However, after discussing the issue with Google, Samsung issued a statement that said the exploit the researchers used in their work took advantage of flaws in legitimate Android network functions. What it didn't do, Samsung's statement added, was exploit a flaw in the Knox platform.
In fact, what the researchers described was "a classic Man in the Middle (MitM) attack, which is possible at any point on the network to see unencrypted application data. The research specifically showed this is also possible via a user-installed program, reaffirming the importance of encrypting application data before sending it to the Internet."
Sign up for Computerworld eNewsletters.