Samsung_Knox

Samsung’s Knox security system, designed to allow it to compete with Blackberry for government and corporate business, contains a vulnerability that could be breached by something as simple as a children’s game, say security researchers at Israel’s Ben-Gurion University of the Negev.

Knox is designed to provide a secure storage area in the phone for sensitive data, protected from apps installed outside it. The WSJ reports that an app installed outside the Knox container could be capable of recording all data communication taking place inside Knox – “even a relatively unsophisticated app, such as a mobile game aimed at children” … 

The alleged security gap, which the researchers say they discovered earlier this month, comes as Samsung pitches the new security platform called Knox to potential clients at the U.S. Department of Defense and other government and corporate entities, in a bid to compete with BlackBerry, whose devices have been considered the gold standard among security-conscious clients for years.

While it’s normal for vulnerabilities to be discovered during testing of new security systems, this one has been described as a ‘category one’ weakness, the most serious level.

“For us, Knox is state-of-the-art in terms of a secure mobile architecture, and I was surprised to find out there was such a big ‘hole’ that was left untouched,” said Dudu Mimran, the lab’s chief technical officer, who added that he was willing to work with Samsung on the issue.

While Knox was said to have been approved for government use, the Pentagon said that it is currently only testing 500 Samsung S4 handsets equipped with Knox, and that none of them have been deployed.

Samsung confirmed that the vulnerability exists, but downplayed its importance and said that it will be patched.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

One Response to “Samsung’s Knox smartphone security system could be breached by a children’s game – security researchers”

  1. Knox is the biggest scam from Samsung … i rather Chinese devices than Samsung Knox devices … you violate the rules of Linux .. witch is freedom .. and creativity .. and privacy !!
    so go to hell with your fag Knox products , i found a device very match to gt-i9505 main hardware’s and pure android software “very cheep price !!” i can use it however i like and put anything and create anything i want on .
    so keep your shit Knox I’m leaving you .
    if i wanted your compromised fail security .. i prefer to use iPhone than galaxy .

    scam me once shame on you … scam me twice shame on me !!