Samsung Knox (stylized Samsung KNOX) is an enterprise mobile security solution.
Video Samsung Knox
Service
Samsung Knox provides security features that enable business and personal content to coexist on the same handset. The user presses an icon that switches from Personal to Work use with no delay or reboot wait time. The manufacturer has claimed this feature will be fully compatible with Android and Google and will provide full separation of work and personal data on mobile devices and "addresses all major security gaps in Android."
The Knox service is part of the company's "Samsung for Enterprise" (SAFE) offerings for smartphones and tablets. Samsung Knox's primary competitor is Blackberry Balance, a service that separates personal and work data. The name, Samsung Knox, is derived from Fort Knox.
In October 2014, U.S National Security Agency (NSA) approved Samsung Galaxy devices under a program for quickly deploying commercially available technologies. Approved products include Galaxy S4, Galaxy S5, Galaxy S6, Galaxy S7, Galaxy Note 3, Galaxy Note 10.1 2014.
In June 2014, five Samsung devices were included in the list of approved products for sensitive but unclassified use by the Defense Information Systems Agency (DISA) of the Department of Defense, which certifies commercial technology for defense use.
In June 2017, Samsung discontinued My Knox and urged users to switch to an alternate product, Secure Folder.
Security
In October 2014, a security researcher discovered that Samsung Knox stores PIN in plain-text instead of storing salted and hashed PIN (or better, using PBKDF2) and precessed it by obfuscated code.
In May 2016, Israeli researchers, Uri Kanonov and Avishai Wool, found three key vulnerabilities existing in specific versions of Knox.
e-fuse
Samsung Knox devices use an e-fuse to indicate whether or not an "untrusted" (non-Samsung) boot path has ever been run. The e-fuse will be set if the device is booted with a non-Samsung boot loader, kernel, kernel initialization script or data. Rooting the device and installing a non-Samsung Android release will therefore set the e-fuse. Once the e-fuse is set, a device can no longer create a KNOX Container, or access the data previously stored in an existing KNOX Container. This information may be used by Samsung to deny warranty service, in the United States, to devices that have been modified in this manner. This is the case even though, in the United States, voiding of consumer warranties in this manner may be prohibited by the Magnuson-Moss Warranty Act of 1975, at least in cases where the phone's problem is not directly caused by rooting. For some devices it is possible to clear the e-fuse by flashing a custom firmware.
Maps Samsung Knox
References
External links
- Official website
- Official website in China
Source of the article : Wikipedia