Samsung Knox, a software platform for Android phones with a focus on enterprise data security, may have a security hole. Researchers at Ben-Gurion University of the Negev (BGU) have reportedly discovered a vulnerability that allows malware to intercept emails, data transfers, and browser activity on Samsung's GS4 smartphones.
The Knox software includes platform security, application security, and mobile device management (MDM) and is designed with built-in barriers, called containers, to keep the work applications and data separate and secure from those installed for regular personal use.
While the user is in the secure container, the Knox software manages the enterprise applications and data and has its own home screen, widgets, launcher, and applications. Anything that occurs in the secure container is expected to be protected from malicious applications.
It was in the unprotected environment where the BGU Cyber Security Labs discovered the possible flaw. "The Knox architecture features a regular phone environment as well as a secure container that is supposed to add security protection to the phone. All data and communications that take place within the secure container are protected and even if a malicious application should attack the non-secure part, all the protected data should be inaccessible under all circumstances," the researchers state in their report. "However, the newly found breach can be used to bypass all Knox security measures. By simply installing an 'innocent' app on the regular phone (in the non-secure container), all communications from the phone can be captured and exposed."
The discovery of the possible security flaw was credited to Mordechai Guri, a PhD student who worked as part of the research team at the Cyber Security Labs and reportedly discovered the flaw while performing unrelated research.
According to a Wall Street Journal report,made earlier in the week, response from a Samsung spokesperson noted that BGU's test and breach discovery appeared to be performed on a phone that was not fully loaded with software that a corporate client would include with the Knox installation. However, Samsung did indicate they would look into the claim.
BGU's Cyber Security Labs have experience in this area and have been conducting security research on mobile phones for about seven years.
Samsung Knox's documentation states that the Samsung Knox solution is US DoD and Government ready and incorporates key technologies patented by the NSA. Samsung has been working on making inroads into the government market that has been dominated by Research in Motion and the Blackberry in large part due to its strong security.
If Samsung wants to continue to move into the government market, it will be verifying BGU's work and plugging any gaps in its Knox platform security quickly.
[ Get IT news updates right in your inbox -- Sign up for Tom's IT Pro's Weekly Newsletter ]
ABOUT THE AUTHOR
Bill Oliver has been working in Healthcare for the past 30+ years in a variety of management roles including Material Management, Purchasing, Nurse Registry, and IT. In the past 12 years his focus has been on the business end of IT Contracts, Software Licensing and Purchasing.