Static OS Environments – CompTIA Security+ SY0-401: 4.5

| September 16, 2014 | 0 Comments


We are surrounded by static operating systems, and the number keeps growing. In this video, you’ll learn about the static operating systems, iOS, Android, smart television operating systems, and more.

<< Previous Video: Embedded System SecurityNext: Mitigating Risk in Static Environments >>


As security professionals, we spend a lot of time securing our desktops. That would be our Windows devices, our Mac OS X, or our Linux devices. But there are a number of static operating systems that we must consider before truly going to secure the entire enterprise.

Static devices are those where the operating system and the hardware are tightly coupled together. In fact, we look at these devices and often consider them appliances, or standalone units, because it’s so difficult to detach the operating system itself from the hardware. In fact, it’s very difficult in these environments to install a different operating system because of this tight coupling.

If you need to get updates or upgrades to these devices you always have to go directly to the manufacturer. There’s not going to be a third party that makes updates for these devices because they are so specialized and you have that tight coupling between the hardware and the software. This ranges from mobile devices, like the one pictured here, to game consoles, and smart televisions, and many other devices as well.

We sometimes don’t even think about these devices as being full blown computers. We just think about the television that we’re watching. But behind the scenes, there’s an entire operating system with many different functions that are going on.

A popular mobile operating system is one from Apple called iOS. iOS is an operating system that works across many of the Apple products, such as iPods, iPhones, and iPads. This is definitely a closed operating system. You don’t have access to change anything in the OS. You can’t make updates to the operating system independently. All the updates and all of the changes to the operating system come directly from Apple.

The iOS operating system was originally derived from Unix. So if you had a way to look under the hood you would see a Unix engine at the heart of iOS.

If you need to get applications to run on this particular platform then you need to get them from Apple’s App Store. There’s one place to go to get any of the downloads that you would need to run on this device. It is very centralized.

And so developers must submit their application to the App Store so that all of the users can then download that. There’s no other mechanism in place to get applications for these iOS devices.

At first glance, it seems that this closed environment would be a hindrance for application developers. But from a security perspective, this closed environment actually helps make things more secure. Since there is a single gateway to the App Store, and everything must be approved before getting on the App Store, it means that the applications tend to be more secure once the users begin downloading them.

Another popular mobile operating system is Android. Android is from the Open Handset Alliance. And Google plays a very large part at leading the direction of where Android goes.

This is certainly a more open model than Apple’s iOS. And this is an open-source operating system. It was designed from the very beginning to provide more of an open architecture for these mobile devices.

The application distribution system, then, is not completely centralized. You can certainly go to the Google Play front end to be able to download your applications. But application developers could simply install the software on their web server. And you could download that software directly into your Android device.

Because of this, the Android operating system tends to be more susceptible to malware. Because now the bad guys can fool you into downloading the software directly from the bad guys website.

This doesn’t mean that the malware has access to all of the data on your Android device. In fact, the Android operating system was built with Sandboxes in place so that the applications only have limited access to the data. And you must grant them additional access if that’s what you’d like to do. This gives the user a lot more control, and limits the scope of what malware could do on this mobile device.

Our new generation of televisions provides us with a number of different capabilities. You may see these smart televisions referred to as connect TVs, or hybrid TVs. And that’s because they’re more than just a television. They provide us with streaming capabilities for audio and video. We can get video on demand directly from our television, instead of using a separate set-top box.

There’s even games and other types of applications that you could run right on your television without needing an antenna or any other input into the TV. You simply plug-in an ethernet connection, or you connect it to your wireless network, and it now has all of these capabilities available to it.

Under the surface these televisions are running a Linux kernel. So as a security professional we have to be concerned about the applications that are running on top of that Linux kernel, like Java, JavaScript, or HTML5. We have to keep in mind that the applications themselves are susceptible to tampering and malicious activity. So this becomes another entry point into our environment that we must secure.

This means, if we’re using this television in something like a conference room– to do video conferencing– we may want to consider removing or disabling all of the additional smart TV features. That way we can still use the primary display capabilities of the device, but we can avoid having any application perform anything malicious inside of our network.

These obviously are proprietary hardware, with proprietary software running on them, which certainly fits the scope of the static computing environments. We’re using these mainframes for very large scale applications. If we need to store large amounts of data, and be able to process that data, mainframes excel at providing us with those CPU cycles necessary to handle these extremely large data sets.

They’re extremely reliable. There’s redundancy built into the hardware and into the operating system itself. It’s not uncommon to have these mainframes continue to run, unaided, for decades at a time.

It’s very difficult to find an attack that would have been specifically written for a mainframe. These mainframe operating systems have been around for a very long time, and they tend to be very secure. We also have the luxury that there aren’t a lot of mainframes out in the world. So the malware authors aren’t going to spend a lot of time developing attack code that’s only going to be able to reach a handful of systems.

If there are attacks to a mainframe, these tend to be more on the inside of the network. And they tend to go after very specific types of information. Since so much data is stored on these mainframes, it is a very attractive site for somebody who wants to gather all of that very important data and remove it, or take it somewhere outside of the organization.

One of my favorite static operating environments is that of the game console. This is almost like running a personal computer right next to your television. In fact, for something like Xbox and PlayStation, we really are running versions of Windows and Linux on these devices.

They have storage capabilities. There’s advanced graphics display capabilities, a very powerful CPU is inside of these devices. If you weren’t running this as a game device, it would make a very good file server.

Many people, in fact, will route or jailbreak these devices so that they can use them to do other things as well. These devices were not designed to work this way, and the manufacturers certainly don’t recommend you do this. But if you know what you’re doing you can build a system that provides you with some additional capabilities using this very powerful hardware.

These devices are very network oriented. They use the network to be able to connect to other gaming systems, and to be able to download games and updates to the operating system of the game console. Because of this, this might not be the best use on a corporate network because you don’t have control over patching, and being able to secure the operating system itself on these game devices.

Tags: , , , , , , , , ,

Category: CompTIA Security+ SY0-401

X