ID: IRCNE2013122053
Date: 2013-12-25
According to "cnet", researchers have identified a vulnerability in the smartphone that allegedly allows a hacker to easily intercept secure data.
CNET did not immediately hear back from Samsung with a response to the reported flaw, but the company has told The Wall Street Journal and other news outlets that it's looking into the issues and thus far doesn't believe the problem is as serious as the researchers present in their findings.
The report comes not only as many Galaxy S4 phones sit wrapped up under a Christmas tree, but also as Samsung pitches its new Knox security platform, used in the device, to federal agencies like the Department of Defense.
The Knox software offers high-level encryption, a VPN feature, and a way to separate personal data from work data. It also enables IT administrators to manage a mobile device through specific policies and Samsung hopes it will appeal to security-sensitive clients as a replacement for BlackBerry devices.
The alleged vulnerability was discovered earlier this month by researchers at Ben-Gurion University's Cyber Security Labs. Specifically, they say while the Knox is the most advanced security-driven infrastructure for mobile phones, the alleged flaw enables malicious software to track e-mails and record data communications. The flaw was uncovered by Ph. D. student Mordechai Guri during an unrelated research task.
"Knox has been widely adopted by many organizations and government agencies and this weakness has to be addressed immediately before it falls into the wrong hands," he said. "We are also contacting Samsung in order to provide them with the full technical details of the breach so it can be fixed immediately."
- 2