It is quite an embarrassment if a system that is boasted as the security system above all else turns out to be not as secure as advertised. That could just be the case with Samsung‘s KNOX security platform if this latest discovery proves to be accurate.
According to cybersecurity researches at Ben-Gurion University of the Negev in Israel, Samsung KNOX possesses a vulnerability that could easily allow malicious entities to track emails or data that are supposedly being kept safe by the platform. The vulnerability can even allow data to be modified or malicious apps to be installed and run. The test was conducted on a Galaxy S 4, which doesn’t have Samsung KNOX installed out of the box.
This allegation strikes at the very heart of Samsung’s most recent business venture. It is pushing forward KNOX as an attractive end-to-end security solution for BYOD scenarios in workplaces as well as for use in government offices. It is largely seen as an attempt by the Korean manufacturer to grab BlackBerry’s share of that market and portray its mobile devices as being more than just consumer or casual products.
Naturally, Samsung doesn’t agree with the assessment. It downplayed the severity of the situation being portrayed by the researches, claiming that its own investigations revealed that the threat is equivalent to well-known attacks. Furthermore, it insisted that the device used for testing didn’t not have the extra pieces of software that would normally be installed by corporate clients, implying that simply KNOX alone isn’t really a complete security solution. Interestingly, Samsung hasn’t said anything to deny the existence of the vulnerability. It’s just saying that it’s not as bad as it sounds.
VIA: Wall Street Journal
SOURCE: BGU Security Research