Results 1 to 3 of 3

Thread: Galaxy S4 Secrity Breach

  1. #1
    Senior Member
    Join Date
    Jun 2013
    Posts
    197

    Galaxy S4 Secrity Breach

    Israeli researchers say they’ve discovered a serious vulnerability in the enterprise software of Samsung’s best-selling Galaxy S4 smartphone that could enable hackers to intercept emails and other data.
    The alleged flaw in the Galaxy S4’s high-level security software, known as Knox, was uncovered earlier this month by Mordechai Guri, a Ph.D. student at Ben-Gurion University. Guri is part of a wider research team at the university’s Cyber Security Labs.
    “To us, Knox symbolizes state-of-the-art in terms of secure mobile architectures and I was surprised to find that such a big ‘hole’ exists and was left untouched,” Guri said Tuesday in a news release issued by the university.
    “The Knox has been widely adopted by many organizations and government agencies and this weakness has to be addressed immediately before it falls into the wrong hands,” he said. “We are also contacting Samsung in order to provide them with the full technical details of the breach so it can be fixed immediately.”
    The researchers said hackers could theoreticallytake advantage of the flaw by installing an “innocent” app oh the phone that could easily intercept data communications, including file transfers, emails and browser activity.
    A Samsung spokesman told The Wall Street Journal, which first reported on the vulnerability, that Samsung is investigating the Israeli team’s claims. The reported breach was found on a device that didn’t have all the extra software that a corporate client would usually use in conjunction with Knox, the spokesman told the Journal.
    The Knox security software is an added level of protection for select Android devices that Samsung markets to corporate and government clients. It allows users to switch between work and personal use by simply pressing an icon on the handset.
    Knox was first released on Samsung's Galaxy Note 3. It doesn't come preloaded on the S4 though users can download the system, according to media reports.
    The Israeili team's finding comes as the U.S. government is reportedly weighing whether to swap its fleet of BlackBerry smartphones for devices like Samsung’s Galaxy phones or Apple’s iPhones and iPads.
    The Galaxy S4 has earned rave reviews from critics since its debut in March and Samsung has sold more than 40 million units.

  2. #2
    Senior Member
    Join Date
    Apr 2013
    Posts
    682
    Quote Originally Posted by DrFeelgood View Post
    The researchers said hackers could theoreticallytake advantage of the flaw by installing an “innocent” app oh the phone that could easily intercept data communications, including file transfers, emails and browser activity.
    Any secure organisation not using application white listing deserves to be hacked.

    Anyone using application white listing hasn't got a problem.

    With MDM platforms (Mobile Device Management) Android is a hell of a lot more secure than IOS as on IOS there is no way to prevent the user to from simply uninstalling the MDM agent and doing what they like.
    This post is known by the state of California to potentially contain more than the maximum daily allowance of awesome.

  3. #3
    Senior Member sundancekid's Avatar
    Join Date
    Apr 2013
    Posts
    6,142
    Would be interested to know your take on the trends in the mobile OSs then. With Windows phones now having almost a 10% market share, and rising in Europe and Asia. And now Nokia remerging again with Lumina??

    Personally, I’m more interested in the programming aspect of things though, and not so sure pure native app development is the way of the future. Seeing good results with wrapping HTML5 code into apps using libraries like Cordova, especially after iOS7. So can now develop for iOS, Android and the Windows phones with one code base.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •