Saturday, November 01, 2014
Search
  
Submit your own News for
inclusion in our Site.
Click here...
Breaking News
Amazon's Workforce Is Mainly Male, White
HP Smartwatch Looks Classic, Coming Next Week
North Korea Blocks Foreigners' Access To Facebook, Twitter
Pirate Bay Co-founder Sentenced To 42 Months Imprisonment
SEL Showcases 1058ppi And Foldable OLED Displays
New Outlook for Mac Available Now, Office for Mac Coming In 2015
Updated BBM Offers More Privacy, Control and More
Panasonic Raises Profit Outlook
Active Discussions
DVD/DL for Optiarc 7191S at 8X
Copied dvd's say blank in computer only
Made video, won't play back easily
New Features In Firefox 33
updated tests for dvd and cd burners
How to generate lots of different CDs quickly
Yamaha CRW-F1UX
help questions structure DVDR
 Home > News > Mobiles > Samsung...
Last 7 Days News : SU MO TU WE TH FR SA All News

Monday, January 13, 2014
Samsung Denies Vulnerability In KNOX


Samsung has denied a reported vulnerability on a Samsung Galaxy S4 device with the KNOX security platform.

Last month, security researchers at Ben-Gurion University Cyber Security Labs said that they had identified a critical vulnerability in highly secure Samsung mobile devices which are based on the Knox architecture. The breach, researchers believe, enables easy interception of data communications between the secure container and the external world including file transfers, emails and browser activity.

Samsung said that after collaborating with Google and having discussed the research with the original researchers, the company has verified that "the exploit uses legitimate Android network functions in an unintended way to intercept unencrypted network connections from/to applications on the mobile device." Samsung said the research did not identify a flaw or bug in Samsung KNOX or Android; "it demonstrated a classic Man in the Middle (MitM) attack, which is possible at any point on the network to see unencrypted application data."

Samsung and Google said that such attacks can be prevented if apps are built to support Secure Sockets Layer (SSL) encryption. In additio, such issues can be addressed through the proper configuration of mechanisms available in Knox.

The configuration settings Samsung said would prevent the attack from working include Knox?s mobile device management feature, which can lock down security-sensitive device settings; and "per-app VPN", which forces traffic from a designated app through a VPN tunnel. KNOX implements a FIPS 140-2 Level 1 certified VPN client, a NIST standard for data-in-transit protection along with NSA suite B cryptography.




Previous
Next
Acer CEO Blames Ultrabook Strategy For Company's Weak Results        All News        Samsung Display Showcased Foldable Display Prototype At CES
Sony Introduces The Xperia E1 And The Xperia T2 Ultra Smartphones     Mobiles News      Competition Among U.S. Mobile Carriers Escalates

Get RSS feed Easy Print E-Mail this Message

Related News
Samsung Introduces New Ultra Slim Galaxy A5 and Galaxy A3 Smartphones For The Chinese Market
Ubisoft's Assassin's Creed Unity Included with Purchase of Samsung UD590 Monitor or 850 PRO Series SSD
Samsung Reports Decreased Operating Profit For Third-quarter
Samsung Galaxy Note Edge Released in Korea
New Samsung Galaxy S5 'Plus' Released With Faster Processor
SK Telecom and Samsung Join Hands to Lead 5G Network Technology
New 64-bit Exynos 7 Octa Processor Supports Iris Recognition
Samsung Claims 5G Speed Record
Facebook And Samsung Executives Discuss Mobile, Content Collaborations
Samsung SDI and LG Chem Showcase Advanced Batteries
Samsung Gevelops 5 Times Faster WiFi technology
Samsung Starts Mass Production of First 3-bit 3D V-NAND

Most Popular News
 
Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2014 - All rights reserved -
Privacy policy - Contact Us .