Not-So-Hard Knox: Hole Found in Samsung Security Software

13

Reddit

Print

The Samsung Knox login screen on a Galaxy S4 smartphone. Credit: Laptop Magazine
An Israeli graduate student has uncovered a serious flaw in Samsung's Android-hardening Knox security software, but neither he nor the South Korean electronics giant is saying exactly what the flaw is.
"This weakness has to be addressed immediately before it falls into the wrong hands," said Mordechai Guri, the Ph.D. candidate at Ben-Gurion University of the Negev in Beersheba in southern Israel who found the flaw, in a university press release issued Tuesday (Dec. 24). "We are also contacting Samsung in order to provide them with the full technical details of the breach so it can be fixed immediately."
A Samsung spokesman told The Wall Street Journal, which reported Guri's findings Monday (Dec. 23), that the company was aware of the flaw — and that it wouldn't affect a device that had the full corporate Knox software environment.

"The core Knox architecture cannot be compromised or infiltrated by such malware," the Samsung spokesman told the Journal.