Skip to content

Samsung Knox on Galaxy S4 has ‘security gap,’ according to researchers

2013 December 28

Samsung Knox, the security platform on devices such as the Samsung Galaxy S4 and the Samsung Galaxy Note 3, has a serious “security gap,” according to researchers.samsung-knox

According to the Wall Street Journal, “The security platform for Samsung Electronics Co.’s best-selling Galaxy S4 smartphone suffers from a vulnerability that could allow malicious software to track emails and record data communications, according to cybersecurity researchers at Israel’s Ben-Gurion University of the Negev.

“The alleged security gap, which the researchers say they discovered earlier this month, comes as Samsung pitches the new security platform called Knox to potential clients at the U.S. Department of Defense and other government and corporate entities, in a bid to compete with BlackBerry Ltd., whose devices have been considered the gold standard among security-conscious clients for years.

“Samsung said it was looking into the allegations, but said that an initial investigation showed the problem wasn’t as serious as the Israeli researchers have maintained.

“The researcher who discovered the alleged problem at Ben-Gurion University’s Cyber Security Lab, Mordechai Guri, said the vulnerability would allow a hacker to “easily intercept” secure data of a user of a Knox-enabled Galaxy smartphone.

“In a worst-case scenario, he added, a hacker could modify data and even insert hostile code that could run amok within the secured network.”

Dudu Mimran, the lab’s chief technical officer, said in a statement, “The new unveiled vulnerability presents a serious threat to all users of phones based on this architecture, such as users” of the Samsung Galaxy S4.”

WSJ added, “A spokesman for Samsung said the company “takes all security vulnerability claims very seriously” and promised to further investigate the university lab’s claims.

“However, a preliminary investigation by Samsung showed that “the threat appears to be equivalent to some well-known attacks,” the spokesman said.

“The spokesman added that the university lab’s breach of the system appeared to have been conducted on a device that wasn’t fully loaded with the extra software that a corporate client would use in conjunction with Knox.

The spokesman said, “Rest assured, the core Knox architecture cannot be compromised or infiltrated by such malware.”

If this worries you, you can simply turn the feature off.

No comments yet

Leave a Reply

Note: You can use basic XHTML in your comments. Your email address will never be published.

Subscribe to this comment feed via RSS

This website is in no way associated with Samsung Mobile and all trademarks are the property of their respective owners.