After gaining U.S. government approval, Samsung Knox security for Android found to be "completely co

124»

Comments

  • Reply 61 of 72
    Quote:



    Originally Posted by tenly View Post



    Sounds like you're looking for "objectiveinsider.com" or "smartphoneinsider.com" ? LOL - this is APPLEinsider.com so why wouldn't they report on everything and anything that relates to Apple? LOL! I can't help but think of your comments as they might be applied to some other area of interest...like model airplanes for example... Seriously though - who creates an account on a website calld "modelairplanes.com" so they can post a comment asking "Why does everybody have to talk about model airplanes so much? Can't we give it a break and talk about something else for a change?"

     

     

    But the whole point is that this article, like most of Dilger's articles, isn't about Apple at all. It's another Android/Samsung slur piece. Given that it's APPLEinsider, why is DED given free rein to bang on about Samsung so much? If he wants to spend an hour a day dredging up obscure negative content about Samsung then let him, but for goodness sake don't make it front-page news - that's just embarrassing.

     

    Either this site is a venue for insightful and well-informed discussions about Apple and Apple products, or it's just an excuse for infantile propagandists like DED to spout fetid drivel about the competition. Which is it?

     

    AppleInsider, if you care about the integrity of your site, take away Dilger's pen. And close his sock puppet forum accounts whilst you're at it.

  • Reply 62 of 72
    dasanman69dasanman69 Posts: 13,002member
    rob53 wrote: »
    Why would a website named Appleinsider bother presenting anything positive about the competition?

    Why bother presenting anything at all? Writing about them just gives them relevance regardless of the subject matter. How is it the other pro-Apple sites can write entire articles dedicated to Apple, and never mention the competition, but here the editorials always end up in a diatribe about the competition.
  • Reply 63 of 72
    Here's the link to the official Samsung response.
    https://www.samsungknox.com/en/blog/regarding-recent-blog-article-samsung-knox
  • Reply 64 of 72

    I happened to click on the link to the blog post that provided the impetus for your article that Samsung Knox was "completely compromised."  

     

    You refer to the author of the blog post as a "software researcher" thus giving credence to the blog post and the claims.

     

    The nagging problem I have is that the link goes to a blog post of what appears to be an anonymous German blogger who has posted only that one blog post, and the timing of the blog post happened to come out shortly after Samsung announced US Government certification of Knox.  And the anonymous blogger does not identify in his or her blog post if this "vulnerability" is with the current version of Knox and on what specific devices, and under what scenarios was this tested (e.g. was Knox installed with a third party MDM, etc.).  

     

    Maybe in the end this blogger did find a glaring "compromise."  Typically if a security vulnerability is uncovered , it would more credible if

     

    (a) the person posting the vulnerability identified themselves and/or had published other research to confirm that they are in fact a credible and independent "software researcher."   If the blogger feared retribution and preferred being anonymous, they could have submitted their findings to a third party organization (e.g. NIST) who would have vetted their claims, and if they wanted credit while remaining anonymous, NIST typically gives attribution and a link back to the contributor.

     

    (b) they provided more details on what versions/device models/etc. were tested in what scenarios (MDM installed or not etc.) vs. painting a broad brush stroke

     

    (c) that once they uncovered the vulnerability that they gave the vendor the opportunity to respond, and included that vendor's response in their posting.    

     

    Again maybe in the end this is a legitimate compromise uncovered, but I prefer giving a vendor the opportunity to respond (and fix) a security vulnerability before it gets published.  And I prefer to read articles that are not based on anonymous one-time blog posts that require more vetting especially given the serious nature of the accusations.   I would not like it if someone did this to Apple ...

  • Reply 65 of 72
    AppleInsider could be a good website but it does bother me that the journalism present on this website is so pro apple, death to anything else. I am not saying you have to love appl'es competition but you don't have to post every negative thing that comes up. Its like you are hopping for the other team to get injured. If you like apple like apple don't hate something because its not apple you will find your self full of hate.

    Here's the thing:

    If AppleInsider posts anything positive or praiseworthy about Apple products--without mentioning any other brands--there's a whole gang of resident forum trolls who are going to react by posting praise for Apple's competitors, even when they aren't mentioned in the article or any form of comparison was implied. Praising Apple brings out troll insecurities.

    So AI can't post anything negative about the competition, and they can't post anything positive about Apple.

    That sounds to me like arbitrary "journalism" rules laid down by anti-Apple trolls.
  • Reply 66 of 72
    Here's the thing:

    If AppleInsider posts anything positive or praiseworthy about Apple products--without mentioning any other brands--there's a whole gang of resident forum trolls who are going to react by posting praise for Apple's competitors, even when they aren't mentioned in the article or any form of comparison was implied. Praising Apple brings out troll insecurities.

    So AI can't post anything negative about the competition, and they can't post anything positive about Apple.

    That sounds to me like arbitrary "journalism" rules laid down by anti-Apple trolls.
    Here's the thing:

    If AppleInsider posts anything positive or praiseworthy about Apple products--without mentioning any other brands--there's a whole gang of resident forum trolls who are going to react by posting praise for Apple's competitors, even when they aren't mentioned in the article or any form of comparison was implied. Praising Apple brings out troll insecurities.

    So AI can't post anything negative about the competition, and they can't post anything positive about Apple.

    That sounds to me like arbitrary "journalism" rules laid down by anti-Apple trolls.

    I think I may have given the wrong impression. The articles that are about the competition are overwhelmingly negative. If you are going to cover the competition do so but don't always do the negative. Otherwise the website seems as if the editors are taking time to bash apples completion and it lacks true objectiveness. This website is "fair and balanced" as of now.
  • Reply 67 of 72

    It's more a matter of needing balance within an individual article. The way DED writes, you would think competing products had no merits at all, which is not true. You can make anything look bad if you exaggerate its flaws and ignore its strong points. It is inaccurate, myopic journalism calculated to generate clicks and little else.

  • Reply 68 of 72
    Quote:

    Originally Posted by Euphonious View Post

     

    It's more a matter of needing balance within an individual article. The way DED writes, you would think competing products had no merits at all, which is not true. You can make anything look bad if you exaggerate its flaws and ignore its strong points. It is inaccurate, myopic journalism calculated to generate clicks and little else.




    Bingo.

     

    AppleInsider posts click bait. Including negative stories about Apple or Apple products: Bendgate. Zero-day security flaws. Buggy software releases. Apocryphal accounts of iPhone 6 Pluses with too many apps crashing. Apple supplier factory labor controversies. Juicy hearsay about Apple executives and management changes. Press criticism. Stock prices.

     

    There's a whole herd of reactionary forum trolls waiting to pounce on any positive news by posting defensively-toned "but but but...", and pounce on any negative news by posting schadenfreude.

  • Reply 69 of 72
    The security access code for this device is VV23-678GSDUEIE
    But please don't use it. Pleeeeeeese. The owner of the device would be so pissed. I mean really, really pissed. Again, the security access code for this device is....
  • Reply 70 of 72
    aresares Posts: 1member
    Hi, I'm the author of the Knox article. I responded to the press release from Samsung and updated my blog article:

    As Samsung responded with an official press release regarding my blog article (https://www.samsungknox.com/en/blog/response-blog-post-samsu...) I also want to response to their press release:

    First of all as I mentioned in the paragraph below, I analysed the pre-installed Knox Container App which is known as Knox Personal and shipped with the Samsung S4 I bought and not Knox EMM. " Knox EMM is a enterprise cloud-based management solution for mobile devices which was not part of this analysis."

    I investigated the following version (mentioned in the name of the apk files on the device): KNOX_com.sec.knox.app.container_2.0_2.apk, KNOX_com.sec.knox.containeragent_3.0_30.apk

    A lot of comments and posts claimed that I have just investigated an early developer version. I don't think that version 2.0_2 seems to be an early developer version?!? Also Samsung why are you shipping early developer versions of a product on customer devices?

    I did the analysis about one month ago with a new Samsung S4 and all updates installed. That doesn't seem to be an early developer version, right? Or did I bought a fake one ;)?

    Samsung mentioned the following in their press release: "Concerning the second issue, KNOX does save the encryption key required to auto-mount the container%u2019s file system in TrustZone. However, unlike what is implied in the blog, the access to this key is strongly controlled. Only trusted system processes can retrieve it, and KNOX Trusted Boot will lock down the container key store in the event of a system compromise."

    I think Samsung speaks here about their Knox Agent. At the beginning of my analysis I used geohots towelroot to gain root access on the Samsung device. During the analysis the phone wanted to update some "Samsung Security Policies". After the update the Agent blocked the root access to the phone. So this agent seems to be working like a usual Anti-Virus tool. It can only detect attacks if it knows the attack. And as we all know, Anti-Viruses are useless against unknown attacks :). This is the same for their so called "TrustZone".

    All other points the press release mentioned were just about a Knox 1.0 software, which now was replaced by MyKnox. I don't know what Knox 1.0 is and how to get it or on which devices this is installed. All I know is, the version of Knox Container 2.0_2, which was installed on my Samsung S4 is heavily unsecure.
  • Reply 71 of 72
    I trust software researchers on blogspot as much as I do analysts.
  • Reply 72 of 72

    I (sammysamsam) completely agree with you.

Sign In or Register to comment.