Samsung Knox

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search
Samsung Knox
Samsung Knox.png
Developer(s) Samsung Group
Stable release
3.1 / 18 March 2018; 3 months ago (2018-03-18)[1]
Operating system Android and Tizen

Samsung Knox is an enterprise mobile security solution pre-installed in most of Samsung's smartphones, tablets, and wearables.


Samsung Knox provides security features that enable business and personal content to coexist on the same handset. The user presses an icon that switches from Personal to Work use with no delay or reboot wait time.[2] The manufacturer has claimed this feature will be fully compatible with Android and Google and will provide full separation of work and personal data on mobile devices and "addresses all major security gaps in Android."[3]

The Knox service is part of the company's "Samsung for Enterprise" (SAFE) offerings for smartphones and tablets. Samsung Knox's primary competitor is Blackberry Balance, a service that separates personal and work data. The name, Samsung Knox, is derived from Fort Knox.[4]

In October 2014, U.S National Security Agency (NSA) approved Samsung Galaxy devices under a program for quickly deploying commercially available technologies. Approved products include Galaxy S4, Galaxy S5, Galaxy S6, Galaxy S7, Galaxy Note 3, Galaxy Note 10.1 2014.[5]

In June 2014, five Samsung devices were included in the list of approved products for sensitive but unclassified use by the Defense Information Systems Agency (DISA) of the Department of Defense, which certifies commercial technology for defense use.[6]

In June 2017, Samsung discontinued My Knox and urged users to switch to an alternate product, Secure Folder.[7]


In October 2014, a security researcher discovered that Samsung Knox stores PIN in plain-text instead of storing salted and hashed PIN (or better, using PBKDF2) and precessed it by obfuscated code.[8]

In May 2016, Israeli researchers, Uri Kanonov and Avishai Wool, found three key vulnerabilities existing in specific versions of Knox.[9]


Samsung Knox devices use an e-fuse to indicate whether or not an "untrusted" (non-Samsung) boot path has ever been run. The e-fuse will be set if the device is booted with a non-Samsung boot loader, kernel, kernel initialization script or data. Rooting the device and installing a non-Samsung Android release will therefore set the e-fuse. Once the e-fuse is set, a device can no longer create a KNOX Container, or access the data previously stored in an existing KNOX Container.[10] This information may be used by Samsung to deny warranty service, in the United States, to devices that have been modified in this manner.[11] This is the case even though, in the United States, voiding of consumer warranties in this manner may be prohibited by the Magnuson–Moss Warranty Act of 1975, at least in cases where the phone's problem is not directly caused by rooting.[12] For some devices it is possible to clear the e-fuse by flashing a custom firmware.[13]

Android Enterprise[edit]

On March 5, 2018, it was announced that since Android Oreo on Samsung devices with Knox 3.0, Samsung Knox and Android Enterprise are combined into a single solution.[14]


  1. ^ "What's new in Knox 3.1?". Samsung Knox. 18 March 2018. 
  2. ^ Ray Shaw (March 23, 2013). "Samsung Knox™ BlackBerry off Balance". IT Wire. Retrieved 21 April 2013. 
  3. ^ David Goldman (March 12, 2013). "Samsung targets BlackBerry with Knox". CNN Money. 
  4. ^ Hubert Nguyen (February 25, 2013). "Samsung KNOX Provides Privacy To BYODUsers". UberGizmo. Retrieved 21 April 2013. 
  5. ^ John Ribeiro (October 21, 2014). "NSA approves Samsung Knox devices for government use". computerworld. Retrieved 22 October 2014. 
  6. ^ John Ribeiro (October 21, 2014). "NSA approves Samsung Knox devices for government use". pcworld. Retrieved 22 October 2014. 
  7. ^ "Samsung discontinues My Knox, urges users to switch to Secure Folder". Android Authority. June 2, 2017. Retrieved 22 August 2017. 
  8. ^ "NSA-Approved Samsung Knox Stores PIN in Cleartext". threatpost. October 24, 2014. Retrieved 22 August 2017. 
  9. ^ "Samsung Knox isn't as secure as you think it is". TechRepublic. May 31, 2016. Retrieved 22 August 2017. 
  10. ^ Peng Ning (2013-12-04). "About CF-Auto-Root". Samsung. The sole purpose of this fuse-burning action is to memorize that a kernel or critical initialization scripts or data that is not under Samsung's control has been put on the device. Once the e-fuse bit is burned, a Samsung KNOX-enabled device can no longer create a KNOX Container, or access the data previously stored in an existing KNOX Container. 
  11. ^ Chainfire (2013-10-09). "More on KNOX warranty void". Service center instructions are indeed that devices with this status tripped will not receive any warranty repairs. (Of course, the action they take may still depend on the service center). Their excuse is that the hardware is damaged by the owner. 
  12. ^ "Companies Can't Legally Void the Warranty for Jailbreaking or Rooting Your Phone". Vice Media. The Magnuson–Moss Warranty Act, passed by Congress in 1975, notes that "a warrantor cannot, as a matter of law, avoid liability under a written warranty where a defect is unrelated to the use by a consumer of 'unauthorized' articles or service". 
  13. ^ "A few things on knox". XDA Developers. This has been tested & working on Note 3 N900/Exynos on KitKat ND1 firmware which was on official status without root but Knox triggered, The file was flashed using Odin and after flashing I went into download mode and to my surprise Knox was been reset from 0x1 to 0 
  14. ^ The unification of Android Enterprise and Samsung Knox: Your questions answered here

External links[edit]