Sunday, January 25, 2015
Search
  
Submit your own News for
inclusion in our Site.
Click here...
Breaking News
NVIDIA Comments On GeForce GTX 970 Memory Allocation Reports
Google Comments On Lack Of Security Patches On Older Android Phones
Sony is Offering Old Games To Settle The 2011 PlayStation Network Breach
Sony Postpones Earnings Announcement
January Windows 10 Build Released Through The Windows Insider Program
Flexible Computers Are Stil Away From Reality
China Denies Microsoft Outlook Hacking Allegations
A Look at Microsoft's New Spartan Browser
Active Discussions
HELP!!!
full screen wide screen
UDF errors
Hi
The Simplest Way to Download KODAK HERO 7.1 Driver
About the restriction problem of chapter quantity in DVD
Booktype utilities for LiteON and OEM DVD Recorders
downgrade a nero vision 5 project to nero vision 2
 Home > News > Mobiles > Samsung...
Last 7 Days News : SU MO TU WE TH FR SA All News

Monday, January 13, 2014
Samsung Denies Vulnerability In KNOX


Samsung has denied a reported vulnerability on a Samsung Galaxy S4 device with the KNOX security platform.

Last month, security researchers at Ben-Gurion University Cyber Security Labs said that they had identified a critical vulnerability in highly secure Samsung mobile devices which are based on the Knox architecture. The breach, researchers believe, enables easy interception of data communications between the secure container and the external world including file transfers, emails and browser activity.

Samsung said that after collaborating with Google and having discussed the research with the original researchers, the company has verified that "the exploit uses legitimate Android network functions in an unintended way to intercept unencrypted network connections from/to applications on the mobile device." Samsung said the research did not identify a flaw or bug in Samsung KNOX or Android; "it demonstrated a classic Man in the Middle (MitM) attack, which is possible at any point on the network to see unencrypted application data."

Samsung and Google said that such attacks can be prevented if apps are built to support Secure Sockets Layer (SSL) encryption. In additio, such issues can be addressed through the proper configuration of mechanisms available in Knox.

The configuration settings Samsung said would prevent the attack from working include Knox?s mobile device management feature, which can lock down security-sensitive device settings; and "per-app VPN", which forces traffic from a designated app through a VPN tunnel. KNOX implements a FIPS 140-2 Level 1 certified VPN client, a NIST standard for data-in-transit protection along with NSA suite B cryptography.




Previous
Next
Acer CEO Blames Ultrabook Strategy For Company's Weak Results        All News        Samsung Display Showcased Foldable Display Prototype At CES
Sony Introduces The Xperia E1 And The Xperia T2 Ultra Smartphones     Mobiles News      Competition Among U.S. Mobile Carriers Escalates

Get RSS feed Easy Print E-Mail this Message

Related News
Samsung Engineers Develop Wearable Sensor for Stroke Detection
Samsung and Apple Together Consumed 17 Percent of Total Semiconductor Demand in 2014
Samsung Drops Qualcomm 810 Processors in next Galaxy S Due To Overheating: report
Samsung Led The Smartphone Market in 2014, TrendForce Reports
Galaxy S6 Expected to Have Displays On Both Edges
Samsung Starts Mass Production Of 8-Gigabit Graphics DRAM
Samsung, Blackberry Deny Deal Report
Samsung Made A Bid For BlackBerry: report
Samsung Finally Releases Budget Tizen Z1 Smartphone In India
Samsung Galaxy S6 To Have Simplified TouchWiz User Interface
Samsung Galaxy A7 Offers A Larger Display, More Powerful Performance
Samsung May Release Windows Phones

Most Popular News
 
Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2015 - All rights reserved -
Privacy policy - Contact Us .