Smartphones like the Samsung Galaxy S4 phone are vulnerable to hackers, despite the much-vaunted enterprise software called Knox in them, according to Israeli Ben-Gurion University security researchers. Hackers can get at your email, personal data, and other information you would like to keep private, according to an article in the Wall Street Journal.
Supposedly, the Knox enterprise security software is as secure as Blackberry software. Up until this revelation by the Ben-Gurion University researchers, at least, the U.S. government was contemplating using the Samsung Galaxy phones.
Samsung, while not denying that there’s a potential for their Knox security software to be hacked, are downplaying that possibility. Samsung said to the Wall Street Journal that businesses and others who might use their phones would have other sorts of software at their disposal to prevent any such hacks from occurring. Still, the company is investigating into the issues raised by the researchers.
With the demise of Blackberry, other smartphone companies like Samsung and Apple are trying to fill the market niche for secure and reliable smartphones and other devices. The Samsung Galaxy S4 smartphones were the Korean company’s latest attempt at filling this niche. A few months ago, the Pentagon okayed the use by the Department of Defense of Apple’s iPads and iPhones. Currently, Samsung smartphones and other devices also have this approval.
How does the Knox enterprise security software for the Samsung Galaxy S4 smartphones work?
Samsung’s Knox security software creates what they call a “container.” The container is supposed to by impervious to security violations, like the attempts of hackers to break into it. Samsung’s container runs a different, unique execution environment for data and apps. This is supposed to prevent any apps that are ran outside of the container from accessing the data within it.
However, the Israeli researchers have figured out a way for hackers to get to the data within the container, which is a blow to the idea that having a container that runs a separate execution environment somehow means your data is secure. The “vulnerability” the researchers have discovered can enable hackers to steal saved data, track emails, and listen into phone calls.
Researcher Mordechai Guri, who works at Ben-Gurion University’s Cyber security Lab, was the person to originally discover this security hole. Guri figured out that if hackers used malicious apps they disguised as games or other programs, and are downloaded to the non-secure part of the Galaxy S4 smartphones, the “malware could be activated to record all data communication taking place inside the container.”
In a statement from Samsung, they have said that users of their Galaxy S4 smartphones shouldn’t worry about the possibilities that the Israeli researchers discovered that their smartphones and Knox software are vulnerable to attacks by hackers. Their statement reads that “the core Knox architecture cannot be compromised or infiltrated by such malware.”
Just how secure are your smartphones? Whenever a smartphone such as the Samsung Galaxy S4 or the latest Apple iPhone comes out claiming that their software makes their smartphones secure from hackers, it’s not very long before hackers find a way around the security precautions. It might be that no smartphone can ever be called truly impervious to security breaches, though some come closer than others at attaining the goal.
Written by: Douglas Cobb