back to article KNOX knocked three times by Israeli infosec boffins

A pair of Israeli researchers has detailed their discovery of three Android / KNOX vulnerabilities in older Samsung phones, and it makes for depressing reading. In this paper at Arxiv, Tel Aviv University's Uri Kanonov and Avishai Wool dissect KNOX for your enjoyment. In particular, they write that in sharing KNOX services …

  1. djstardust

    First thing I do when I get a Samsung handset is root and completely disable KNOX. Job done!

    1. Anonymous Coward
      Anonymous Coward

      Well done! I assume you also disable the lock screen and remove any device FS encryption, thus protecting yourself from any defects in those security features, too?

      1. djstardust

        Absolutely, and I have never had a single issue with any of my Samsung handsets since the Galaxy S.

    2. Michael Habel Silver badge

      And, in doing so blow the Knox eFuse FOREVER!!

      Well it's not totally a lost cause, I may have lost KNOX, but, I've gained more from updating from Samsung's crappy TW based KitKat (4.4.2.), To CyanogenMod 13.0 which just got last month's (as I write this) Security Updates from Google. The device in question is also encrypted.

      1. djstardust

        Blowing the eFuse is only a potential warranty issue, and I have had handsets repaired by Samsung with KNOX tripped so it's not definite they will refuse to repair. If it is a hardware fault I don't see why modifying software would be a valid excuse for not honouring the warranty.

        Rooting offers so many benefits:

        The ability to freeze or remove bloatware making the handset far faster and improving battery life.

        The ability to backup and restore both OS and apps.

        The ability to boost headset volume to a decent level instead of the stupid volume caps set by Samsung and the EU.

        And much more.

        The only issue I have with the S7 Edge is the headset volume level, and it can be hacked in a couple of minutes to really open up the potential of the wonderful DAC that Samsung have crippled with their stock settings. Same applies for the Note 4.

        1. Michael Habel Silver badge

          I couldn't agree more, except blowing that eFuse (along with whatever warranties?), will also ban you out of ever using KNOX ever again... I know I miss it too... NOT!

      2. Anonymous Coward
        Anonymous Coward

        "And, in doing so blow the Knox eFuse FOREVER!!!"

        How would they prove you did that deliberately and that it was not a side effect of the legions of Android malware?

  2. Adam JC

    Whilst I admire your enthusiasm, the biggest reason for me not blowing Knox's 'e-fuse' on my S6 Edge+ as I did with my previous Note 3, is solely down to warranty. Samsung nor any mobile providers will honor warranty with the device if the KNOX 'dirty bit' has been tripped. I managed to root my Note 3 without tripping KNOX using autoroot - My S6 on the other hand, I don't think I'll tinker til it's out of its warranty period.

    1. Michael Habel Silver badge

      Well it's not like Sammy are about to drop Android 'N' on my 2014 Tab Pro 8.4 LTE. In fact they weren't even arsed to even update it to Lollipop, and just decided to leave all the Tab Pro 8.4 & 10.2 users in a lurch with KitKat 4.4.2. So I fully feel you about, not being so hasty about flashing. Had Sammy been a bit more caring about us Tab Pro users, and at least given us a Lollipop update, I'd probably would still be running stock.

  3. Sebastian A

    Knox was never designed to secure your device for you against outside actors. It's to secure Samsung's device against you the lease-holder.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021