x PhoneArena is looking for new authors! To view all available positions, click here.
  • Home
  • News
  • Samsung explains the "serious vulnerability" in KNOX is actually a common MitM network attack

Samsung explains the "serious vulnerability" in KNOX is actually a common MitM network attack

Posted: , by Luis D.

Tags:

Samsung explains the
Last December, researchers at Israel's Ben-Gurion University of the Negev warned of a vulnerability in Samsung's KNOX security system, featured in Galaxy S and Galaxy Note devices. The alleged loophole could let malware track emails and data communications, and in the worst scenario, have a hacker modify data and deploy malicious code within the supposedly secure device.

About three weeks later, Samsung's KNOX team has published an official statement in its blog, regarding the revelation. According to the post, Samsung has collaborated with the Israeli researchers in a further investigation, which hasn't discovered any flaws or bugs in KNOX that could cause this particular vulnerability.

Apparently, the security gap in question is not due to a weakness in KNOX. The alleged “exploit” is actually a common attack which makes illicit use of "legitimate Android network functions" to intercept unencrypted network connections from and to apps on a mobile device. This is also known as the "Man in the Middle (MitM)" approach, which makes it possible to “eavesdrop” on a network and hijack messages sent between its points.

Samsung points out that KNOX is equipped with additional protections against this type of network attack - Mobile Device Management, Per-APP VPN, and FIPS 140-2. According to professor Patrick Traynor at the Georgia Institute of Technology, who was involved in research for KNOX, users should be encouraged to take advantage of those mechanisms to avoid this and other common security issues.

5 Comments
  • Options
    Close




posted on 10 Jan 2014, 07:24 4

1. blinkdagger (Posts: 81; Member since: 04 May 2012)


Dear sammy,

Built another series lineup (galaxy enterprise??). Put your knox in there. Leave us alone! We don't want knox!

posted on 10 Jan 2014, 11:34

4. xfire99 (Posts: 412; Member since: 14 Mar 2012)


KNOX is nice to use. Peoples dislike KNOX, cause it will VOID warranty if it got triggered when ROOTING the device. But not all Samsung center do refuse to repair if KNOX got triggered and its different from each Samsung Center to decide to repair or not.
Samsung technicians do care more about custom flash counts then KNOX triggering. Custom flash "ROMs" can damage the phone and KNOX triggering wont do any damage to the phone.

posted on 10 Jan 2014, 07:28

2. kamen (Posts: 82; Member since: 18 Jul 2011)


I remember one company - SnapChat - saying something similar to Samsung's statement ("Meh, that's nothing") and then having a massive leak of phones and names :) Then apologizing:http://www.usatoday.com/story/tech/2014/01/09/snapchat-updates-app-apologizes/4391843/

posted on 10 Jan 2014, 08:58

3. clarkjeferson (Posts: 49; Member since: 22 Dec 2013)


I got snapchat.

posted on 10 Jan 2014, 23:41 1

5. Awalker (Posts: 175; Member since: 15 Aug 2013)


Samsung is saying this is a vulnerability inherent to Android and that they've taken steps to lower the risk of an attack with Knox. In other words with or without Knox the security gap would still be there.

Want to comment? Please login or register.

Latest stories