

Technical Support

What Samsung is really saying to me

It appears to me from Samsung's response to my request to be left alone, that it doesn't care what I think about their security policies whatever they are. The company appears to have no intention of letting its customers know what they're updating, how often the updates will come, how large the updates will be or what these updates will do to the day-to-day operation of the customer's device. It does, on the other hand, expect customers to pay the bill for the use of their limited data allowance if the documentation on the Samsung Website is accurate. I guess that it would be necessary to speak with representatives of the wireless supplier to really know the answer.

There is a fine line between offering a reasonable security support policy and crossing the line and acting like the customer's device is still owned by the supplier. I believe that Samsung has crossed that line.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All