Samsung has replied to the recent criticism surrounding its Knox security service for its smartphones, and mentions that it has verified the cyber-attack problem and has intercepted the data.
Last month, a big vulnerability was discovered in Samsung’s native security service, Knox, by cyber-security researchers in Ben Gurion University in Israel. The glitch was not only suspected to exploit the user’s emails and communication data, but was also said to enable the hackers to inject malicious codes, which could affect the whole device.
The popular Korean tech giant has also mentioned some tips and tricks on how users can avoid compromising important data on their Knox-enabled handsets. The tips will be also sent as a message to the Knox users.
“This research did not identify a flaw or bug in Samsung KNOX or Android; it demonstrated a classic Man in the Middle (MitM) attack, which is possible at any point on the network to see unencrypted application data. The research specifically showed this is also possible via a user-installed program, reaffirming the importance of encrypting application data before sending it to the Internet. Android development practices encourage that this be done by each application using SSL/TLS. Where that’s not possible (for example, to support standards-based unencrypted protocols, such as HTTP), Android provides built-in VPN and support for third-party VPN solutions to protect data. Use of either of those standard security technologies would have prevented an attack based on a user-installed local application,” stated the firm’s official description of the problem.
Samsung also gave a detailed description of the procedures to be followed to further protect Knox-enabled devices from MitM attacks. KNOX offers additional protections against MitM attacks, namely, Mobile Device Management (MDM), per-app VPN, and FIPS 140-2.