Notification Center

This is our new notification center. Inside, you will find updates on the most important things happening right now.

Notifications

Hmm, push notifications seem to be disabled in your browser. You can enable them from the 'Settings' icon in the URL bar of your browser.

www.phonearena.com

Samsung explains the "serious vulnerability" in KNOX is actually a common MitM network attack

5
page 1
Last December, researchers at Israel's Ben-Gurion University of the Negev warned of a vulnerability in Samsung's KNOX security system, featured in Galaxy S and Galaxy Note devices. The alleged loophole could let malware track emails and data communications, and in the worst scenario, have a hacker modify data and deploy malicious code within the supposedly secure device.

About three weeks later, Samsung's KNOX team has published an official statement in its blog, regarding the revelation. According to the post, Samsung has collaborated with the Israeli researchers in a further investigation, which hasn't discovered any flaws or bugs in KNOX that could cause this particular vulnerability.

Apparently, the security gap in question is not due to a weakness in KNOX. The alleged “exploit” is actually a common attack which makes illicit use of "legitimate Android network functions" to intercept unencrypted network connections from and to apps on a mobile device. This is also known as the "Man in the Middle (MitM)" approach, which makes it possible to “eavesdrop” on a network and hijack messages sent between its points.

Samsung points out that KNOX is equipped with additional protections against this type of network attack - Mobile Device Management, Per-APP VPN, and FIPS 140-2. According to professor Patrick Traynor at the Georgia Institute of Technology, who was involved in research for KNOX, users should be encouraged to take advantage of those mechanisms to avoid this and other common security issues.

source: SamsungKNOX via SamMobile

New reasons to get excited every week

Get the most important news, reviews and deals in mobile tech delivered straight to your inbox

FCC OKs Cingular\'s purchase of AT&T Wireless