Similar way to secure smart phones and tablets?
I was going to do this as a blog post but I thought I get some feedback first. To see if its good enough to publish at all.:unsure:
Similar way to secure smart phones and tablets.
One way to move away from the problem of the malware ridden Windows platform was to run a Linux LiveCD. Why not use a similar approach to secure smart phones and tablets? The method works by bypassing any contaminated apps that have been installed on the user system by booting and running a minimal default system. Ideally the second system would be on a read-only media but a secure write protect system is perhaps good enough. Here the user can not install anything to compromise the system.
To make it as simple as possible one can add a button to restart the device and to run the secure system, like a built in splashtop in a dualboot configuration.
This method does not exclude the need for checking the applications in the appstore. However when security matters. When we do online banking and other money transactions we need to have a dedicated device. Be it a PC, smart phone or tablet.
Comments
-
The concept is good, however the issue you will face with read-only mediums is not being able to upgrade applications to patch known vulnerabilities. If you are using a read-only medium you can be open to old vulnerabilities between reboots, in which any successful exploitations will not resume after the next reboot, but will remain active until that point doing as they wish.
I think the best approach would be to build a mobile OS that has a clean core which can effectively jail or sandbox all applications from any resources that they do not list in the dependency/library list that the user must acknowledge prior to installation.0 -
Thanks for the input. The problem with user acknowledgement is the rather large potential for mistakes. They have to know what there doing.
What I meant is that you have essentially the same mobile OS twice. Both can be updated through a trusted system but user manipulation ( installing all kinds of apps ) is restricted on the secure system. This could also work as backup system if the user somehow trashes it.0 -
I think I understand what you mean, basically have a user mode and a Read-Only secure mode that a user can easily switch between by physical button, if the user does something wrong then they can "reset to factory state" which in effect will write the Read-Only image into the user mode effectively resetting the device to a base state.
Is that assessment correct?0 -
Yes as a last resort this should be possible. Like the uses for a liveCD the user should also be able to run the device in the secure mode. I hope this method has the affect of bypassing any installed apps that are bad.
Running in the secure mode should not require you to reset the device, it could be that the user with his jail braked smartphone wants a secure environment to conduct money transactions.0 -
I don't see it practical: rebooting everytime you want to access something in particular? Not for me, thanks.
Besides, if your devices gets "hacked" you can always flash a firmware image
Regards0 -
For me I'd chose tablet and I reboot it everytime I want to access something. Thanks
Upcoming Verizon Phones
New T-Mobile Coming Soon0
Categories
- 9.9K All Categories
- 29 LFX Mentorship
- 82 LFX Mentorship: Linux Kernel
- 465 Linux Foundation Boot Camps
- 266 Cloud Engineer Boot Camp
- 95 Advanced Cloud Engineer Boot Camp
- 43 DevOps Engineer Boot Camp
- 28 Cloud Native Developer Boot Camp
- 1 Express Training Courses
- 1 Express Courses - Discussion Forum
- 1.6K Training Courses
- 17 LFC110 Class Forum
- 3 LFC131 Class Forum
- 19 LFD102 Class Forum
- 127 LFD103 Class Forum
- 9 LFD121 Class Forum
- 59 LFD201 Class Forum
- 1 LFD213 Class Forum - Discontinued
- 128 LFD232 Class Forum
- 23 LFD254 Class Forum
- 544 LFD259 Class Forum
- 100 LFD272 Class Forum
- 1 LFD272-JP クラス フォーラム
- 1 LFS145 Class Forum
- 20 LFS200 Class Forum
- 739 LFS201 Class Forum
- 1 LFS201-JP クラス フォーラム
- 1 LFS203 Class Forum
- 34 LFS207 Class Forum
- 294 LFS211 Class Forum
- 53 LFS216 Class Forum
- 45 LFS241 Class Forum
- 39 LFS242 Class Forum
- 33 LFS243 Class Forum
- 10 LFS244 Class Forum
- 27 LFS250 Class Forum
- 1 LFS250-JP クラス フォーラム
- 131 LFS253 Class Forum
- 958 LFS258 Class Forum
- 10 LFS258-JP クラス フォーラム
- 85 LFS260 Class Forum
- 124 LFS261 Class Forum
- 29 LFS262 Class Forum
- 78 LFS263 Class Forum
- 15 LFS264 Class Forum
- 10 LFS266 Class Forum
- 17 LFS267 Class Forum
- 16 LFS268 Class Forum
- 14 LFS269 Class Forum
- 193 LFS272 Class Forum
- 1 LFS272-JP クラス フォーラム
- 205 LFW211 Class Forum
- 148 LFW212 Class Forum
- 890 Hardware
- 212 Drivers
- 74 I/O Devices
- 44 Monitors
- 115 Multimedia
- 206 Networking
- 99 Printers & Scanners
- 85 Storage
- 747 Linux Distributions
- 88 Debian
- 64 Fedora
- 13 Linux Mint
- 13 Mageia
- 24 openSUSE
- 133 Red Hat Enterprise
- 33 Slackware
- 13 SUSE Enterprise
- 354 Ubuntu
- 468 Linux System Administration
- 38 Cloud Computing
- 67 Command Line/Scripting
- Github systems admin projects
- 93 Linux Security
- 77 Network Management
- 107 System Management
- 48 Web Management
- 61 Mobile Computing
- 22 Android
- 25 Development
- 1.2K New to Linux
- 1.1K Getting Started with Linux
- 525 Off Topic
- 127 Introductions
- 211 Small Talk
- 19 Study Material
- 782 Programming and Development
- 256 Kernel Development
- 492 Software Development
- 919 Software
- 255 Applications
- 181 Command Line
- 2 Compiling/Installing
- 76 Games
- 316 Installation
- 46 All In Program
- 46 All In Forum
Upcoming Training
-
August 20, 2018
Kubernetes Administration (LFS458)
-
August 20, 2018
Linux System Administration (LFS301)
-
August 27, 2018
Open Source Virtualization (LFS462)
-
August 27, 2018
Linux Kernel Debugging and Security (LFD440)