Da Lazy Scholar: IMHO shutdown avoided reason

[Armonica_Templar]

Samsung Knox

Samsung Knox
From Wikipedia, the free encyclopedia

[/url][url=https://en.wikipedia.org/wiki/Samsung_Knox#p-search]
Samsung Knox
Developer(s)
Samsung Group
Stable release
2.9 / 28 August 2017; 4 months ago[1]
Development status
Active
Operating system
Android and Tizen
Website
samsungknox.com
Samsung Knox is an enterprise mobile security solution pre-installed in most of Samsung's smartphones, tablets, and wearables.

Contents
  [hide] 

• 1Service
  • 1.1Security
    
  • 1.2e-fuse
    
• 2References
  
• 3External links
  

Service[edit]
Samsung Knox provides security features that enable business and personal content to coexist on the same handset. The user presses an icon that switches from Personal to Work use with no delay or reboot wait time.[2] The manufacturer has claimed this feature will be fully compatible with Android and Google and will provide full separation of work and personal data on mobile devices and "addresses all major security gaps in Android."[3]

The Knox service is part of the company's "Samsung for Enterprise" (SAFE) offerings for smartphones and tablets. Samsung Knox's primary competitor is Blackberry Balance, a service that separates personal and work data. The name, Samsung Knox, is derived from Fort Knox.[4]

In October 2014, U.S National Security Agency (NSA) approved Samsung Galaxy devices under a program for quickly deploying commercially available technologies. Approved products include Galaxy S4, Galaxy S5, Galaxy S6, Galaxy S7, Galaxy Note 3, Galaxy Note 10.1 2014.[5]

In June 2014, five Samsung devices were included in the list of approved products for sensitive but unclassified use by the Defense Information Systems Agency (DISA) of the Department of Defense, which certifies commercial technology for defense use.[6]

In June 2017, Samsung discontinued My Knox and urged users to switch to an alternate product, Secure Folder.[7]
Security[edit]

In October 2014, a security researcher discovered that Samsung Knox stores PIN in plain-text instead of storing salted and hashed PIN (or better, using PBKDF2) and precessed it by obfuscated code.[8]

In May 2016, Israeli researchers, Uri Kanonov and Avishai Wool, found three key vulnerabilities existing in specific versions of Knox.[9]
e-fuse[edit]

Samsung Knox devices use an e-fuse to indicate whether or not an "untrusted" (non-Samsung) boot path has ever been run. The e-fuse will be set if the device is booted with a non-Samsung boot loader, kernel, kernel initialization script or data. Rooting the device and installing a non-Samsung Android release will therefore set the e-fuse. Once the e-fuse is set, a device can no longer create a KNOX Container, or access the data previously stored in an existing KNOX Container.[10] This information may be used by Samsung to deny warranty service, in the United States, to devices that have been modified in this manner.[11] This is the case even though, in the United States, voiding of consumer warranties in this manner may be prohibited by the Magnuson-Moss Warranty Act of 1975, at least in cases where the phone's problem is not directly caused by rooting.[12] For some devices it is possible to clear the e-fuse by flashing a custom firmware.[13]

References[edit]

1. Jump up^ "What's new in Knox 2.9?". Samsung Knox. 28 August 2017.
   
2. Jump up^ Ray Shaw (March 23, 2013). "Samsung Knox™ BlackBerry off Balance". IT Wire. Retrieved 21 April 2013.
   
3. Jump up^ David Goldman (March 12, 2013). "Samsung targets BlackBerry with Knox". CNN Money.
   
4. Jump up^ Hubert Nguyen (February 25, 2013). "Samsung KNOX Provides Privacy To BYODUsers". UberGizmo. Retrieved 21 April 2013.
   
5. Jump up^ John Ribeiro (October 21, 2014). "NSA approves Samsung Knox devices for government use". computerworld. Retrieved 22 October 2014.
   
6. Jump up^ John Ribeiro (October 21, 2014). "NSA approves Samsung Knox devices for government use". pcworld. Retrieved 22 October 2014.
   
7. Jump up^ "Samsung discontinues My Knox, urges users to switch to Secure Folder". Android Authority. June 2, 2017. Retrieved 22 August 2017.
   
8. Jump up^ "NSA-Approved Samsung Knox Stores PIN in Cleartext". threatpost. October 24, 2014. Retrieved 22 August 2017.
   
9. Jump up^ "Samsung Knox isn't as secure as you think it is". TechRepublic. May 31, 2016. Retrieved 22 August 2017.
   
10. Jump up^ Peng Ning (2013-12-04). "About CF-Auto-Root". Samsung. The sole purpose of this fuse-burning action is to memorize that a kernel or critical initialization scripts or data that is not under Samsung's control has been put on the device. Once the e-fuse bit is burned, a Samsung KNOX-enabled device can no longer create a KNOX Container, or access the data previously stored in an existing KNOX Container.
    
11. Jump up^ Chainfire (2013-10-09). "More on KNOX warranty void". Service center instructions are indeed that devices with this status tripped will not receive any warranty repairs. (Of course, the action they take may still depend on the service center). Their excuse is that the hardware is damaged by the owner.
    
12. Jump up^ "Companies Can't Legally Void the Warranty for Jailbreaking or Rooting Your Phone". Vice Media. The Magnuson-Moss Warranty Act, passed by Congress in 1975, notes that “a warrantor cannot, as a matter of law, avoid liability under a written warranty where a defect is unrelated to the use by a consumer of ‘unauthorized’ articles or service.”
    
13. Jump up^ "A few things on knox". XDA Developers. This has been tested & working on Note 3 N900/Exynos on KitKat ND1 firmware which was on official status without root but Knox triggered, The file was flashed using Odin and after flashing I went into download mode and to my surprise Knox was been reset from 0x1 to 0