Samsung KNOX 1.0 uses a weak eCryptFS Key generation algorithm, which makes it easier for local users to obtain sensitive information by leveraging knowledge of the TIMA key and a brute-force attack.
http://www.securityfocus.com/archive/1/537340/100/0/threaded
http://www.securityfocus.com/archive/1/537319/100/0/threaded