Last year Samsung launched a security feature called ‘KNOX’ for high-end enterprise mobile devices. It’s a nice security addition and free with new Samsung handsets such as the Galaxy Note 3 and Samsung Galaxy S4. Samsung Knox is an application that creates a virtual partition (container) within the normal Android operating system that allows a user to run two different Android systems on a same device, so that you can securely separate your personal and professional activities.
KNOX based virtual operating system of your phone requires a password to be accessed and helps you to securely store data that they’re especially concerned about, such as personal pictures and video, in protected containers that would be resistant to hacking attempts on stolen devices. You can switch between Knox mode and personal mode using shortcuts in the app tray and notification tray.
All the data and applications stored in the KNOX container system are completely isolated from the rest of the operating system. No application or process inside the container can interact or communicate with any process outside of it and vice-versa. Other than this, all the files within the KNOX container are encrypted using the Advanced Encryption Standard (AES) cipher algorithm with a 256-bit key.
It also allows the ability to configure and manage a virtual private network for the device on a per-app basis. Samsung’s reply to recently reported KNOX vulnerability: Last month a team of researchers at Israel’s Ben-Gurion University reported a vulnerability in Samsung’s KNOX software, that could allow malicious software to track emails and record data communications or in other words, an attacker can easily intercept the secure data of Knox users. i.e. a classic Man in the Middle (MitM) attack.
Samsung has responded with an official statement defending its new security feature and according to them,
“This research did not identify a flaw or bug in Samsung KNOX or Android”.
MITM attack is possible at any point on the network to see unencrypted application data and this is also applicable to other normal operating systems. It is already known to us that, Interception is possible if an application is not using SSL/TLS encryption to protect incoming or outgoing data. So this is not KNOX’s weakness, rather this is because of the insecure application development.
KNOX provides built-in VPN and support for third-party VPN solutions to protect data. “Use of either of those standard security technologies would have prevented an attack based on a user-installed local application.” Samsung said. Samsung claimed that KNOX currently offers several protective options to encrypt data i.e Mobile Device Management, Per-App VPN, and FIPS 140-2 etc.
More details on these options are available on Samsung’s website. I must say, Even if you are not required for security reasons to use Knox, it could be worth using it anyway in order to keep your personal and work data separate. How to get KNOX for your Android Mobile? KNOX isn’t available as an.
APK or a download from the Play Store, neither it comes pre-installed on Samsung handset. Your device must support its Virtualization technology at the hardware level. To get KNOX, you just need to first update your Samsung device to Android 4.3 and then it will automatically install Samsung Premium Suite, which will add KNOX support.
Source : The Hacker News