Samsung Knox Mobile Security Platform Flaw Discovered
The Knox architecture features a regular phone environment as well as a secure container that is supposed to add security protection to the phone.A critical flaw in Samsung’s much publicized Knox smartphone security platform could enable easy interception of data communications between the secure container and the external world, including file transfers, emails and browser activity, according to the findings of security researchers at Ben-Gurion University’s Cyber Security Labs in Israel. The Knox architecture features a regular phone environment as well as a secure container that is supposed to add security protection to the phone. All data and communications that take place within the secure container are protected and even if a malicious application should attack the non-secure part all the protected data should be inaccessible under all circumstances. However, a critical vulnerability, uncovered by Ph.D. student Mordechai Guri during an unrelated research task, allows a user to bypass all Knox security measures by installing an "innocent" app on the regular phone (in the non-secure container), whereby all communications from the phone can be captured and exposed. "To us, Knox symbolizes state-of-the-art in terms of secure mobile architectures and I was surprised to find that such a big ’hole‘ exists and was left untouched,” Guri said in a statement. "The Knox has been widely adopted by many organizations and government agencies and this weakness has to be addressed immediately before it falls into the wrong hands. "We are also contacting Samsung in order to provide them with the full technical details of the breach so it can be fixed immediately."
Accessible through an icon on the home screen, the Knox container presents to users a variety of enterprise applications (including email, browser, contacts, calendars, file-sharing, collaboration, CRM and business intelligence apps) in a secure environment.