Samsung Pins Knox Vulnerability on Android’s Shoulders

Last month, we reported that Samsung’s new Knox security system on the Samsung Galaxy S4 had fallen prey to a vulnerability first discovered by a Ph.D student at Ben Gurion University of the Negev in Israel. Built off TrustZone technology, Knox relies on a virtualization style of security which is supposed to protect a user’s data even if the first system is corrupted by malicious code sent over the cellular network.

However, researchers were able to show that an app that installed on the internal system could still capture screenshots, log text, and send it all back to a central server much like common malware does on unprotected Android devices. It’s obvious that with potentially massive production contracts with the Department of Defense and the Pentagon on the line, Samsung is doing everything possible to ensure the Knox platform is the single most secure mass-produced device built in the history of modern smartphones.

What makes this interesting is it seems even separate branches of government don’t trust each other anymore, and many suspect this move toward more secure devices is a direct response to the Snowden revelations last June. Considering the “mysterious” conditions behind the emails that led to former CIA Chief David Petraeus’ removal from the head of the agency, it’s no wonder why top generals and political officials on the hill might be interested in keeping their private lives protected by the brick wall that is the Knox FIPS 140-2 encryption standard.

Google wasn’t shy about the fact that it was their software causing the issue, absolving Samsung of any responsibility in the matter.

“Samsung has verified that the exploit uses legitimate Android network functions in an unintended way to intercept unencrypted network connections from/to applications on the mobile device.”

The company has suggested that anyone currently using the Knox system should double up their security through 3rd-party apps and VPN providers, such as those offered PureVPN, IPVanish VPN, and VyprVPN.