A developer has looked Samsung Knox’ software after at the seams, and he is not happy with his finds.
There have been large roses to Samsung Know that has gotten approvals by the U.S. Defense Department and the NSA. A developer has looked closely at Knox, and he believes that it is all too easy to break the Knox’ lock.
Knox works by having a locked portion of the phone, as, for example, can be used for business purposes. The portion is protected by, among other things, a pin-code, and it is precisely pin-code, which is too easy to find.
The developer believes to have found a place on his Samsung Galaxy S4, where Samsung Knox is installed from the factory, where the phone saves the code. There is no name on the developer who has found this.
Stored in the masses
A major point of criticism for the developer is that Samsung does not appear to have done anything to encrypt the pin code. The developer think that Samsung just has hoped that the code is missing for the masses.
Despite the fact that it requires root access to your phone, so is it a bad sign that the pin is stored on the phone. That it is in unencrypted text is another thing, just do it even worse, according to the developer.
He recommends using Android’s own encryption on all your phone instead of Samsung Knox.
Since the revelations of this developer has Samsung answer to doubts about Knox’s security. Koreans reject not surprising that safety in Knox is bad.
“Unlike what’s being suggested in the blog, so is very limited access to the key. It is only approved processes, which can download it, and Knox will shut down, if the system becomes compromised, “writes Samsung.
Throughout the examination of Knox can be found here.