Security flaws identified in Samsung Galaxy S4

ben gurion university

ben gurion university

Researchers at the Ben-Gurion University of the Negev in Israel say they’ve discovered a major security flaw in the enterprise software of Samsung’s best-selling Galaxy S4 smartphone that could enable hackers to intercept emails and record data communications. The Galaxy S4, introduced earlier in 2013 is one of Samsung’s latest Android-running smartphones.

According to the university, the alleged flaw was inadvertently spotted by Ph.D. student Mordechai Guri while doing other testing on the Galaxy S 4. He discovered the vulnerability which allows an attacker to load a compromised application onto the personal part of the Android smartphone, all of the data transferred by the handset including the data believed to be secure could be intercepted by the attackers including messages, browser use, and files transferred. Multiple handsets were tested and found to be similarly vulnerable.

“To us, Knox symbolizes state-of-the-art in terms of secure mobile architectures and I was surprised to find that such a big ‘hole’ exists and was left untouched,” Guri said Tuesday in a news release issued by the university.

“The Knox has been widely adopted by many organizations and government agencies and this weakness has to be addressed immediately before it falls into the wrong hands,” he said. “We are also contacting Samsung in order to provide them with the full technical details of the breach so it can be fixed immediately.”

Alternatively, the app which could be cloaked as a game or other simple application could even fraudulently inject its own code into the secure data transfer, researchers claim, though the spokesperson for the company claims that the issue is not as serious as researchers have made it out to be, calling the supposed flaw “equivalent to some well-known attacks.”

The Knox software provides high-level encryption, a VPN feature, and a way to segregate personal data from work data. It also empowers IT administrators to manage a mobile device through specific policies. This could be a problem for KNOX, as it is presently undergoing the U.S. Department of Defense (DOD) approval review process.

Around 500 Galaxy S 4 handsets have been purchased by the Defense Information Systems Agency and are undergoing testing, in cooperation with the NSA, to determine their potential safety for use on Pentagon systems. However, a US Department of Defense spokesperson said in response to the reported security flaw, none of the handsets had been deployed, and the phone was still not recommended for Pentagon use.

KNOX is free to download, but corporate users pay a licensing fee. The security system also comes preloaded onto Galaxy Note 3 phones. In October, six months after it was introduced, Samsung announced that it had sold 40 million Galaxy S4 handsets.

Samsung is aware of the flaw and has already patched some holes in the KNOX system, and the company has already begun preliminary investigations to look into the claims made by the Israeli university.

Richard Meryn
Richard Meryn, Associate Editor Industry Leaders Magazine (www.industryleadersmagazine.com)

Leave a Reply

Your email address will not be published.

Recent Posts

Tesla Shuts San Mateo Office Laying Off 200 Employees

Tesla Shuts San Mateo Office Laying Off 200 Employees

The billionaire entrepreneur had previously commented on reducing the salaried workforce at Tesla. Out of nearly 100,000 Tesla employees worldwide, 42% are based out of the United
18 hours ago
The Mattel Metaverse – Launched by Cryptoys

The Mattel Metaverse – Launched by Cryptoys

In a recent interview, he acknowledged that toys and players are continuously evolving. Keeping this in mind, the company wants to develop its wares both in the physical and digita
24 hours ago
Multiple Fires Force CPSC to Recall Costco Solar Patio Umbrellas

Multiple Fires Force CPSC to Recall Costco Solar Patio Umbrellas

The Costco umbrella recall was jointly issued by the CPSC, Health Canada, SunVilla, and Costco. The CPSC has urged customers to remove the solar panel puck from the top of the umbr
2 days ago
Volvo Zero-emission Truck – Traced by Water Vapor

Volvo Zero-emission Truck – Traced by Water Vapor

In early 2022, Volvo signed the Drive to Zero pledge, reiterating its commitment to provide zero-emission commercial vehicles. Volvo is one of the largest manufacturers of cars, tr
2 days ago
Bill Ackman on Inflation: The Fed Will Hike Interest Rates

Bill Ackman on Inflation: The Fed Will Hike Interest Rates

Last month, the hedge fund manager suggested that only aggressive monetary tightening or a collapse in the economy will do the trick. He stated that the markets will recover if the
4 days ago
Cadillac’s Luxury Electric Vehicle Starts At $300,000

Cadillac’s Luxury Electric Vehicle Starts At $300,000

The Lyriq is the headliner for Cadillac as it is the first of GM’s brands to go all-electric by 2030.The Celestiq will not roll off GM’s usual factories, rather it will be
4 days ago