Samsung Galaxy S4 Security Vulnerability Discovered

by Istvan Fekete on December 27, 2013

There is bad news for Apple’s fiercest competitor, Samsung: its best-selling, flagship smartphone, the Galaxy S4, has been found to suffer from a vulnerability that could allow malicious software to track emails and record data communications, Israeli cybersecurity researchers have told the Wall Street Journal.

The researchers found the security gap earlier this month, which now raises questions regarding Samsung’s new security platform, Knox, which was recently granted the green light from the US Department of Defense. Knox aims to compete with BlackBerry, whose devices have been considered the most secure mobile system for years.

Samsung’s obvious answer was that it will look into the allegations, but the problem doesn’t appear to be as serious as the Israeli cybersecurity firm claims. The company “takes all security vulnerability claims very seriously” and promised to further investigate the university lab’s claims. However, a preliminary investigation by Samsung showed that “the threat appears to be equivalent to some well-known attacks,” the spokesman said. “Rest assured, the core Knox architecture cannot be compromised or infiltrated by such malware,” he said.

Mordechai Guri, the security expert who discovered the alleged problem at Ben Gurion University’s Cyber Security Lab, claims the vulnerability would allow a hacker to “easily intercept” secure data, modify data, and even insert hostile code that could run amok within the user’s secured, Knox-enabled Galaxy smartphone, he told the Wall Street Journal.

“The new unveiled vulnerability presents a serious threat to all users of phones based on this architecture, such as users” of the Samsung Galaxy S4, Dudu Mimran, the lab’s chief technical officer, said in a statement.

What’s interesting is that Samsung’s Knox platform was approved by the US Department of Defense in May, an important milestone for the South Korean company. But as it turns out, the system isn’t that secure: did someone at the DoD overlook the system’s Achilles heel?

Anyways, a spokesman for the US Department of Defense declined to comment on possible security vulnerabilities, but said the device won’t be used by the Pentagon until it is proven secure – again.

Oh, and as he points out that Samsung’s Knox security system has not yet been approved for use on Pentagon networks, but the Defense Information Systems Agency working with the National Security Agency has already purchased 500 Samsung Galaxy S4 devices for testing as part of a pilot program.

So, what’s the Next Big Move, Samsung?

Did you like this post? TheTelecomBlog.com publishes daily news, editorial, thoughts, and controversial opinion – you can subscribe by: RSS (click here), or email (click here).

Written by: Istvan Fekete. www.digitcom.ca. Follow TheTelecomBlog.com by: RSS, Twitter, Facebook, or YouTube.

Previous post:

Next post: