...Operating Systems Vulnerabilities NAME POS 355 18 Mar 15 Carol Eichling Operating Systems Vulnerabilities As the reported number of security vulnerabilities continued to spike in the 20th century let us define a security flaw. A security flaw according to "Apple Security Flaw: What You Need To Know" (2014), "The flaw is in the way the operating system provides the essential services, known as secure sockets layer (SSL) or transport layer security (TLS). These two layers of security allow information to be transmitted worry-free between browsers and web servers, or between a mail server and mail client. SSL is in the form of encryption, which scrambles data sent over a network to keep it private. The second layer involves verification that the server is authentic." With the heighten computer security regarding vulnerabilities, the increase of user awareness and training users to not click on particular links is difficult yet feasible. Although most operating system has computer security protection, the tasks of protecting the systems from vulnerabilities are a daunting task because the operating systems are unique. Security flaw in Microsoft and Mac OS X® A known security flaw in Windows is called the Freak. The Freak security flaw allowed hackers to create a simulated middle person attacks on the encrypted secure sockets layer and transport layer of a security connections. It was discovered that hackers could force websites to weaken the system encryption...
Words: 843 - Pages: 4
...OS The security within an operating system is vital to the overall operation of your operating system, and in this case even more important to Windows OS because of how it is used across various platforms. The security within Windows is provided to protect your operating system from any unwanted visitors whether it be accidental or not (Stallings, 2015), but not all security is perfect. Sometimes security contains flaws and some flaws are bigger than others and some flaws can destroy your system from the inside out. These faults can be patched and some are so minute that they can be resolved with something as little as switching the settings. Switching the settings sounds like something that would never be a fault, but what happens when the fault that was created was man made. The fault that lies within Windows was a nuisance but the real issued lied with how many users decided to handle that nuisance. There are three different types of hackers trying to gain access to your system. These three hackers are called the Masquerader, the Misfeasor and the clandestine user. A Masquerader is someone who is not authorized but gains access and infiltrates your systems access controls to exploit your account ("Windows 7 Known Security Flaws", 2009). A Misfeasor is a person who has been granted access to data and resources but misuses and takes advantage of the information he has received ("Windows 7 Known Security Flaws", 2009). A clandestine user seizes control of a system and uses...
Words: 984 - Pages: 4
...Running head: SECURITY EXPLOITATIONS OF REAL TIME OPERATING SYSTEMS 1 Security Exploitations of Real Time Operating Systems in Embedded Systems Welton N. Spratley Southern New Hampshire University Running head: SECURITY EXPLOITATIONS OF REAL TIME OPERATING SYSTEMS 2 Security Exploitations of Real Time Operating Systems in Embedded Systems Abstract: Real Time Operating Systems that are currently used in embedded systems around the global community has seen an increase in the number of devices that are being employed using this technology. With the implementation of IPv6 , the number of IP addresses that are now available in order to support this boom in the use of embedded systems have also seen an increase in the types of operating systems that helps to manage these systems. However, this has created another area where malicious attackers can exploit some of the security flaws that can be found in these embedded systems. This research paper will outline how microkernels and monolithic kernels that are found in these real time operating systems have been exploited due to careless source code programming in their stack and heap memory areas. Some of these flaws can lead to buffer overflow of memory core areas which can lead to memory being overwritten and being replaced with other I/O or buffer underflow of memory which can lead to memory leakage. Disaster happens when an operating system fails to prevent the unauthorized usage of resources in relation...
Words: 662 - Pages: 3
...University of Sunderland School of Computing and Technology File Management System in Linux CUI Interface A Project Dissertation submitted in partial fulfillment of the Regulations governing the award of the degree of BA in Computer Studies, University of Sunderland 2006 I. Abstract This dissertation details a project to design and produce a prototype Linux character environment file manipulation assisting application. The application is offering a friendly menu driven interface to handle the jobs that non-programmers keep finding cumbersome to master when it comes to working in a Unix/Linux interface, resulting in serious mistakes and much loss of productive time. The Linux File Management System is a basic program for every user at a Unix/Linux terminal. Advantages here include the fact that the support team does not have to be burdened with solving simple file based queries by the employees. The areas of Designing GUI interfaces in Linux and Windows versus Linux Security were researched and a prototype has been designed, developed and tested. An evaluation of the overall success of the project has been conducted and recommendations for future work are also given. Words II. Table of Contents 1) Introduction.................................................................................................................................4 1.1 Overview.................................
Words: 17681 - Pages: 71
...Operating System Comparisons PRG/355 January 14, 2013 Steven Kernan Operating System Comparisons Table of Contents Introduction 3 Memory Management 3 File Management 4 Security 4 Conclusion 4 Reference 5 Introduction An operating system (OS) is software that manages the hardware and software resources of a computer system. Basically an OS is a set of libraries or functions which programs may use to perform specific tasks relating to interfacing with computer system components (The Computer Technology Documentation Project, n.d.). Advantages and disadvantages exist in every operating system. Reviewed in this paper is a comparison of some of the primary responsibilities of popular operating systems. The review includes Unix/Linux, Mac, and Microsoft Windows operating systems. Memory Management An important function of the OS is to manage the computer systems memory. Programs, processes, and resource do not simply float around in memory haphazardly. Memory is shared among these processes and resources. Accordingly, managed by the OS is an organized structure of locating processes in computer memory locations. The two primary types of memory controlled by an OS are main memory and virtual memory. Main memory is… (need general definition). Virtual (secondary) memory is… (need general definition). Intended memory management requirements include relocation, protection, sharing, logical organization, and physical organization. Processes may...
Words: 1019 - Pages: 5
...There to Worry About? An Introduction to the Computer Security Problem Donald L. Brinkley and Roger R. Schell This essay provides an overview of the vulnerabilities and threats to information security in computer systems. It begins with a historical presentation of past experiences with vulnerabilities in communication security along with present and future computer security experiences. The historical perspective demonstrates that misplaced confidence in the security of a system is worse than having no confidence at all in its security. Next, the essay describes four broad areas of computer misuse: (1) theft of computational resources, (2) disruption of computational services, (3) unauthorized disclosure of information in a computer, and (4) unauthorized modification of information in a computer. Classes of techniques whereby computer misuse results in the unauthorized disclosure and modification of information are then described and examples are provided. These classes are (1) human error, (2) user abuse of authority, (3) direct probing, (4) probing with malicious software, (5) direct penetration, and (6) subversion of security mechanism. The roles of Trojan horses, viruses, worms, bombs, and other kinds of malicious software are described and examples provided. In the past few decades, we have seen the implementation of myriads of computer systems of all sizes and their interconnection over computer networks. These systems handle and are required to protect credit data, justice...
Words: 13185 - Pages: 53
...from this company. The company does not wish to release any security related information per company policy. Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw (U.S. Airforce) therefore my assumptions on the network diagram shows that there are vulnerabilities that may exist as a weakness in the automated systems, security procedures, administrative controls, and /or internet controls of the finance company there could also exist hardware vulnerabilities that could lead to unprotected storage of hardware the solution is to store all hardware at the recommended temperature, software vulnerability can occur with insufficient testing and a lack of audit trail solution will be to test and secure all software used and update software as appropriate, audit trails enable security relevant chronological records of activities that occur in the software. There could be network vulnerability with unsecure network architecture and unprotected communication lines the solution will be to install and configure network security equipment to curb these issues. Personnel can be compromised and may be used to create problems either directly or indirectly on the system a solution will be proper recruiting of staff and security awareness training there could also exist organizational vulnerabilities such as lack of security within the organization the solution will be to secure the organization...
Words: 964 - Pages: 4
...Three operating system – Windows, Mac OS X, and Linux- dominate the world of computing today. Windows is the most popular out of the three with having 90 percent of the operating market share. It is in Commercial buildings, Industrial facilities, as well as home computer. Widows, having been introduced in 1985, is a very mature and complete piece of software. Yet, it has its flaws. Apple’s Macintosh OS is even older than Windows. It’s the first successful graphical-based OS, It was released a year before it’s Microsoft counterpart. Linux has the unlikely origin of being the hobby project of finnish university student Linus Torvalds. The Linux kernel was first released independently in 1991. But what really sets them apart? Each operating...
Words: 789 - Pages: 4
...Network Security & Ethical Hacking ------------------------------------------------- ------------------------------------------------- Neal Patrick and his friends did not realise they were doing anything unethical, in fact: when asked by Congress “At what point he questioned the ethics of his actions” – he answered “Once the FBI knocked upon my door.” “I have found that inadequate network security is usually caused by a failure to implement security policies and make use of the security tools that are readily available. It’s vital that companies complete professional risk assessments and develop comprehensive security plans and infrastructures that are publicly supported by upper management” Network security is not only about the WAN (Wide Area Network) but also the LAN (Local Area Network) as the two go hand in hand. It is possible to not only have an attack from the Internet but also internally. The moment any form of computer device becomes network capable or dependent of some form of network function, there is a given need for protection to safeguard the flow of information to and from the said device on a given network whether public or private and/or from a trusted to non-trusted source. The problem with locking down a network tightly is the administrative overhead it creates. The more secure the network becomes the greater the need is for someone or a team to administrate this. Eventually you would reach a point where it becomes impossible for the end-user...
Words: 5261 - Pages: 22
...other additional software. The Linux kernel is based off the Unix kernel and system originally developed in 1969 by a group of AT&T employees at Bell Labs. The Linux kernel was not developed until 1991 and is written in a version of the C programming language supported by GNU Compiler Collection. Version 3.0 of the Linux Kernel released on 2011, with no major changes initially from past versions but was built for the future. With the Linux kernel being open-source, security is a much criticized topic in relation to the Linux kernel, because a large number of bugs in the kernel can be potential security flaws, whether they allow privilege escalation or create denial-of-service attacks. Over the years, Red Hat Enterprise Linux has had numerous such flaws that were found and fixed in Red Hat’s version of the Linux kernel. New security features are continuously implemented to address computer insecurity issues in the Linux kernel. Although the creator of the Linux kernel, Linus Torvalds says he personally consider security bugs to be just 'normal bugs'. The current version Red Hat Enterprise Linux has evolved from its predecessors with major hardware advances, reducing system power consumption, taking advantage of hardware with greater numbers of processing and memory resources, and withstanding hardware failures better. Red Hat Enterprise Linux is said to deliver one of the best operating system for data centers over its other Linux competitors....
Words: 368 - Pages: 2
...Mobile Device Attacks and Their Effect on Your Personal Privacy CIS 4680- Security Issues Paper (Group 6) Over the last decade, smartphones have become more and more popular as the new handheld PC. With its processing power catching up with the PC, it brings much convenience to people’s daily life from fast access to latest information to efficient financial activities. However, with this increase in use of these functions, more security threats have aroused surrounding smartphones. As the mobile operation systems in different devices become more, it is opens more possibility for fast virus propagation and large scale damage. There have been several attacks targeting smartphones and it is a trend that hackers are moving the battlefield from PCs to smartphones because of promising profit and smartphones’ limitations for antivirus work. Hackers are migrating to the new smartphone platform for many reasons. Not only is the profit from smartphone hacking increasing, but as more consumers link their personal accounts (email, social networking, financial, etc.) to their smartphones, the private information of the users opens a window of opportunity. Hackers can infect smartphones to record phone calls, send and delete data messages, and spy on your phone’s activity. It does not only pose great security threats, but also causes an economic loss to common users. This definitely becomes a major issue when businesses are also taking advantage of the portable PC power of smartphones...
Words: 3045 - Pages: 13
...Security Issues in Smartphone Markets Are you buzzing about the new Verizon Blackberry Storm or the T Mobile G1? They are the new crave and everyone wants one right? What these owners many not know are the security risks that surround the raving technology. Most of the unawareness starts at companies and customers not placing more significance on security as smartphones get smarter. Although a smartphone may not be at greater risk than a PC, some security issues and risks are still present with PDA’s and smartphones. In the United Kingdom, a whooping 800,000 people were the victim of mobile phone theft in 2006. Even though 90 percent of these phones deactivated within 48 hours, what happened to the other 10% of users that lost data to the crime. Smartphones are linked to the corporate network and are as vital as a laptop on the company network. Also, you cannot stop your employees from having accidents by underestimating these devices. Mobile phone operators can stop SIM cards and stop expensive calls from being made. However, a smartphone differs from regular mobile phones. Executives carry all kinds of information on the device, from confidential announcements, to financial results and business in progress. If any of these were ever lost, it could result in the lost of business and trust within company IT infrastructures. It is important to recognize the dangers before permitting a full mobile device network within the company. When sending emails, texts, and...
Words: 2337 - Pages: 10
...vs Open Source versus Closed Source Open Source versus Closed Source There are basically two types of operating systems when it comes to how the code is handled. These are open source operating systems and closed source operating systems. One isn’t necessarily better than the other, but they both have situations and areas that they work best in. Open source isn’t for everyone, and neither is closed source. It’s always better to have both sides available so there is some variety. Open source and closed source operating systems have are completely different, almost like night and day. Closed source operating systems like Microsoft Windows, for example, are developed by an individual or a company. The final product is available to run on a system, however all the source code, the recipe for the operating system, is kept secret and no one except the developers have access to it. The closed source operating system is exactly the opposite, because the source code is made readily available to the user, and if they have programming knowledge, they can debug it and tweak it into their own style. Basically they can personalize it to fit what suits them and their needs. Closed source operating systems, such as Windows can definitely meet the needs in a market. Because people pay for closed source operating systems, they can be guaranteed to get documentation and support for the software. One bad thing about closed source software is that developers often rush it...
Words: 668 - Pages: 3
...pcworld.com, cyber thieves will use Patch Tuesday which is Microsoft’s monthly release of its security fix-ups as an opportunity to find flaws in Windows XP. Many of flaws in Windows XP are usually true for all types of Windows. As Microsoft pointed out its security weakness in Windows Vista, Windows 7, and Windows 8 cyber thieves will then be out attempting to reverse-engineer the patches to find the fragile places in the Windows. They will then check if the exact same type of vulnerability is present in the Windows XP system and use it to their liking....
Words: 611 - Pages: 3
...improved features. For open source programs to be reliable, licensing has to be approved by Open Source Initiative, which is a corporation that certifies shares and promotes open source software. Where Open Source Came From Open Source began with the Hacker’s society of the United States computer science lab in Stanford MIT in the late 1960’s. It was a collective were members shared their code with other members. This would allow members to use each other’s knowledge to improve their own interest. In the 1980’s the Hackers Society began to fall apart after the members were hired by commercial companies to produce systems that required users to purchase a license in order to use them. Later they left those commercial companies and recreated the hackers’ society. One of the first open source systems was a Unix compatible operating system named GNU by Richard Stallman. What The Open Source Is Open source is similar to “free software”, but the open-source users are generally able to view and modify the source code, and they are also allowed to redistribute the software. Open Source does not just mean to access the source code; the distribution of open-source software must comply with certain criteria. The License cannot restrict any party from selling or giving away the software. The program must include the source code as well as compiled form. The license must allow...
Words: 1941 - Pages: 8