Knox is based on SE Android, which is being rolled out now. Google, Samsung, and Cyanogenmod are taking their time to make sure they get the policies right, so they're running it in Permissive mode now. Once it's put into Enforcing mode, it should block most privilege escalation attacks. In the meantime, Bouncer + Verify Apps seems to be doing a pretty good job blocking malware.
10/9/13 at 4:23pm