Transcript Mobile Operating System Security

Mobile Operating
System Security
A P R ESENTATION BY DA N I E L A DA M S
CS C 3 4 5
DR . BOX
A brief history
Palm OS
◦ First mobile operating system
◦ Released in 1996
◦ Lacked a file system
Windows CE
◦ Windows for embedded systems
◦ Also released in 1996
Symbian OS
◦ Released on Ericsson R380 in 1999
◦ First modern OS on a smartphone
A brief history
BlackBerry
◦ Released first smartphone in 2002
◦ Many business productivity applications
iOS
◦ Released in 2007
◦ Marketed as an “Internet communicator”
Android
◦ Version 1.0 released on HTC Dream in 2008
◦ Free and open source, developed by Google
Why should I worry about protecting my device?
oLoss of services
oLoss of data
oCompromise of privacy
oPotential fraudulent charges
Types of threats
Denial of service
◦ Unable to access resources
◦ Caused by bugs or attacks
Malware
◦ Not as prevalent on mobile devices as computers
◦ Can include
◦ Viruses
◦ Worms
◦ Trojans
◦ Rootkits
Safeguards
Malware prevention
◦ iOS: Apple must approve apps put on app store
◦ Android: Google scans apps put on store and on phone
◦ Windows Phone: Microsoft must approve apps put on app store
Malware removal
◦ Multitude of antimalware Android apps in app store
Secure Boot
◦ Uses known cryptographic signatures during boot to detect tampering by a rootkit
Safeguards
SELinux
◦ Security Enhanced Linux
◦ Used by Android to control access to resources
File Permissions
◦ Prevent processes from accessing whatever file they want
◦ Can stop malware from accessing critical OS files
Memory Protection
◦ Prevents processes from gaining higher privileges
Safeguards
Authentication
◦ PIN, passcode, pattern, facial recognition
◦ Thin layer of protection against theft
Device encryption
◦ Renders data on phone unreadable without key
◦ Virtually impossible to crack