Samsung Knox completely insecure and compromised.

Discussion in 'Tech News' started by Tonik, Oct 24, 2014.

  1. Tonik

    Tonik Active Member

    Joined:
    Sep 11, 2011
    Messages:
    672
    Likes Received:
    58
    Trophy Points:
    28
    Ratings:
    +67
    So just two days after getting government approval for some devices to be used on classified networks a researcher has released information on just how insecure and totally compromised Samsung's Knox really is. For starters, the PIN is stored in plain text on the file system of the phone.

    Game over Samsung.

    After gaining U.S. government approval Samsung Knox security for Android found to be completely compromised
     
  2. Tonik

    Tonik Active Member

    Joined:
    Sep 11, 2011
    Messages:
    672
    Likes Received:
    58
    Trophy Points:
    28
    Ratings:
    +67
    Oh my, further into the article we see that they generate the encryption key using hard coded strings and the device ID.

    What he ultimately discovered was that Knox simply uses the device's Android ID, a serial number any app can request from the system, "together with a hardcoded string and mix them for the encryption key. I would have expected from a product, called Knox, a different approach."
     
  3. Jonny Kansas

    Jonny Kansas Administrator
    Staff Member Rescue Squad

    Joined:
    Jan 21, 2010
    Messages:
    16,487
    Likes Received:
    7,064
    Trophy Points:
    1,278
    Location:
    Michigan's Upper Peninsula
    Ratings:
    +8,406
    Current Phone Model:
    Pixel XL
    Twitter:
    jonny_ks
    Well good thing I found it to be cumbersome and useless and decided against trying to get it to do what I wanted to do...
     
  4. cr6

    cr6 Super Moderator
    Staff Member

    Joined:
    Apr 1, 2011
    Messages:
    8,354
    Likes Received:
    5,877
    Trophy Points:
    1,778
    Location:
    NW Rocky Mtn region
    Ratings:
    +6,707
    Current Phone Model:
    Galaxy S7 Edge
    Twitter:
    @dronewolfmedia
    1. Consider the source of said article. Of course this is coming from Samsung's arch rival.
    2. Any OS can be compromised.
    3. You'll find positive & negative articles all over the web regarding the security of any device.... PCMAG

    S5 tap'n
     
    • Like Like x 3
  5. Ollie

    Ollie Droid Does

    Joined:
    Apr 13, 2012
    Messages:
    3,442
    Likes Received:
    2,103
    Trophy Points:
    1,468
    Location:
    South Coast
    Ratings:
    +2,483
    Current Phone Model:
    Note Edge - iPhone 6 Plus
    So what the researcher is saying (and this shill of an article fails to point out) is that to compromise Knox you first have to bypass a fingerprint scan, then bypass a pin code, then bypass a password to then attempt to access encrypted system files. Got it.


    IsixedThat
     
    • Like Like x 4
  6. Jonny Kansas

    Jonny Kansas Administrator
    Staff Member Rescue Squad

    Joined:
    Jan 21, 2010
    Messages:
    16,487
    Likes Received:
    7,064
    Trophy Points:
    1,278
    Location:
    Michigan's Upper Peninsula
    Ratings:
    +8,406
    Current Phone Model:
    Pixel XL
    Twitter:
    jonny_ks
    Piece of cake!

    Sent from my Note 4
     
  7. Tonik

    Tonik Active Member

    Joined:
    Sep 11, 2011
    Messages:
    672
    Likes Received:
    58
    Trophy Points:
    28
    Ratings:
    +67
    No, that isn't what it is saying at all.
     
  8. Ollie

    Ollie Droid Does

    Joined:
    Apr 13, 2012
    Messages:
    3,442
    Likes Received:
    2,103
    Trophy Points:
    1,468
    Location:
    South Coast
    Ratings:
    +2,483
    Current Phone Model:
    Note Edge - iPhone 6 Plus
    So how do you access the plain text files that are wrapped in a security blanket of the items I mentioned above?


    IsixedThat
     
  9. Tonik

    Tonik Active Member

    Joined:
    Sep 11, 2011
    Messages:
    672
    Likes Received:
    58
    Trophy Points:
    28
    Ratings:
    +67
    Not sure why are so focused on physical access. It will happen via a malicious app using the file encryption key that can be reversed very easily since it is now well known. IT Security is what I do man, this is game over for Knox until they fix it.
     
    #9 Tonik, Oct 25, 2014
    Last edited: Oct 25, 2014
  10. Ollie

    Ollie Droid Does

    Joined:
    Apr 13, 2012
    Messages:
    3,442
    Likes Received:
    2,103
    Trophy Points:
    1,468
    Location:
    South Coast
    Ratings:
    +2,483
    Current Phone Model:
    Note Edge - iPhone 6 Plus
    I'm not questioning your knowledge of security, I am genuinely interested as to how it would work.

    Aren't Knox installed apps sandboxed? How will it leave the sandbox to get to the files?
     
Search tags for this page

knox compromised

,

knox efuse

,

knox find malware android forum

,

knox insecure

,

knox phone insecure

,

ks samsung knox useful

,

samsung knox compromised

,

samsung knox forum

,

samsung knox insecure

,

samsung knox plain text