Security Flaw Discovered In Samsung's KNOX For Galaxy S 4 Devices
December 25, 2013

Samsung KNOX Security System Vulnerable To Hacking

Peter Suciu for - Your Universe Online

When people talk about security, Fort Knox - where the nation’s gold reserve is stored - is brought to mind. The Kentucky military base sets the bar high in terms of security, but Samsung’s KNOX security system for its Galaxy S4 is another story altogether.

Samsung introduced KNOX as a secure BYOD (Bring Your Own Device) platform at the Mobile World Congress (MWC) trade show in Barcelona Spain in February. KNOX was designed to align with the on-going Samsung for Enterprise (SAFE) solution, which incorporated Security (SE) Android and integrity management services for both the hardware and Android framework.

However, this week researchers reported a flaw might exist that would allow data to be easily intercepted. PhD student Mordechai Gur at Ben-Gurion University of the Negev in Israel discovered the vulnerability while researching an unrelated task.

Gur is a part of a wider research team at the school’s cyber security lab, which focuses on mobile and other cyber related security topics.

“To us, Knox symbolizes state-of-the-art in terms of secure mobile architectures and I was surprised to find that such a big ’hole‘ exists and was left untouched. The Knox has been widely adopted by many organizations and government agencies and this weakness has to be addressed immediately before it falls into the wrong hands,” Gur said in a statement on the university’s website. “We are also contacting Samsung in order to provide them with the full technical details of the breach so it can be fixed immediately.”

This is a notable problem for KNOX, as it is currently undergoing the US Department of Defense (DOD) approval review process. While KNOX features some of the most advanced security-driven infrastructure for mobile phones, this breach could enable easy interception of data communications including file transfers, emails and even browser activity.

“To solve this weakness, Samsung may need to recall their devices or at least publish an over-the-air software fix immediately. The weakness found may require Samsung to re-think a few aspects of their secure architecture in future models” added Dudu Mimran, the Chief Technology Officer of the BGU labs.

A Samsung spokesman told the Wall Street Journal that the company “takes all security vulnerability claims very seriously" and promised to further investigate the university lab's claims.”

The source told the paper the threat did appear to be equivalent to some well-known attacks, but added that the university lab’s breach of the system was conducted on a device that did not have the extra software a corporate client would normally use in conjunction with KNOX.

“Rest assured, the core Knox architecture cannot be compromised or infiltrated by such malware,” the source added.

Nor are hackers the only threat to worry about, another expert offered.

“I still think that your likelihood of a government hacking your phone is significantly higher than a hacker,” Roger Entner, principal analyst at Recon Analytics, told redOrbit. “The number of Samsung KNOX devices simply gets lost in the sea of other devices. If say the Galaxy series would have the same vulnerability, it would be a significant cause of concern as simply a lot of people are affected and hackers have a much easier time finding them. Unless you are running payments over your device or sensitive email, people should be fine.”