Last month a report from Ben-Gurion University in Israel identified what it described as “a critical vulnerability” in Samsung devices that used the Samsung Knox security system.
The issue, which the university said “could be used to bypass all Knox security measures”, was raised by a PhD student.
However, Samsung has now issued a statement that states “this research did not identify a flaw or bug in Samsung Knox or Android”. Instead, the apparent security breach is described as “a classic Man in the Middle (MitM) attack”, which involves an attacker intercepting data traffic between the sender and the recipient.
Although the university did manage to intercept unencrypted network connections to and from applications on the mobile device, this is a wider Android issue rather than specifically related to Samsung. In fact, Samsung quotes Professor Patrick Traynor of Georgia Institute of Technology as saying “Proper configuration of mechanisms available within Knox appears to be able to address the previously published issue.”
[Samsung Knox blog]