Samsung Knox completely insecure and compromised.

Tonik · Oct 24, 2014

So just two days after getting government approval for some devices to be used on classified networks a researcher has released information on just how insecure and totally compromised Samsung's Knox really is. For starters, the PIN is stored in plain text on the file system of the phone.

Game over Samsung.

After gaining U.S. government approval Samsung Knox security for Android found to be completely compromised

Tonik · Oct 24, 2014

Oh my, further into the article we see that they generate the encryption key using hard coded strings and the device ID.

What he ultimately discovered was that Knox simply uses the device's Android ID, a serial number any app can request from the system, "together with a hardcoded string and mix them for the encryption key. I would have expected from a product, called Knox, a different approach."

Jonny Kansas · Oct 24, 2014

Well good thing I found it to be cumbersome and useless and decided against trying to get it to do what I wanted to do...

cr6 · Oct 24, 2014

1. Consider the source of said article. Of course this is coming from Samsung's arch rival.
2. Any OS can be compromised.
3. You'll find positive & negative articles all over the web regarding the security of any device.... PCMAG

S5 tap'n

Ollie · Oct 24, 2014

So what the researcher is saying (and this shill of an article fails to point out) is that to compromise Knox you first have to bypass a fingerprint scan, then bypass a pin code, then bypass a password to then attempt to access encrypted system files. Got it.

IsixedThat

Jonny Kansas · Oct 24, 2014

Ollie said:
So what the researcher is saying (and this shill of an article fails to point out) is that to compromise Knox you first have to bypass a fingerprint scan, then bypass a pin code, then bypass a password to then attempt to access encrypted system files. Got it.

IsixedThat

Piece of cake!

Sent from my Note 4

Tonik · Oct 25, 2014

Ollie said:
So what the researcher is saying (and this shill of an article fails to point out) is that to compromise Knox you first have to bypass a fingerprint scan, then bypass a pin code, then bypass a password to then attempt to access encrypted system files. Got it.

IsixedThat

No, that isn't what it is saying at all.

Ollie · Oct 25, 2014

So how do you access the plain text files that are wrapped in a security blanket of the items I mentioned above?

IsixedThat

Tonik · Oct 25, 2014

Ollie said:
So how do you access the plain text files that are wrapped in a security blanket of the items I mentioned above?

IsixedThat

Not sure why are so focused on physical access. It will happen via a malicious app using the file encryption key that can be reversed very easily since it is now well known. IT Security is what I do man, this is game over for Knox until they fix it.

Ollie · Oct 26, 2014

I'm not questioning your knowledge of security, I am genuinely interested as to how it would work.

Aren't Knox installed apps sandboxed? How will it leave the sandbox to get to the files?

Samsung Knox completely insecure and compromised.

Tonik

Active Member

Tonik

Active Member

Jonny Kansas

Administrator

cr6

Super Moderator

Ollie

Droid Does

Jonny Kansas

Administrator

Tonik

Active Member

Ollie

Droid Does

Tonik

Active Member

Ollie

Droid Does

Most reactions - Past 7 days

Similar threads