Israeli Researchers Discover Mobile Cyber Vulnerability
This post is also available in: 
עברית (Hebrew)
Security researchers at Ben Gurion University of the Negev’s (BGU) Cyber Security Labs have identified a critical cyber vulnerability in highly secure Samsung mobile devices which are based on the Knox architecture. Samsung Knox, which is currently undergoing the U.S. Department of Defense approval review process, features the most advanced security-driven infrastructure for mobile phones.
The breach, researchers believe, enables easy interception of data communications between the secure container and the external world, including file transfers, emails and browser activity. A BGU release reports that the vulnerability was uncovered by Ph.D. student Mordechai Guri during an unrelated research task.
Guri is part of a wider research team at the cyber security labs which focuses on mobile and other cyber related research topics. “To us, Knox symbolizes state-of-the-art in terms of secure mobile architectures and I was surprised to find that such a big ’hole‘ exists and was left untouched. The Knox has been widely adopted by many organizations and government agencies and this weakness has to be addressed immediately before it falls into the wrong hands,” he said. “We are also contacting Samsung in order to provide them with the full technical details of the breach so it can be fixed immediately.”
iHLS – Israel Homeland Security
The vulnerability was first reported by the Wall Street Journal late Monday evening.
The Knox architecture features a regular phone environment as well as a secure container that is supposed to add security protection to the phone. All data and communications that take place within the secure container are protected and even if a malicious application should attack the non-secure part all the protected data should be inaccessible under all circumstances. The newly found breach, however, can be used to bypass all Knox security measures. By simply installing an “innocent” app on the regular phone (in the non-secure container) all communications from the phone can be captured and exposed.
The Samsung Knox is based on TrustZone’s mobile virtualization platform which serves as the underlying infrastructure for the available protective measures. “To solve this weakness, Samsung may need to recall their devices or at least publish an over the air software fix immediately. The weakness found may require Samsung to re-think a few aspects of their secure architecture in future models” said Dudu Mimran, the Chief Technology Officer of the BGU labs.
Source: HLS News Wire
