Researchers from Ben-Gurion University’s security lab (BGU) discovered a vulnerability in the Samsung Galaxy S4’s Knox architecture. If exploited, the attacker could capture all communications like email and file activity; leaving no data secure.
The Knox security suite is Samsung’s answer to business security concerns when it comes to Android.
A key component of this security layer is using an application container to separate corporate and personal applications so users could freely use personal apps without worrying about cross-contamination. According to BGU’s discovery this is no longer the case.
The bring-your-own-device (BYOD) debate is a hot topic in the corporate space where many users want to use their own device for work purposes.
This puts businesses in a bit of a spot, where they can save money by having a BYOD policy, however they open themselves up to security loose ends.
No further detail was given about the vulnerability, which is probably best as the bad guys could pounce on the security hole.
Samsung is investigating the issue. If they find the vulnerability to be accurate, I’m sure they’ll release a fix ASAP. Samsung has been very good at releasing patches for security holes in the past, so this should be fixed soon.
We’ll continue to follow this story and share any updates.