I'm sure the government still likes Knox more than iOS at this point
Err - no. I've worked with some of these folks and this is a serious ding on professional credibility. Whoever approved it won't be on the signature list for future approvals.
That blog appears that it was created today (or at least recently), it has only the one single post and that is dated today. Also we do not know who the author is.
So maybe the NYT and WSJ are waiting until they have all of the facts? Or maybe there is another reason?
Instead of using the name Knox, presumably based on Fort Knox, Scamsung should have used Fort Courage as their inspiration, you know, the home of F Troop. That was a farce too.
I guess we're dating ourselves. You're old enough to make the reference, I'm old enough to laugh at it.
Thanks for the earworm - the theme song is now stuck in my head.
Err - no. I've worked with some of these folks and this is a serious ding on professional credibility. Whoever approved it won't be on the signature list for future approvals.
I think it went over your head. Al a sarcasm
The government loves iOS for personal use but hates it for the rest of the country because they can't spy on it. Knox will still allow them to accomplish their goals easier..
I like juicy stories as much as anyone, but did the DED really cite a blog made up of a single post and no credentials of the author. If truly vulnerable, the "researcher" could get a ton of airtime at security conferences like Defcon, Infosec, Blackhat or payment/recognition from Google/Samsung. But instead he/she creates a blog.
Still can't offer: [LIST] [*] best mobile productivity suite available [*] best user experience [*] highest quality apps [*] highest quality mobile phone photography in the greatestvvariety of situations [*] highest customer satisfaction [*] most reliable smartphone [*] most secure platforms available [/LIST]
AppleInsider could be a good website but it does bother me that the journalism present on this website is so pro apple, death to anything else. I am not saying you have to love appl'es competition but you don't have to post every negative thing that comes up. Its like you are hopping for the other team to get injured. If you like apple like apple don't hate something because its not apple you will find your self full of hate.
People need to actually read the NIAP Common Criteria Evaluation and Validation Scheme Validation Report found at https://www.niap-ccevs.org/st/st_vid10562-vr.pdf as well as with the other approvals at https://www.nsa.gov/ia/programs/csfc_program/component_list.shtml. You need to understand that this isn't simply NSA approval but approval through NIST using supposedly independent evaluators, in this case four people from Aerospace Corporation, Columbia, MD. These are the people tasked with evaluating this product following a variety of government guidelines including some antiquated Common Criteria rules meant mainly to make it easier for products to meet government procurement guidelines. This approval is significant because, as noted in this article, it's for classified use. Previously only Blackberry mobile devices were allowed. I don't know if Apple has sought approval for classified use of iOS devices, I don't have access anymore to all of the web sites that would list submitted devices that are still under test. I do find it interesting that Samsung received approval so quickly. The validation report was approved April 2014 for the Galaxy 5 and Note 10.1 2014 editions. The testing usually takes at least a year and many times much longer. Remember how long it took OSX and iOS to receive FIPS 140-2 validation. Samsung's government payoffs much have been large and continuous to get this kind of fast track effort.
It's really sad our government has once again not performed their due diligence in making sure products destined for classified work are actually secure. These are government workers and contractors, not elected officials, making these decisions and approvals. These approvals don't make it to the President's desk and rarely make it above the DoD's DAA's desk. This fiasco can't be blamed on Democrats or Republicans. It can definitely be blamed on government workers and I'm sure once the German researcher's information is checked by DISA personnel, their certification better be removed or their jobs will be at stake. Without DISA's certification, these devices can't be used on DoD networks. Other branches of the government, like DOE, also perform classified work and they will need to generate their own certification processes. My hope is that they will also immediately test the researcher's information and determine if it indeed violates their security plans and quickly remove any Samsung hardware. The Knox version is the only Android-based mobile device I know about that's approved for unclassified government use as well. Apple devices are approved and in large use.
I like juicy stories as much as anyone, but did the DED really cite a blog made up of a single post and no credentials of the author. If truly vulnerable, the "researcher" could get a ton of airtime at security conferences like Defcon, Infosec, Blackhat or payment/recognition from Google/Samsung. But instead he/she creates a blog.
But it's DED and AI so clicks baby
Here's the blog, it's very specific about what's going on. Without having access to a Knox-configured Samsung device, you won't be able to test these. I'm sure this will be hitting the fan very soon with all sorts of people validating the findings. We'll also hear excuses from the NIST/NSA validation groups saying this doesn't really mean anything and it still makes the system secure.
AppleInsider could be a good website but it does bother me that the journalism present on this website is so pro apple...
Uh...
Its like you are hopping for the other team to get injured.
Gee, guys, apparently we shouldn’t root for the company that admits to stealing intellectual property countless times and willfully employs children in factory conditions going bankrupt.
when i think security my mind does not turn to anything android. this has been proven over and over and over and... thanks for knox, but it is just a security badge put over a leaking and sinking ship of security. when i want secure- i want anything other than android, regardless of how secure Eric Schmidt wants me to think it is (while using his more secure blackberry).
AppleInsider could be a good website but it does bother me that the journalism present on this website is so pro apple, death to anything else. I am not saying you have to love appl'es competition but you don't have to post every negative thing that comes up. Its like you are hopping for the other team to get injured. If you like apple like apple don't hate something because its not apple you will find your self full of hate.
the absurdity of your post considering your username aside, you're on an Apple enthusiast site. Get over it...or even better, go to an android site and tell them that, see what happens..
Don't read too much into this government approved device propaganda. The only reason Samsung is "approved" is because South Korea's government is viewed as pro US and we want to keep them get elected.
Comments
I wonder which senators will publicly demand for Samsung to respond?¡
Whichever senators are paid enough by the PAC representing some anti-Samsung folks will be the one's to make that demand.
...
Or... whichever senators think such a public "demand" would benefit their re-election.
...
in short... they'll only do ANYthing if they think it will benefit their power-base... otherwise they'll just continue with their circle-jerk.
Samsung's having a bad couple of weeks, first #Gapgate then #Note4slowgraphicsgate, and now #Knoxgate.
I'm sure the government still likes Knox more than iOS at this point
Err - no. I've worked with some of these folks and this is a serious ding on professional credibility. Whoever approved it won't be on the signature list for future approvals.
Knoxgate?
Samsung should have designed OS-level security like iOS... and maybe a hardware secure enclave... Except they can't.
Just guessing. The NYT and WSJ will not be running with this story.
Yeah it doesn't look like anyone anywhere else is reporting on this story other than the quoted blog and ai.
The only news I can find about this is the above article written here at ai, and the blog that the ai article quotes:
http://mobilesecurityares.blogspot.co.uk/
That blog appears that it was created today (or at least recently), it has only the one single post and that is dated today. Also we do not know who the author is.
So maybe the NYT and WSJ are waiting until they have all of the facts? Or maybe there is another reason?
Thanks for the earworm - the theme song is now stuck in my head.
I think it went over your head. Al a sarcasm
The government loves iOS for personal use but hates it for the rest of the country because they can't spy on it. Knox will still allow them to accomplish their goals easier..
Knoxgate?
You can't "gate" anything from Samsung. Fandroids love them too much. Because specs. And benchmarks.
I like juicy stories as much as anyone, but did the DED really cite a blog made up of a single post and no credentials of the author. If truly vulnerable, the "researcher" could get a ton of airtime at security conferences like Defcon, Infosec, Blackhat or payment/recognition from Google/Samsung. But instead he/she creates a blog.
But it's DED and AI so clicks baby
Still can't offer:
[LIST]
[*] best mobile productivity suite available
[*] best user experience
[*] highest quality apps
[*] highest quality mobile phone photography in the greatestvvariety of situations
[*] highest customer satisfaction
[*] most reliable smartphone
[*] most secure platforms available
[/LIST]
People need to actually read the NIAP Common Criteria Evaluation and Validation Scheme Validation Report found at https://www.niap-ccevs.org/st/st_vid10562-vr.pdf as well as with the other approvals at https://www.nsa.gov/ia/programs/csfc_program/component_list.shtml. You need to understand that this isn't simply NSA approval but approval through NIST using supposedly independent evaluators, in this case four people from Aerospace Corporation, Columbia, MD. These are the people tasked with evaluating this product following a variety of government guidelines including some antiquated Common Criteria rules meant mainly to make it easier for products to meet government procurement guidelines. This approval is significant because, as noted in this article, it's for classified use. Previously only Blackberry mobile devices were allowed. I don't know if Apple has sought approval for classified use of iOS devices, I don't have access anymore to all of the web sites that would list submitted devices that are still under test. I do find it interesting that Samsung received approval so quickly. The validation report was approved April 2014 for the Galaxy 5 and Note 10.1 2014 editions. The testing usually takes at least a year and many times much longer. Remember how long it took OSX and iOS to receive FIPS 140-2 validation. Samsung's government payoffs much have been large and continuous to get this kind of fast track effort.
It's really sad our government has once again not performed their due diligence in making sure products destined for classified work are actually secure. These are government workers and contractors, not elected officials, making these decisions and approvals. These approvals don't make it to the President's desk and rarely make it above the DoD's DAA's desk. This fiasco can't be blamed on Democrats or Republicans. It can definitely be blamed on government workers and I'm sure once the German researcher's information is checked by DISA personnel, their certification better be removed or their jobs will be at stake. Without DISA's certification, these devices can't be used on DoD networks. Other branches of the government, like DOE, also perform classified work and they will need to generate their own certification processes. My hope is that they will also immediately test the researcher's information and determine if it indeed violates their security plans and quickly remove any Samsung hardware. The Knox version is the only Android-based mobile device I know about that's approved for unclassified government use as well. Apple devices are approved and in large use.
I like juicy stories as much as anyone, but did the DED really cite a blog made up of a single post and no credentials of the author. If truly vulnerable, the "researcher" could get a ton of airtime at security conferences like Defcon, Infosec, Blackhat or payment/recognition from Google/Samsung. But instead he/she creates a blog.
But it's DED and AI so clicks baby
Here's the blog, it's very specific about what's going on. Without having access to a Knox-configured Samsung device, you won't be able to test these. I'm sure this will be hitting the fan very soon with all sorts of people validating the findings. We'll also hear excuses from the NIST/NSA validation groups saying this doesn't really mean anything and it still makes the system secure.
http://mobilesecurityares.blogspot.co.uk/2014/10/why-samsung-knox-isnt-really-fort-knox.html?m=1
You'll be telling me you are old enough to remember Hiram Holliday next!
AppleInsider could be a good website but it does bother me that the journalism present on this website is so pro apple...
Uh...
Gee, guys, apparently we shouldn’t root for the company that admits to stealing intellectual property countless times and willfully employs children in factory conditions going bankrupt.
when i think security my mind does not turn to anything android. this has been proven over and over and over and... thanks for knox, but it is just a security badge put over a leaking and sinking ship of security. when i want secure- i want anything other than android, regardless of how secure Eric Schmidt wants me to think it is (while using his more secure blackberry).
Pichai, Google: "If I had a company dedicated to malware, I would also send my attacks to Android."
I don't get it, his company is dedicated to malware, isn't it?
Only dropped 13%? If investors woke up and smelled the coffee, it would be down 90%.
the absurdity of your post considering your username aside, you're on an Apple enthusiast site. Get over it...or even better, go to an android site and tell them that, see what happens..
Don't read too much into this government approved device propaganda. The only reason Samsung is "approved" is because South Korea's government is viewed as pro US and we want to keep them get elected.