Anonymous operating systems: Review and comparison of the best. Which operating system to choose for your computer - comparison and selection of the best Safe OS for your computer
01/09/2017, Mon, 14:07, Moscow time , Text: Vladimir Bakhur
According to CVE Details, the most problematic OS in terms of the number of vulnerabilities was Google Android, far surpassing last year’s “leader” in the number of bugs. Apple Mac OS X, numerous versions of Linux and leaving the family far behind Microsoft Windows.Android OS is one of the leaders in leaky statistics
According to the database of the CVE Details website, which tracks and systematizes the security of various software products due to code errors, the Microsoft Windows family demonstrated the lowest level of vulnerabilities among operating systems over the past year. “leaving” ahead Apple Mac OS X, numerous versions of Linux and the “leader” in the number of detected vulnerabilities – Google Android.
According to CVE Details statistics from last year, the “leaders” in the number of detected bugs were Apple Mac OS X (444 vulnerabilities) and iOS (387). In 2016 these OS moved in the top 50 ranking of the most vulnerable software to 11th and 15th places with 215 and 161 detected vulnerabilities, respectively.
The most leaky OS of 2016, Google Android, on the contrary, had only 125 detected vulnerabilities in 2015, thus increasing the sad figures by more than four times in just one year.
The most frequently discovered vulnerabilities in Android in the past year were escalation of privileges (39.8%) and denial of service (25%). It is also important to note that among the 523 bugs detected, 254 had a CVSS (Common Vulnerability Scoring System) vulnerability rating of 9 points or higher, which in practice means a very high degree of severity of such bugs.
The top three “absolute leaders” in 2016 in terms of the number of vulnerabilities also included Debian Linux and Ubuntu Linux with 319 and 278 detected bugs, respectively. Fourth place went to the multimedia player Adobe Flash Player with 266 bugs, although in 2015 it occupied a higher third place with 329 vulnerabilities.
CVE Details Statistics 2016
And, on the contrary, the OSes of the Windows family that are most often “rejected” for bugs took far from the “prize” places this year.” Thus, Windows 10 “accumulated” 172 bugs, Windows 8.1 – 154, Windows 7 and Windows Vista– 134 and 125 detected vulnerabilities, respectively.
Among the server versions, the most vulnerable (ranked 16th) was Windows Server 2012 with its 156 bugs, Windows Server 2008 took 22nd place with 133 vulnerabilities.
CVE Details statistics on browsers in 2016 also noted the most vulnerable Google Chrome with its 172 bugs. It is followed with a significant lag Microsoft Edge(135), further Mozilla Firefox(133), Microsoft Internet Explorer(129), and at the very bottom of the list at 44 positions is Apple Safari (56).
Office Microsoft package Office took the penultimate, 49th line of the rating with 48 vulnerabilities discovered in 2016.
2016 CVE Details Statistics by Vendor
A cross-section of CVE Details top 50 statistics by company brought Adobe to first place in 2016 with a total of 1,383 bugs for all of the company’s products mentioned in the ranking ( Flash Player, varieties of Acrobat Reader and Acrobat). Second place went to Microsoft with its 1,325 bugs, third place went to Google (695 bugs), fourth and fifth places went to Apple (611) and Red Hat (596).
Specifics of the CVE Details vulnerability accounting methodology
The CVE Details database takes into account software vulnerabilities if they have been officially registered in the Common Vulnerabilities and Exposures (CVE) database of the MITER Corporation - a non-governmental, non-profit organization from the United States that manages federally funded research with support from the Department of Defense, the Federal Aviation Administration, the Department of National Aviation safety, National Institute of Standards and Technology
Independent analysts specifically emphasize that, despite the intriguing data from CVE Details, they should be taken in a certain, proper context. Assigning to any individual software product A unique indicator of vulnerability, CVE allows users to ensure that the software has ultimately received adequate updates and protection against identified vulnerabilities.
However, CVE numbers are completely irrelevant to any product safety ratings. In other words, by analogy with medicine, the number of visits to the clinic does not at all mean the patient’s health rating.
Not all CVE assessments are equal in terms of the severity of vulnerabilities. Moreover, a number of software manufacturers release product updates without providing CVE ratings.
Are you looking for the most secure Linux distribution that will be secure and provide strong privacy for your operating system?
Here are the 15 safest Linux distributions for privacy and security users.
Well, you may already know that the operating system is the main software that allows you to interact with your computer's hardware and software. It controls all the hardware and communicates with the processor and memory.
Top 15 most secure Linux distributions
The number of Linux users is growing every day. Their peculiarity is that they are less common than other operating systems. Still, they are working on being more technical in the coming days.
Here is a list of the most secure Linux distributions that are "specifically focused on Linux security." This means that this article is written specifically to focus on Sharp Security, which is more of a Linux user's concern
1. Cubes OS | Qubes Linux
If you're looking for the most secure Linux distribution for your desktop, Qubes comes out on top. Why? Well, Qubes is a Fedora-based operating system focused on desktop security. This OS will protect you by isolating and virtualizing various virtual machines separately.
Suppose you downloaded malicious software without immediately realizing what the software was? Or you don't know if it's safe or not. Don't worry, Qubes OS plays a role here. Cubes isolate your other personal files from malware without causing damage. This is cool, isn't it? Please note: This OS is best suited for advanced users. Therefore, if you are a beginner, you will find it difficult to operate this system.
2. Tails Linux
Tails is one of the best and most secure Linux distributions after Parrot Security OS. Tails was first released in 2009. This operating system is designed specifically for personal computers. If you're looking for an OS that will keep you safe while browsing the Internet, Tails takes the top spot.
It is a live CD and a pre-installed operating system with the Tor browser package using the onion scheme. Since all outgoing connections go through Tor, it allows you to use the Internet anonymously and no matter what you do, it never leaves any trace.
Tails OS does not use hard drive space, it only uses the required space in your random access memory, but it will be deleted automatically when the system shuts down. It can be used as live DVD or live USB. It will be more convenient to boot from a flash drive rather than from a DVD. However, there are some problems with this OS. Lately, most of the users claim that installing Tails requires 2 USB drives, which is boring.
3. Parrot Security OS
Parrot Security OS was developed by FrozenBox and released in 2013. This software is a game changer when it comes to the security and privacy of a computer's operating system. Parrot Security OS is specially designed to test an authorized simulated attack on your computer system, which helps you evaluate your system's vulnerabilities, whether it is strong enough or not.
It comes with a fully portable lab that keeps your system safe from any unwanted diseases while surfing the internet, browsing anything, playing a game, etc. Again, if you are a forensic expert, then this operating system is the best...
4. Kali Linux
Kali Linux It is a pre-installed Linux distribution built on Debian, specially designed for Pen Testing and Forensic Experts. Kali comes with a package of tools like -Aircrack-ng, Ettercap, Foremost, Wireshark Kismet, Maltigo and many more that help you in many ways like exploiting the victim's network or application, network discovery or identifying the target IP address. address.
Not only does Kali include Armitage's graphical cyber attack tool that allows you to dine and exploit, exploit recommendations, and advanced Metasploit Framework counter capabilities. Kali Linux is considered one of the safest Linux distributions for developers.
Like Tails, this OS can also be booted as a live DVD or USB drive and is easier to use than other OSes available. Whether you are using 32 or 62 operating systems, Kali Linux can be used on both. This OS requires a minimum of 512 MB of RAM and 10 GB of hard drive space.
5. Wonix | Whonix Linux
If you want to hide your IP address, then Whonix is perfect for you. Whonix is a Debian-based operating system focused on anonymity, privacy and security. Whonix provides security through isolation. It is an operating system that explicitly uses the principle of isolation to provide security, privacy and anonymity.
This operating system is developed by two main programs. One work station, and the other is Gateway. The gateway acts as an intermediary here and forces all connections to go through the Tor network. So, there is no possibility of IP address leakage and this is how Whonix OS protects you.
6. Discrete | Discreet Linux
You may be trying to keep your data safe and still find the best security distribution for your Linux operating system. Let your fears fly away. Here you have Discreete Linux OS, which is said to be one of the most secure Linux distributions to protect your valuable data.
This OS does not work with the Internet during operation, which separates data and cryptographic keys to protect against an unreliable network. Another one interesting thing this is that this OS is purely a live system, so you don't need to install it on your computer, you can quickly run it from a USB drive.
7. Linux Kodachi | Kodachi
Do you like to remain completely anonymous while surfing the Internet? Then Kodachi Linux is one of the best and most secure Linux distributions that you would like to have. Many users say that it is the most secure Linux distribution they have ever owned. Personally I've never tested it though. This operating system comes with Tor, VPN and DNSCrypt and can be easily booted from a DVD or USB drive.
You can select your exit country when you go online. This operating system contains many other useful applications, such as Pidgin Internet Messenger Transmission VirtualBox Geany, FileZilla and many others. Finally, I must say that this operating system comes with everything you need to protect the user.
8.BlackArch Linux
BlackArck Linux is a new security distribution for Linux specially designed for pen testing and security. It offers a huge number of tools, even twice as many as Kali Linux.
They can be installed individually or, if you prefer, you can install them in a group as well. This operating system is easy to use. This OS is lightweight enough that you can run it on any hardware.
9. Heads OS
Heads is a free security distribution based on GNU Linux. This OS is significantly smaller than others and is easier to manage. Executives only use free software, which means this OS values user and community freedom more.
Like the other OSes above, Heads also uses Tor to keep you anonymous while surfing the internet. All your traffic goes through Tor by default, but they give you the option to stop it if you want. Leaders always prioritize their users.
10. Subgraph | Subgraph OS
Like Tails, Subgraph Operating System is also a Debian-based operating system that prevents surveillance and interference by sophisticated Internet adversaries. This OS is for everyone. Its GNOME-based desktop environment is incredibly user-friendly.
Talking about security and privacy, this security distribution prevents attack with intelligent access control; Preventing memory corruption exploits using a patch set (grsecurity patchset and Pax). The Grsecurity patch set provides a security suite such as address space protection, advanced auditing and process control
11.IprediaOS
This security distribution is useful for web browsing, sending Email, chat and share any files over the Internet anonymously. All connections are made through I2P software.
Unlike other distributions, IprediaOS supports TORRENTS. This operating system is competitively faster than Tor, even if you are going to use it on your old computer, this OS will work well on that too.
12. PureOS
If you are looking for a user-friendly security distribution that will allow you to change it freely. Then it's PureOS. PureOS is free software that provides a security package including search engine Duck Duck Go.
This will protect your privacy by avoiding private search results. Since this is free software, you can download it without purchasing anything. You can request its source code, even if you are allowed to change it.
13. Openwall GNU / * / Linux
Openwall is a secure distribution-based Linux operating system specifically designed for servers and applications. Openwall provides security by reducing flaws in its software components through the Openwall patch (best known as (not exec stack patch). It is a free server platform designed to do this.
14. Alpine Linux
Alpine Linux is the most secure Linux distribution based on mus libc and BusyBox. It's as light as you'd think. Its base system size is around 5MB, which is smaller than other systems available out there. And that is why this Linux distribution is so popular.
Another component of BusyBox includes many tools and very few of them are bunzip2, bzip2, less, lzma, unlzma, vi, wget. These tools are in the Alpine base image, which are not in the Debian base image. This APK app manager is much faster than others and very easy to use.
15. Container | Container Linux (formerly CoreOS)
If you like to work on different machines and update machines without downtime, then Container Linux (formerly CoreOS) is your Linux distribution. Linux Container is a lightweight Linux distribution designed for clusters and servers. This security distribution is becoming popular these days because it is easy to deploy, manage, and run containers. Previously, CoreOS only supported the Dockers platform, but recently it supports rkt (Rocket) as an alternative to Docker. This software updates automatically when an update is needed, increasing security.
Research on the topic: which OS is safer?
Alexander Antipov
A.Yu.Shcheglov, Doctor of Technical Sciences, Prof.
CJSC "NPP" Information Technology in business"
www . npp - itb . spb . ru
Recently, publications have increasingly appeared on the topic of which modern OS is safer. This is due to the fact that security today is becoming the most important consumer property of both system tools and applications. Developers of system tools are forced to pay more and more attention to security issues in order to increase the competitiveness of their product. But what do they get out of it? What is actually “hidden” behind the laudatory declarations of manufacturers? Does it make sense in principle to compare the security of modern universal operating systems from different manufacturers today, and if we compare, then how? Is it possible in principle to create a secure universal OS?
What makes up the security of a system tool?
The security of a system tool in the general case can be assessed from two completely different (by no means completely interrelated) positions. On the one hand, the security of a system tool can be characterized by the level of functional security it achieves - a set of functionality (tools, mechanisms, etc.) designed to solve information security problems. The level of functional safety can be assessed by analyzing the sufficiency of protection mechanisms in relation to the operating conditions of the system tool, and the correctness of their implementation. Naturally, both the insufficiency of the mechanisms and the incorrectness of their implementation conceal the vulnerability of the system tool. Note that it is the level of functional security of a system tool that is determined during its certification according to the requirements (in terms of fulfilling the corresponding set of requirements) of information security. On the other hand, ultimately, for the consumer, the interest is not only (and perhaps not so much) in some hypothetical expert assessment of the effectiveness of protection mechanisms, based on the analysis of architectural solutions, but, namely, the operational safety of the system tool - the real level of security provided systemic tool during its practical operation, because Only on the basis of the results of practical use of the product can an objective assessment of its safety be given. The importance of this assessment is also determined by the fact that when forming it, such parameters of protection effectiveness can be taken into account that are in no way related to architectural decisions, such as the quality of development of the system tool and its technical support manufacturer.
In this work, we focus on the issues of assessing the operational safety of modern universal operating systems.
An approach to assessing the operational safety of a system tool.
As a criterion for operational (real) safety of a system tool, it is advisable to consider the coefficient of its readiness to ensure information protection during operation, or the probability that at any given time a system facility is in a safe state . Then the failure rates and protection recovery rates should be considered as the main protection parameters.
Under "protection failure" Let's understand the detection of a system tool's vulnerability. The presence of a vulnerability makes this tool unprotected until it is fixed by the manufacturer of the system tool.
Under "restoration of protection" we will understand the manufacturer's elimination of a detected vulnerability in a system tool. eliminating a detected vulnerability restores the security of the system tool (assuming that there is only one vulnerability).
Under "protection failure rate" Let us understand the intensity of detection of vulnerabilities in a system tool per unit of time.
Under "protection restoration intensity" after a failure, we will understand the intensity of eliminating vulnerabilities in a system tool per unit of time (the reciprocal of the time of eliminating vulnerabilities).
Under these assumptions, to assess the operational (real, or true) safety of a system facility, a mathematical model can be constructed using the apparatus of queuing theory (by analogy with how, for example, this is done in reliability theory, because, ultimately, in relation to to a means of information security, reliability is a property this tool provide protection for a specified period of time).
Let's build a model to quantitatively assess the operational safety of a system tool.
Let us assume that the detection of vulnerabilities - security failures - is described by a Poisson incoming flow (describes the most random events, which is what happens in practice), the total intensity of which will be denoted by:
Let us also assume that the time to eliminate the vulnerability—to restore protection—has an exponential distribution with intensity:
Now about the model itself (SMO). Let's consider the following hypothetical situation - any detected vulnerability is immediately sent for maintenance (elimination). No queue of unfixed vulnerabilities is formed, i.e. We will consider a system (SMO) with an infinite number of servicing devices.
Comment. This assumption allows us to state that the model will describe a hypothetically ideal (unattainable) situation for modern operating systems, i.e. the calculated values will be no worse than the real ones (we estimate the upper limit). The fact is that in practice, the situation of a developer simultaneously (fully or partially) fixing several vulnerabilities is extremely rare.
Under these assumptions, the calculation formula for the probability that the system contains exactly n requirements (or n present unfixed vulnerabilities) looks like this (see p. 159 in the book by T. Saaty. Elements of the theory of queuing and its applications. - M.: Publishing house "SOVIET RADIO", 1965. - 511 p.):
Taking into account the fact that:
(i.e. the system must always be in some state) we can determine the parameter we are interested in - the criterion of operational safety - the probability that the system does not have requirements n = 0, i.e. there are no unpatched vulnerabilities, or the probability that the system is in a secure state, using the following fairly simple formula:
Assessing the level of operational security of modern universal operating systems.
As previously noted, the main parameters used to assess the operational safety of system tools are the rates of protection failures (vulnerability detection) and protection recovery (vulnerability elimination). To determine the values of these parameters, let us turn to two interesting studies
The first study we present here: “Critical days: Linux, Mac OS X, Solaris and Windows” was published on the website June 19, 2007.
Geoff Johns conducted another study on how long it takes companies to close the holes they find in their software. The following commercial operating systems were considered:
- Apple: Mac OS X, all versions revised in 2006.
- · Microsoft: Windows 2000 (Professional And Server), Windows XP, Windows Server 2003.
- Red Hat: Red Hat Enterprise Linux 2.1, Red Hat Enterprise Linux 3, and Red Hat Enterprise Linux 4.
- Novell: SUSE Linux Enterprise Server 8, SUSE Linux Enterprise Server 9, SUSE Linux Enterprise Server 10, Novell Linux Desktop 9, and SUSE Linux Enterprise Desktop 10.
- Sun: All versions of Solaris patched in 2006.
If a single vulnerability was resolved in multiple components of the same product at different times, the vulnerability was considered resolved when the last patch was released. For example, if a vulnerability appeared in Firefox and Thunderbird in RHEL3 on January 1, and a patch for Firefox was released on January 10, and for Thunderbird on January 15, then it was considered fixed when the last patch was released. For example, if a vulnerability appeared in Firefox and Thunderbird in RHEL3 on January 1, and a patch for Firefox was released on January 10, and for Thunderbird on January 15, then it was considered fixed on January 15.
As a result, the following values were obtained for the average time to eliminate vulnerabilities in various operating systems (see Fig. 1).
Fig.1
As can be seen from the graph, the fastest company to release a fix was Microsoft, which required an average of 29 days to close the vulnerability, and the worst company was Sun, which fixed vulnerabilities in an average of 167 days.
The following graph (see Fig. 2) shows the rate of elimination of critical vulnerabilities in various operating systems.
Fig.2
Finally, Geoff Johns compared the rate of change of all vulnerabilities in various operating systems compared to 2005, see Fig. 3.
Fig.3
Note that the data obtained by Jeff is somewhat at odds with a study by Symantec, which stated that Microsoft fixes vulnerabilities on average in 21 days, Red Hat in 58, Apple Mac OS in 66, and Solaris in 122 days. However, the Symantec comparison covers a shorter period of time - only the second half of 2006. And in our study, the actual order of the numbers is much more important.
Now we will conduct our research and evaluate how the duration of eliminating vulnerabilities affects the operational (true) security of modern operating systems. To this end, we will use our model and estimate the probability that the system is in a secure state under the assumption that only one vulnerability is discovered and fixed per year. The research results are presented in Fig. 4.
Let's analyze the result. We see that with the current intensity of fixing vulnerabilities in the OS, there is simply no need to talk about any OS security. After all, even if one vulnerability is discovered per year (and this can only be dreamed of today), up to 10% (and these are the best indicators for the operating systems being compared) of the OS operating time will not be in a secure state.
Fig.4
Now let’s evaluate how the intensity of vulnerability detection affects the operational (real) security of modern operating systems. To do this, let’s turn to another study with the loud title “Symantec: Windows is the most reliable system”, also published on the website, but on March 27, 2007.
This study claims the following.
Microsoft Windows, despite all its security problems, is the most reliable operating system in existence, says Symantec.
In the second half of 2006, the fewest number of vulnerabilities were found and fixed in Windows systems; The company is on average the fastest to release security updates, according to the latest Internet Security Threat Report, released twice a year.
The statement is confirmed by comparative performance among five operating systems: Windows, Mac OS X, HP-UX, Sun Solaris and Red Hat Linux.
In six months, Microsoft released updates to more than 39 vulnerabilities; each hole remained open for an average of 21 days. In second place is Red Hat Linux: 208 vulnerabilities and an average fix time of 58 days. Despite the larger number, these vulnerabilities were on average less dangerous, Symantec notes. Mac OS X had 43 vulnerabilities and an average remediation time of 66 days. High-severity vulnerabilities took the company an average of 37 days to resolve.
HP-UX and Solaris close the top five: 98 holes and 101 days, and 63 holes and 122 days, respectively.
Let's conduct our research and try to decide what is called the most secure OS today and what level of operational security it provides. To do this, we will use our mathematical model and construct the dependence of the changethe likelihood that the system is in a secure state depending on changes in the intensity of vulnerability detection. For the intensity of fixing vulnerabilities, we will take its maximum possible value on the set of OS variants being compared - the intensity of fixing vulnerabilities by Microsoft. The research results are presented in Fig. 5.
Fig.5
Let us carefully consider these results, and remember that we are talking about hypothetically ideal characteristics - this is the upper theoretical limit, the real state of affairs is much worse. First of all, let's look at the red dotted line in Fig. 5. This line characterizes the following case - the probability that at any time the system is in a safe state is 0.5, i.e. Either it is protected or it is not. But such operational security of the OS is achieved (see Fig. 5) with the detection of only 8 vulnerabilities per year, with an average duration of their elimination within a month. If, on average, 20 vulnerabilities are discovered per year, then the probability that the system is in a secure state is already about 0.2. In other words, in this case we can talk about the absence of any security of such a system. However, let us recall the following (see above) “... Over the past six months, Microsoft has released updates to more than 39 vulnerabilities..." and we are talking about the fact that " Windows is the most reliable system." Amazing!
I would like to draw the reader's attention to one more important issue. After all, we are ultimately not interested in the security of the OS, but in the security of the computer. And in this case, application vulnerabilities will also increase; involuntarily, let’s move on to discussing issues of functional security of the OS, because application vulnerability, in principle, should not affect computer security, given that the main protection mechanisms are implemented at the OS kernel level.
And in conclusion, some more “fresh” statistics from the site , dated October 8, 2007. “The corporation plans to publish seven security bulletins this month describing new holes in Windows operating systems, office applications and the browser.
According to the preliminary notice, four of the October bulletins will contain information about critical vulnerabilities that allow the execution of arbitrary malicious code on remote computer. Holes that received the maximum danger rating according to Microsoft classification were identified in the new operating system as well as Windows 2000/XP and In addition, Microsoft intends to release patches for critical vulnerabilities in office applications. Internet browser Explorer, Outlook Express and mail client Windows Mail.
Two more holes in Windows software platforms have received important status. One of them can theoretically be used by attackers to organize DoS attacks, and the other can be used to imitate connections. "In addition, another vulnerability described as significant could be exploited for privilege escalation in Windows and Office."
Isn't it time to admit that we are working on completely unprotected systems, and that all attempts by manufacturers to improve the security of modern universal operating systems associated with expanding the built-in security functionality do not lead to the desired results!
In this age of BYOD, when nearly half of organizations report data breaches and mobile device hacking, and 64% have no BYOD policies at all (according to Veracode), the topic of mobile security has become increasingly relevant to solution providers seeking to protect customer networks.
This places the burden of BYOD on IT departments and VARs, who must implement security best practices across a wide variety of devices.
There are, of course, dozens different models smartphones and tablets, but, by and large, it comes down to four main mobile OS platforms: iOS Apple, Android Google, BlackBerry and Windows Phone Microsoft.
The iPhone and iPad have gained widespread adoption in enterprise environments, according to a survey of mobile device administration (MDM) vendors conducted by CRN for this article. Theodora Taitonis, Vice President of mobile technologies at Veracode, believes Apple's success is built on its tight control of the hardware platform, software and app ecosystem, along with thoughtful additions such as new content and app management APIs in iOS 7.
Android, the most popular mobile OS on the planet, has made significant progress in the enterprise segment, although antivirus vendors provide a long list of malware that Android devices sometimes succumb to. Samsung, the top Android vendor, is emphasizing its SAFE (Samsung Approved For Enterprise) extensions and proprietary Knox security technology built into some models in an effort to make the OS more attractive to organizations.
Microsoft in its Windows Phone 8 offers unique features, primarily integration with Active Directory, allowing MDM vendors to improve administration and assign policies to user groups. There is also, of course, built-in support for Active Sync. And security experts say Windows Phone 8 makes great strides in sandboxing.
Finally, there's BlackBerry, which has (and still retains) enormous respect among solution providers for its many security features, such as its BBM service and the security features in its retooled BES 10 admin server. The OS now includes Exchange Active Sync support and a new Balance technology, which allows organizations to create a partition on a BlackBerry 10 device to keep personal and corporate data and applications separate.
"Consumers tend to gravitate toward the brighter side of the mobile market," says Veracode's Titonis. But this is not always reliably protected. “The onus of BYOD is on the end user to make the right choice of smartphone or tablet and use it safely,” she added.
As for security threats and privacy violations of mobile devices, even the most secure mobile OS cannot eliminate them if the user does not have basic common sense, she says.
Jerry Zigmont, owner of the reseller company MacWorks, which cooperates with Apple, agrees with this. "I don't think there's any one phone that's more secure than all the others," he said. However, he believes Apple and iOS 7 have some advantage over Android, Windows Phone 8 and BlackBerry.
iOS: the most secure
This is what mobile security experts and solution providers think. Apple has an advantage, they say, because it controls a significant part of all the components - the application layer ( App Store), the operating system (iOS) and the devices themselves (iPhone/iPad), but not the infrastructure (it is provided by telecom operators).
“iOS is the most secure because it puts as much emphasis on security at the application level as it does at the operating system level,” says Ira Grossman, director of client device technology at MCPc, a major US-based solution provider with its own Anyplace Workspace platform.
"If applications aren't secure, it doesn't matter how secure the operating system is," Grossman says. - Apple Store provides a level of security that we don't have in the standard Android app store today."
But just because Apple strictly monitors its App Store does not guarantee an advantage over competitors in app security. According to Veracode, mobile applications Apple poses just as many potential risks as its closest competitor, Android, when it comes to top threat types.
After analyzing thousands of iOS and Android apps used by its customers, Veracode found an almost equal number of cases of unsecured storage of proprietary information such that a hacker could steal financial or stored identity data from the app. Veracode also found equal vulnerability in application error handling, which can be used in cross-site scripting attacks, where a script taken from a website is allowed to execute and can be used to steal information or run other malware on the device.
“Apple is the furthest in security. Each application runs separately (sandboxed), that is, data storage and memory are isolated. And it has the most control over how patches are installed,” said one security expert at an MDM firm who requested anonymity.
Patch level management and control over the installation of updates is an important advantage that Apple has over Android, many MDM vendors say. Apple sends its own patches directly to users, meaning any vulnerabilities found are fixed within 24 hours. This gives Apple an advantage, they say, since Android relies on carriers wireless communication, which send out their patches and OS updates to fix security holes. To make matters worse, the Android segment is fragmented: different hardware platforms and OS version numbers can sometimes require a separate patch for each version.
Unlike Apple, Android devices use a hodgepodge of different variants of the OS. Unfortunately, operators are in no hurry to send patches to devices. Even MDM vendors admit that they have difficulty covering all versions.
Android: strong second place
But this does not mean that Android OS is not secure. It has many built-in security features. In addition, manufacturers of Android devices, primarily Samsung, have improved versions of this OS by adding advanced security features, such as Knox technology (Samsung).
However, for the Knox platform to work effectively, an organization must first implement enterprise-class management for Knox-enabled devices. This platform relies on virtualization to ensure complete separation of work and personal data on mobile devices.
With that in mind, Ojas Rege, vice president of strategy at MDM vendor MobileIron, says Android's security and admin capabilities are nearly equal to those of Apple. “The key to security is an application-isolated architecture, where data in an enterprise application cannot be accessed by another application. iOS provides the strictest isolation. But more secure versions of Android, for example, with Samsung’s Knox technology, are also just as good.”
BlackBerry: is a rebirth possible?
BlackBerry OS also remains popular in certain circles. With its BlackBerry Enterprise Server (BES), it includes hundreds of security features for organizations.
“BlackBerry is the most secure. That's the only reason she's still alive, says Steven Kantorowicz, president of VAR company CelPro Associates. “That’s why government agencies and even President Obama use it.”
If nostalgia and well-deserved respect could increase market share, then BlackBerry would overtake Apple tomorrow, but alas! - many in the industry believe that it is steadily fading. As a result, there is an exodus of developers, and MDM vendors are also switching to other platforms. If the numbers are any indication, BlackBerry's future looks bleak. MobileIron's Rare says BlackBerry's share among the organizations it works with is falling rapidly.
According to a recent MobileIron study, half of the companies that administer BlackBerry smartphones say they plan to stop supporting them in the next 12 months. In the financial services sector, 44% of mobile devices are BlackBerry. According to a MobileIron survey, this figure will drop to 30% in the next 12 months.
However, BlackBerry CEO John Chen allowed himself to disagree with the subverters. At the World Congress mobile communications In February, he told a crowd that the company was set to re-enter the smartphone market with a new high-end model with a QWERTY keyboard called the BlackBerry Classic, slated for release this year.
In an interview with USA Today, Chen described the model this way: “This is an improved and expanded version of one of our most popular and successful products, which was called Bold. It will have a keyboard and a good touch screen, Very fast internet, web browser and multimedia tools. And besides, it will be very protected.”
Chen has repeatedly stated that BlackBerry is the most secure platform when it comes to the device itself and messaging (both email and BBM), and security is at the forefront of the company's development plans.
Windows Phone 8: a force to be reckoned with
Research from ComScore shows that Android and Apple together hold more than 93% of the market today (Android's share is 52%, Apple has 41%), with Windows Phone 8 and BlackBerry vying for a distant third place, with 3.4% and 2. 9% respectively.
Although Microsoft's market share is only a few percent, its advantage over BlackBerry is its tight integration with the corporate environment. "Windows Phone is a central part of our offering because we think it has great potential in the enterprise segment," says MobileIron's Regé.
Security experts say Windows Phone 8 has significantly improved app isolation. But the OS supports fewer MDM policies compared to iOS, meaning vendors like MobileIron can't provide the same level of control for the OS, Regé says.
"Windows Phone 8 is well suited to satisfy information professionals, but not those who must meet high levels of regulatory compliance and security," said Ryan Smith, lead security engineer at startup Mojave Networks.
For these reasons (and due to low demand), Windows Phone 8 is low on many experts' list of safe options. But that doesn't mean MDM vendors don't provide support - most do.
If BlackBerry is clearly lacking vitality, then Windows Phone 8 has a horizon of possibilities. Mobile security is an elusive goal, Smith says. Building on a strong presence in the corporate segment and acquired businesses Nokia smartphones Microsoft could change the security balance with the new release of its mobile OS, he said.
Every day, smartphones are attacked by hackers and malware. software, therefore the operating system must be as secure as possible in order to preserve the user’s personal data.
In this article we will look at popular mobile operating systems and find out which one is the most secure.
Android
Google's mobile operating system is one of the weakest in terms of security. Experts report that an attacker can hack a smartphone simply by sending a multimedia message to it. However, on latest versions Android pays special attention to security, so the situation is not so critical.
Since Android is an open source system, it is free for developers to use for their purposes. In other words, Android is a big target for hackers and malware. Last year, about 97% of malware was created specifically for Android devices.
Shop Google Play The Store cannot guarantee complete security when downloading and installing applications, and if you download programs from other sources, the risk of virus infection increases rapidly.
The reality is that Android is the most used mobile operating system in the world, which means it is more profitable to hack.
BlackBerry
The popularity of BlackBerry smartphones has fallen sharply over the past few years, despite very good feedback about the latest devices. The company changed its own mobile operating system to Android, which still did not save it from failure.
Many government employees used BlackBerry smartphones because they were considered the most secure.
The BlackBerry operating system used end-to-end encryption, regardless of the smartphone model. Unfortunately, BlackBerry is a thing of the past.
Ubuntu Touch
After the release of the first Ubuntu smartphone last year, many predicted that manufacturers would switch from Android to the Linux system that is Ubuntu.
For those who don't know about Ubuntu Touch, it is an open source operating system similar to Android that is completely free, supported by the Free/Libre Open-Source Software community and Canonical Ltd.
In one of our articles we talked about how you can.
Ubuntu has a high level of virus protection, however, it is an open source operating system, so malware may still end up on mobile devices.
Shop Ubuntu applications is more secure than Google Play Store. Moreover, the owner mobile device must grant certain permissions before installing the application.
Another plus is the fact that Linux is not the most popular platform today, so attackers have little desire to hack this system. To give you an idea of the situation, as of October 2015, a total of 15 people were affected by the hack.
Large companies such as Netflix, Snapchat and Dropbox use the Ubuntu operating system. If you're still not impressed, then perhaps you'll change your mind after learning that the International space station and the Large Hadron Collider also run on Ubuntu.
Windows Phone and Windows 10 Mobile
Microsoft keeps its store Windows applications The App Store is on a short leash, so unless you want your Windows Phone to be jailbroken, you should only use official services to download apps. Main feature apps on Windows Phone is that they don't interact with each other unless you give permission
Feature new version operating room Windows systems 10 Mobile is a device encryption that essentially locks the smartphone if it is lost. This is done using sophisticated BitLocker technology. If you don't have an encryption key, your files are unreadable. The encryption key is a PIN code that you must enter in Settings > System > Device encryption.
iOS
Just like the Google Play Store is the main repository for Android applications, the App Store stores all applications for iOS devices.
operating room iOS system is closed. This means that only Apple company may make changes and updates to the platform. It would seem that this guarantees the maximum level of security, but not quite.
For example, about 500 million users of the Chinese messaging app WeChat were hacked after the release of a modified version of Xcode that was approved by Apple.
Many of you have heard about the hacking of celebrity iCloud accounts. If Apple used to be a guarantor of security, today the company is not so vigilant about it.
In terms of popularity, iOS is second only to Android, so it is not surprising that attackers are looking for security holes in the operating system.
Among positive qualities iOS is worth noting that the mobile platform is really difficult to hack. Not long ago, the FBI detained a terrorist, after which they asked Apple to provide data from his iPhone smartphone. The company refused. Eventually the feds found a hacker who agreed to hack an iOS device for $1.3 million. If it was that easy to hack iOS, they wouldn't agree to pay that much money, right?
Who is the winner?
Each operating system has its pros and cons.
Android: If you carefully monitor your online activities and suspicious links, messages and MMS, and download applications only from the Google Play Store, you will probably never find out about hacks and viruses on your Android device.
Nexus smartphones, now Google Pixel, are the most secure Android devices.
BlackBerry: Old versions of the operating system BlackBerry really had a high level of security. However, the company switched to using Android platforms for their devices, so they are at the same risk of infection as other Android smartphones.
Ubuntu: While it appears to be the most secure operating system available today, we're not sure it will remain so when (and if) the number of active users increases.
Windows Phone: The same can be said for smartphones on Windows based. When market share increases, the number of hacks and virus attacks increases. However, at the moment the system appears to be very reliable.
iOS: Despite a number of recent security issues, Apple enjoys a high level of trust among users. Given the fact that the operating system is closed, the company can quickly detect malware and take action necessary measures to close the security hole.
What's the most secure smartphone we recommend right now? If you prefer an older device, then the BlackBerry Priv will be good option. If you want something newer, you should choose a device running Ubuntu.
