• Latest
  • All
  • How To
Japanese SuperComputer Simulates Brain Activity in 40 minutes

Samsung KNOX Vulnerability Probably Affects Other Android Devices

January 14, 2014
Bitchat

Jack Dorsey Launches Bitchat, a Bluetooth-Only Messaging App

July 10, 2025
YouTube AI slop is getting demonetized

YouTube Declares War on Low-Effort AI Videos via Demonetization

July 10, 2025
Why Can'y You Register a Safaricom SIM Card After 7 PM

Why You Cannot Register a Safaricom SIM Card After 7 PM

July 10, 2025
Former Safaricom Chief Enterprise Business Officer, Cynthia Karuri-Kropac

Frankline Okata Takes Over as Cynthia Karuri-Kropac Exits Safaricom PLC

July 10, 2025
DHgate Tablet Cases deals
AI

OpenAI and Perplexity Launch Browsers to Rival Google Chrome

July 10, 2025
Vivo-Y29-4G

Vivo Y29 Launches in Kenya at KES 23,999

July 10, 2025
galaxy z fold7-galaxy z flip7-samsung

Samsung Unveils Galaxy Z Fold7 and Z Flip7 with Bigger Screens

July 10, 2025
GTA VI

Rockstar May Be Testing 96-Player Servers for GTA 6

July 10, 2025
Former X CEO, Linda Yaccarino

Linda Yaccarino Steps Down as CEO of X After Two Years

July 9, 2025
Apple-WWDC25-iOS-26

iPhone Users Are Not Too Happy With the iOS 26 Liquid Glass Design

July 9, 2025
Official document handover by Bernard Mwonyonyo and Habib Lukaya from Roam.

E-Mobility in Kenya Gets a Lift with New Bike Financing Program

July 9, 2025
Samsung

This Samsung Security Update Could Change How You Use Your Phone

July 9, 2025
Techweez | Tech News, Reviews, Deals, Tips and How To
  • News
  • Entertainment
  • Reviews
  • Features
  • Editorial
No Result
View All Result
Techweez | Tech News, Reviews, Deals, Tips and How To
  • News
  • Entertainment
  • Reviews
  • Features
  • Editorial
No Result
View All Result
Techweez | Tech News, Reviews, Deals, Tips and How To
No Result
View All Result

Samsung KNOX Vulnerability Probably Affects Other Android Devices

Carlos Ageng'o by Carlos Ageng'o
January 14, 2014
in News
Reading Time: 2 mins read
264
1

byod-devices
Recently, researchers from Ben-Gurion University found out that Samsung KNOX as used in Galaxy S4 leaked user data. After considering the report, Samsung restored its customers’ confidence since the discovered security hole was not crucial. The firm went ahead and joined forces with Google to address this. On the KNOX blog, Samsung confirms that the attack uses networking functions on the stock Android source tree allowing for interception of unecrypted data transfer between Android devices.

This can be prevented by app developers through encryption functions provided by Android’s code base.

Android development practices encourage that this be done by each application using SSL/TLS. Where that’s not possible (for example, to support standards-based unencrypted protocols, such as HTTP), Android provides built-in VPN and support for third-party VPN solutions to protect data. Use of either of those standard security technologies would have prevented an attack based on a user-installed local application.

Samsung’s post includes a quote from Professor Patrick Traynor, mobile security expert – “Proper configuration of mechanisms available within KNOX appears to be able to address the previously published issue. Samsung should strongly encourage all of their users to take advantage of those mechanisms to avoid this and other common security issues.”

KNOX provides containers within which different mobile apps can run. This isolates application data passing through the device effectively implementing mandatory access control.

Platform features are summarized by Samsung as follows:

1. Mobile Device Management — MDM is a feature that ensures that a device containing sensitive information is set up correctly according to an enterprise-specified policy and is available in the standard Android platform. KNOX enhances the platform by adding many additional policy settings, including the ability to lock down security-sensitive device settings. With an MDM configured device, when the attack tries to change these settings, the MDM agent running on the device would have blocked them. In that case, the exploit would not have worked.

2. Per-App VPN — The per-app VPN feature of KNOX allows traffic only from a designated and secured application to be sent through the VPN tunnel. This feature can be selectively applied to applications in containers, allowing fine-grained control over the tradeoff between communication overhead and security.

3. FIPS 140-2 — KNOX implements a FIPS 140-2 Level 1 certified VPN client, a NIST standard for data-in-transit protection along with NSA suite B cryptography. The FIPS 140-2 standard applies to all federal agencies that use cryptographically strong security systems to protect sensitive information in computer and telecommunication systems. Many enterprises today deploy this cryptographically strong VPN support to protect against data-in-transit attacks.

Tags: SamsungSamsung Knox
SendShare147Tweet92
Carlos Ageng'o

Carlos Ageng'o

Bringing you news on information systems, business intelligence and IT innovations. Contact me on @aKhadiemik and c [dot] agengo [at] techweez [dot] com

Related Posts

galaxy z fold7-galaxy z flip7-samsung

Samsung Unveils Galaxy Z Fold7 and Z Flip7 with Bigger Screens

July 10, 2025
Samsung

This Samsung Security Update Could Change How You Use Your Phone

July 9, 2025
samsung-tri-fold

Samsung’s First Tri-Fold Smartphone Nears Launch After Certification

July 10, 2025
Samsung Color E-Paper Display

Samsung Launches New Display To Help Businesses Reduce Power Costs

June 9, 2025
iphone 17 air

iPhone 17 Air Leak Reveals Battery Life Concerns Ahead of Launch

May 20, 2025
Apple Event

Apple Becomes First Trillion Dollar Brand in New Global Ranking

May 20, 2025

Latest

Bitchat

Jack Dorsey Launches Bitchat, a Bluetooth-Only Messaging App

July 10, 2025
YouTube AI slop is getting demonetized

YouTube Declares War on Low-Effort AI Videos via Demonetization

July 10, 2025
Why Can'y You Register a Safaricom SIM Card After 7 PM

Why You Cannot Register a Safaricom SIM Card After 7 PM

July 10, 2025
Former Safaricom Chief Enterprise Business Officer, Cynthia Karuri-Kropac

Frankline Okata Takes Over as Cynthia Karuri-Kropac Exits Safaricom PLC

July 10, 2025
AI

OpenAI and Perplexity Launch Browsers to Rival Google Chrome

July 10, 2025
Vivo-Y29-4G

Vivo Y29 Launches in Kenya at KES 23,999

July 10, 2025

Best devices

budget smartwatches 2025

Best Budget Smartwatches To Buy in Kenya 2025

February 13, 2025

Best Infinix Smartphones To Buy in Kenya 2024

February 13, 2025

Best Laptops for Battery Life in 2024

August 21, 2024

Best “Battery Warrior” Smartphones To Buy in 2024

August 22, 2024

Jack Dorsey Launches Bitchat, a Bluetooth-Only Messaging App

July 10, 2025

YouTube Declares War on Low-Effort AI Videos via Demonetization

July 10, 2025

Techweez is a fast growing influential source of technology news, reviews and analysis by leading tech geeks in the industry.

Follow Us

Editorials

Abductions and Arrests! Kenyan Government’s Fear and Hate of X Users Makes No Sense

Actors and Film Crews Are Worried About Veo 3 Taking Their Jobs

Samsung QLED TVs Now Officially Certified for Real Quantum Dot Technology

Trump’s Tariffs Will Be the End of Affordable Tech

5 Ways to Prep Your Tech for Resale

The Weaponization of PDFs: How Cybercriminals Are Exploiting a Trusted Format

More News

Samsung Unveils Galaxy Z Fold7 and Z Flip7 with Bigger Screens

Rockstar May Be Testing 96-Player Servers for GTA 6

Linda Yaccarino Steps Down as CEO of X After Two Years

iPhone Users Are Not Too Happy With the iOS 26 Liquid Glass Design

E-Mobility in Kenya Gets a Lift with New Bike Financing Program

This Samsung Security Update Could Change How You Use Your Phone

  • Terms Of Use
  • Techweez Brand
  • Privacy & Policy
  • Contact Us

© 2024 Techweez - Palahala Media Group may earn a commission when you buy through links on our sites.
A Palahala Media Group Brand. All rights reserved.
.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

Techweez | Tech News, Reviews, Deals, Tips and How To
Crunchy Cookies 🍪 Ahead!

Hey there! Just a heads-up: we're big fans of cookies - both the digital and edible kind! 🍪 We use our cookies and some from third parties to ensure your browsing experience on our site is smooth sailing and secure.

 

But wait, there's more! We also use cookies to gather stats and insights on how you navigate our site. It's like getting a behind-the-scenes peek at your digital adventures!

 

Don't worry, you're in control. You can adjust your cookie settings anytime to suit your preferences. Feeling curious? Dive into our Privacy Policy for all the juicy details. Happy browsing! 🚀

Functional Always active
Listen, this legal stuff is about as exciting as watching paint dry. But it basically says we only use your stuff for what you asked us to do, and nobody else gets to peek!
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
It's those sneaky cookie crumbs websites leave behind to count visitors, like counting ants at a picnic! Totally harmless, just for fun facts. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
Hey there! Just letting you know we use some fancy gizmos to remember your preferences. This way, we can show you ads that are, well, not completely bananas.
Manage options Manage services Manage {vendor_count} vendors Read more about these purposes
Make cookies
{title} {title} {title}
Techweez | Tech News, Reviews, Deals, Tips and How To
Crunchy Cookies 🍪 Ahead!
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
Listen, this legal stuff is about as exciting as watching paint dry. But it basically says we only use your stuff for what you asked us to do, and nobody else gets to peek!
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
It's those sneaky cookie crumbs websites leave behind to count visitors, like counting ants at a picnic! Totally harmless, just for fun facts. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
Hey there! Just letting you know we use some fancy gizmos to remember your preferences. This way, we can show you ads that are, well, not completely bananas.
Manage options Manage services Manage {vendor_count} vendors Read more about these purposes
Make cookies
{title} {title} {title}
No Result
View All Result
  • News
  • Reviews
  • Features
  • Editorial
  • Automotive
  • Entertainment

© 2024 Techweez - Palahala Media Group may earn a commission when you buy through links on our sites.
A Palahala Media Group Brand. All rights reserved.
.