Samsung’s Knox Devices Approved For Classified Use By US Government

By Lucian Armasu
published

Today, Samsung announced that its Knox-enabled devices are the first to be NIAP-validated and approved for classified use by the U.S. Government. The devices were added to the Commercial Solutions for Classified (CSfC) Program Component List, to be used by the NSA and other agencies that require an advanced level of security.

The list of approved devices includes: Galaxy S4, Galaxy S5, Galaxy Note 3, Galaxy Note 4, Galaxy Note 10.1 (2014 Edition), Galaxy Note Edge, Galaxy Alpha, Galaxy Tab S 8.4, Galaxy Tab S 10.5.

"The inclusion of Samsung mobile devices on the CSfC list proves the unmatched security of Samsung Galaxy devices supported by the KNOX platform," said JK Shin, CEO and president of IT and mobile business, Samsung Electronics. "At Samsung, we continue to address today's increasingly complex security challenges, and are committed to delivering the most reliable mobile platform satisfying the needs of professionals in all industries, from SMBs and enterprises to governments and additional regulated markets."

Early this year, Samsung's Knox devices were approved by the Defense Information Systems Agency (DISA) for unclassified but sensitive use on the Department of Defense' networks. The UK government has also recently approved Samsung's Knox smartphones for use by all government officials.

Early this year, Google announced that Samsung is going to contribute some of the Knox code to the next version of Android (that being Android 5.0), which will focus on the following major concepts:

  • Device and data security
  • Support for IT policies and restrictions
  • Mobile application management

In Android 5.0, we've already seen how Google plans to introduce data separation – by allowing users to create completely separate accounts. Because Android Lollipop comes with encryption out of the box, the data from all of these accounts will be encrypted and kept safe with verified boot technology. This technology is analogous to what Samsung is using with Knox.

Samsung's Knox devices should be able to maintain a lead in security with its support for ARM TrustZone hardware, unless other Android OEMs adopt similar technologies to protect their devices against tampering.

Follow us @tomshardware, on Facebook and on Google+.

Lucian Armasu
Lucian Armasu
Lucian Armasu is a Contributing Writer for Tom's Hardware US. He covers software news and the issues surrounding privacy and security.
10 Comments Comment from the forums
  • gggplaya
    Well, Blackberry stocks just plummeted today.
    Reply
  • Alexizzle2
    I think the government will keep using blackberries because they're cheaper and reusable (many blackberries being used by government workers are hand-me-downs). Plus they stay secure forever, while Samsung drops support after a few years. Plus, why do government workers need these phones? It would be a security vulnerability, no matter how secure these phones claim to be... Some employee will download some crap and give it permission to access files, network connection, etc. It's not like these guys absolutely have to be able to play Angry Birds or check their Instagram; they can have their personal smartphones for that
    Reply
  • ubercake
    I like it when any country puts their trust in countries outside their country for matters of national security?
    Reply
  • a1r
    Besides being a foreign corporation and manufacturing system, Samsung doesn't always keep up with it's security obligations either, especially in aging products. They drop support after a while on older devices like nearly every other device maker in the industry. The US government is known to keep devices for years if not decades, not to mention regularly losing them. Really secret stuff wouldn't be transmitted like that, but that still leaves lower classified information and department infrastructure vulnerable. Will there be a contract to provide updates for the entire physical life of these devices.
    Reply
  • whiteodian
    Would the classified use be looking at porn? :D Or maybe a game of Angry Birds?
    Reply
  • chicofehr
    I wonder if blackberry will sue them for copying their ideas to get some $$$. They need it. They only have enough cash to last another 5 years unless their Passport can save them.
    Reply
  • coolitic
    Instead of giving national security a ton of power to pointlessly spy on people, maybe they should focus more on making PROPER security for themselves rather than using something that's so available.
    Reply
  • Alexizzle2
    14430095 said:
    14427414 said:
    iPhones are already approved... I think the government will keep using blackberries because they're cheaper and reusable (many blackberries being used by government workers are hand-me-downs).

    IPHONES ARE NOT ALREADY APPROVED!!!! YOU LIE TO COVER FOR APPLE! THEY ARE NOT APPROVED!

    Well gee, sorry. Maybe I had it confused with iPhones being approved for military use (article about that here). I just know from personal experience that the duty officers in US embassies use iPads and iPhones for their work, so I assumed those devices had been approved.

    Also for the record I don't give two craps about the Apple wars. I personally use Android, but I think iPhones are perfectly good phones as well.
    Reply
  • TerryFawkes
    "
    At "gggplaya" (Well, Blackberry stocks just plummeted today. )
    "

    At opening of the day, the stock was $11.70 (local currency), at closing, it was $11.40. You call this a 'plummet'?

    nice troll attemp
    Reply
  • genz
    Terry, it's a figure of speech. To all others that are complaining about them being inherently less secure than a BlackBerry, that's like declaring that PCs are inherently less secure than an iPad.

    Well yeah... but if you set it up right that's ceases to be a problem. You see Androids already run with everything in userland and shut off from root Linux access, plus they support signed remote administration, meaning that with a few extensions and some crypto modification to US milspec, they can be blocked off the app store, sandbox each app, encrypt their storage natively, randomize their online fingerprint, and administrate all these controls remotely, (i.e you have to jack the phone up to something else to turn these things on and off).

    Samsung has just extended what was already there to Blackberry standard.
    Reply