light bulb

Did You Know?

Posts: 8,025
Topics: 5,474
Kudos: 11,320
Registered: ‎06-12-2013

Huge Security Threat Spotted in Samsung’s KNOX Security Software

Samsung KNOX, the company’s bid for the enterprise market with a promise of total smartphone security, may not be as safe as the South Korean tech titan claims. A team of Israeli researchers are pointing to a single hack that could compromise the software, The Wall Street Journal reports.

The cyber-security team, working out of a university in southern Israel, claims the hack could give someone access to emails and data communications, compromising KNOX’s promise to run certain apps inside a secure field. Samsung’s security software is pre-installed on the Galaxy Note 3 and comes with the update to Android 4.3 for other devices including the Galaxy S4, Galaxy S III and Galaxy Note II.


Full Topic

Sr. Community Leader

Posts: 931
Registered: ‎08-06-2012

Re: Huge Security Threat Spotted in Samsung’s KNOX Security Software

I am curious about this software. I have a Galaxy S III with the just -released 4.3 update, but it does not contain KNOX. I also can't find this on the play store.


I have a little research to do!

Corey B.
Protected by Webroot

Create New Trouble Ticket | Account Console | User Guides |

Posts: 8,025
Topics: 5,474
Kudos: 11,320
Registered: ‎06-12-2013

Samsung's official response to recent article on KNOX vulnerability

Samsung has collaborated with Google to produce the following public response to the recent report from Ben-Gurion University researchers on a vulnerability in Samsung KNOX.

Recently, there have been reports that security researchers from Ben-Gurion University Cyber Security Labs found a vulnerability on a Samsung Galaxy S4 device with the KNOX security platform.

After discussing the research with the original researchers, Samsung has verified that the exploit uses legitimate Android network functions in an unintended way to intercept unencrypted network connections from/to applications on the mobile device. This research did not identify a flaw or bug in Samsung KNOX or Android; it demonstrated a classic Man in the Middle (MitM) attack, which is possible at any point on the network to see unencrypted application data. The research specifically showed this is also possible via a user-installed program, reaffirming the importance of encrypting application data before sending it to the Internet. 


Full Response

Sr. Community Leader

Posts: 4,901
Topics: 2,634
Kudos: 4,824
Blog Posts: 0
Registered: ‎06-02-2014

Re: Samsung's official response to recent article on KNOX vulnerability

The following article is a update

(Knocking Knox: Samsung DENIES vuln claims, says mysterious blogger is a JOKER)

By John Leyden,


A damning security critique against Samsung's US government-approved Knox system has been dismissed by the South Korean tech giant.

Earlier this week, Knox was given the green light for use on classified Stateside government networks and data.


Samsung had became the "first consumer mobile device manufacturer validated to handle the full range of classified information in the US", the company's security unit boasted.

Days later, an anonymous, newbie German blogger attempted to spoil Samsung's g-men party with a lengthy critique of the system.


Full Article

Community Leader