Did You Know?



Reply
Community Leader
Jasper_The_Rasper
Posts: 1,042
Registered: ‎06-12-2013

Huge Security Threat Spotted in Samsung’s KNOX Security Software

Samsung KNOX, the company’s bid for the enterprise market with a promise of total smartphone security, may not be as safe as the South Korean tech titan claims. A team of Israeli researchers are pointing to a single hack that could compromise the software, The Wall Street Journal reports.

The cyber-security team, working out of a university in southern Israel, claims the hack could give someone access to emails and data communications, compromising KNOX’s promise to run certain apps inside a secure field. Samsung’s security software is pre-installed on the Galaxy Note 3 and comes with the update to Android 4.3 for other devices including the Galaxy S4, Galaxy S III and Galaxy Note II.

 

Full Topic

Community Leader

Please use plain text.
cohbraz
Posts: 646
Registered: ‎08-06-2012

Re: Huge Security Threat Spotted in Samsung’s KNOX Security Software

I am curious about this software. I have a Galaxy S III with the just -released 4.3 update, but it does not contain KNOX. I also can't find this on the play store.

 

I have a little research to do!

___________________________________________________________
Corey B.
Protected by Webroot


Please use plain text.
Community Leader
Jasper_The_Rasper
Posts: 1,042
Registered: ‎06-12-2013

Samsung's official response to recent article on KNOX vulnerability

Samsung has collaborated with Google to produce the following public response to the recent report from Ben-Gurion University researchers on a vulnerability in Samsung KNOX.

Recently, there have been reports that security researchers from Ben-Gurion University Cyber Security Labs found a vulnerability on a Samsung Galaxy S4 device with the KNOX security platform.

After discussing the research with the original researchers, Samsung has verified that the exploit uses legitimate Android network functions in an unintended way to intercept unencrypted network connections from/to applications on the mobile device. This research did not identify a flaw or bug in Samsung KNOX or Android; it demonstrated a classic Man in the Middle (MitM) attack, which is possible at any point on the network to see unencrypted application data. The research specifically showed this is also possible via a user-installed program, reaffirming the importance of encrypting application data before sending it to the Internet. 

 

Full Response

Community Leader

Please use plain text.