BlackBerry attacks enterprise suitability of Samsung Knox following major Pentagon mobile capability announcement

A senior BlackBerry official has attacked the suitability of Samsung’s Knox security platform in the mobile device management market, following the US Department of Defense’s release of its latest Unclassified Mobility Capability standards.

In a statement issued late last week, the US Defense Information Systems Agency announced the rollout of the standards, which will see the number of approved mobile apps increase from 16 to 90.

“By January 31, DOD Mobility Unclassified Capability users in DISA will begin the phased transition to initial release 1.0 capabilities including the mobile device management system, mobile application store, approved devices list, supported cellular access, DOD PKI [public-key infrastructure] support, transition of approved applications and enterprise services for mobility.”

News of the Pentagon’s decision came just days after security researcher Mordechai Guri claimed to have discovered a major security hole in Samsung’s Knox platform.

“The Knox architecture features a regular phone environment as well as a secure container that is supposed to add security protection to the phone. All data and communications that take place within the secure container are protected and even if a malicious application should attack the non-secure part all the protected data should be inaccessible under all circumstances,” the university said in a statement.

“[However], by simply installing an “innocent” app on the regular phone (in the non-secure container) all communications from the phone can be captured and exposed.”

Samsung promptly downplayed the issue, quoting Georgia Institute of Technology professor Patrick Traynor as saying that a properly configured installation of Knox can address the issues discovered by Guri.

“Recently, there have been reports that security researchers from Ben-Gurion University Cyber Security Labs found a vulnerability on a Samsung Galaxy S4 device with the Knox security platform,” Samsung says in a statement.

“After discussing the research with the original researchers, Samsung has verified that the exploit uses legitimate Android network functions in an unintended way to intercept unencrypted network connections from/to applications on the mobile device.

“This research did not identify a flaw or bug in Samsung KNOX or Android; it demonstrated a classic Man in the Middle (MitM) attack, which is possible at any point on the network to see unencrypted application data.”

BlackBerry’s Global Enterprise Services president John Sims issued a scathing statement claiming that Samsung’s Knox platform is unsuitable for high-security enterprise environments.

“Samsung provided a statement that the vulnerability was with Android, but this shows the challenge that Samsung has with continually developing Knox to survive in a hostile environment.”

Sims went on to say Samsung’s issues highlighted the security strength of the BlackBerry Enterprise Server. 

“And that’s why we are the only enterprise mobility management vendor and handset maker that has received the Department of Defense ‘Authority to Operate’ certification.”

Sims also claims more than 80,000 enterprise and government customers worldwide use BlackBerry Enterprise Server, which he says is four times more than the “pure play” MDM vendors combined.

“Furthermore, Knox only works on select Samsung devices. For those highly ‘regulated’ customers – those that require the strictest security levels – bring your own device (BYOD) is not an option. However, there are a significant number of enterprises where BYOD is the way forward. Knox has no flexibility for the BYOD trend.”