Official Mobile Security & Innovative Technologies Blog
This blog is managed/edited by Eric Everson. The purpose of this blog is to discuss common threats and solutions that exist within the mobile community in addition to the intricacies of innovative technologies and the markets therein.
Thank you for taking the time to review my blog; I am Eric Everson the founder of MyMobiSafe.com. In addition to my duties at MyMobiSafe, LLC I am also a full-time graduate student and mobile industry researcher. As a mobile security expert and innovative technologies leader, I am glad to answer any questions you may have: EricEverson@Hotmail.com
Monday 17 November 2008, 11:23 PM
Mobile Operating Systems: MOPS At a Glance
Mobile Operating Systems: At a Glance
Author: Eric Everson, Founder MyMobiSafe
Since posting my blog exposing the security Google G1 security issue, I have received a few emails asking about MOPS (Mobile Operating Systems) basics. When we start throwing acronyms like MOPS, OSMOPS, and pMOPS around it can get confusing quickly, so here’s a stab at simplifying the mystique.
Simply put all Operating Systems for mobile handsets fall under the MOPS umbrella. Every handset has a MOPS. Digging into this, there are two types of MOPS: pMOPS (proprietary Mobile Operating Systems) and OSMOPS (Open Source Mobile Operating Systems).
pMOPS: These are the traditional MOPS that the mobile industry was built on. pMOPS are proprietary in nature and have been developed by handset providers over the course of many years. The SDK’s (Software Development Kits) of pMOPS are not generally available to the public, which creates a greater overall level of mobile security. While security is better in pMOPS the abundance of third-party content is also very limited. Examples of these pMOP’s are mostly found on the less sophisticated (non-smartphone) mobile handset platforms. The Nokia and Motorola OS are examples of non-smartphone pMOPS while the BlackBerry Operating System is also considered a pMOPS.
OSMOPS: These are the MOPS that are shaping the foreseeable future of the mobile industry. These MOPS are Open Source by nature and their SDK’s are readily available to the public. Examples of OSMOPS are Symbian, Android, and increasingly Microsoft Mobile. There are obviously increased vulnerabilities with OSMOPS, though there is a harbinger of increased mobile content coming from third-party developers.
As it stands today, OSMOPS offer less in the way of security (thus requiring mobile security solutions) while pMOPS offer less mobile content. Deciding which kind of MOPS is best for you really depends on your own mobile needs. If you are all about the business, an OSMOPS may create more risk than reward. If you are in it for the fun of it, the pMOPS may have you starved for mobile content.
I hope this helps clear the mystique surrounding MOPS, as always feel free to comment or email me.
Your friend in mobile technology!
Eric Everson “MobileTech”
Founder, MyMobiSafe.com
Author: Eric Everson, Founder MyMobiSafe
Since posting my blog exposing the security Google G1 security issue, I have received a few emails asking about MOPS (Mobile Operating Systems) basics. When we start throwing acronyms like MOPS, OSMOPS, and pMOPS around it can get confusing quickly, so here’s a stab at simplifying the mystique.
Simply put all Operating Systems for mobile handsets fall under the MOPS umbrella. Every handset has a MOPS. Digging into this, there are two types of MOPS: pMOPS (proprietary Mobile Operating Systems) and OSMOPS (Open Source Mobile Operating Systems).
pMOPS: These are the traditional MOPS that the mobile industry was built on. pMOPS are proprietary in nature and have been developed by handset providers over the course of many years. The SDK’s (Software Development Kits) of pMOPS are not generally available to the public, which creates a greater overall level of mobile security. While security is better in pMOPS the abundance of third-party content is also very limited. Examples of these pMOP’s are mostly found on the less sophisticated (non-smartphone) mobile handset platforms. The Nokia and Motorola OS are examples of non-smartphone pMOPS while the BlackBerry Operating System is also considered a pMOPS.
OSMOPS: These are the MOPS that are shaping the foreseeable future of the mobile industry. These MOPS are Open Source by nature and their SDK’s are readily available to the public. Examples of OSMOPS are Symbian, Android, and increasingly Microsoft Mobile. There are obviously increased vulnerabilities with OSMOPS, though there is a harbinger of increased mobile content coming from third-party developers.
As it stands today, OSMOPS offer less in the way of security (thus requiring mobile security solutions) while pMOPS offer less mobile content. Deciding which kind of MOPS is best for you really depends on your own mobile needs. If you are all about the business, an OSMOPS may create more risk than reward. If you are in it for the fun of it, the pMOPS may have you starved for mobile content.
I hope this helps clear the mystique surrounding MOPS, as always feel free to comment or email me.
Your friend in mobile technology!
Eric Everson “MobileTech”
Founder, MyMobiSafe.com
Wednesday 12 November 2008, 11:53 PM
Google Beware: Hackers Set Sights On Android G1 Handsets
Google Beware: Hackers Set Sights On Android G1 Handsets
Author: Eric Everson, MyMobiSafe.com
Could the security concerns surrounding Google’s Open Source Mobile Operating System (OSMOPS) dubbed Android be the reason T-Mobile has taken such a humble marketing approach?
The Android team came public this week about a key security vulnerability in the platform regarding a root-console problem in Android (the one that automatically sent keystrokes to the root shell as commands). This issue in the Android OSMOPS gave hackers the expressway into the root-console of the handset. As Rich Cannings of the Android Security Team admits, "“We tried really hard to secure Android. This is definitely a big bug,” he said. “The reason why we consider it a large security issue is because root access on the device breaks our application sandbox.” For those with limited familiarity with Mobile Operating Systems (MOPS) the root-console acts as a control center for the handset; once you get into the "sandbox" you have complete control.
Generally speaking, once the root-console has been compromised by hackers the only way to keep hackers at bay is in a complete overhaul of the Operating System. This doesn’t bode well for the emerging Android OSMOPS that has been increasingly under consumer scrutiny due to its Open Source nature.
Open Source in MOPS, may bring about a surge in mobile content but it does not come without a significant handset threat level. What makes the G1 handset so attractive to hackers is the open availability of the Android Software Development Kit (SDK). This is the compromise of control that MOPS providers such as Google Android, Symbian, Microsoft Mobile, and others have to contend with as they continue to migrate toward an open source environment.
What happens when you put the SDK for a Mobile Operating System (MOPS) in the hands of hackers? Unfortunately, we are just beginning to find out. With unprecedented hacker access to these MOPS the reality of industry-wide mobile security threats is no longer a question “if” but when.
Your friend in mobile security,
Eric Everson
Founder, MyMobiSafe.com
Author: Eric Everson, MyMobiSafe.com
Could the security concerns surrounding Google’s Open Source Mobile Operating System (OSMOPS) dubbed Android be the reason T-Mobile has taken such a humble marketing approach?
The Android team came public this week about a key security vulnerability in the platform regarding a root-console problem in Android (the one that automatically sent keystrokes to the root shell as commands). This issue in the Android OSMOPS gave hackers the expressway into the root-console of the handset. As Rich Cannings of the Android Security Team admits, "“We tried really hard to secure Android. This is definitely a big bug,” he said. “The reason why we consider it a large security issue is because root access on the device breaks our application sandbox.” For those with limited familiarity with Mobile Operating Systems (MOPS) the root-console acts as a control center for the handset; once you get into the "sandbox" you have complete control.
Generally speaking, once the root-console has been compromised by hackers the only way to keep hackers at bay is in a complete overhaul of the Operating System. This doesn’t bode well for the emerging Android OSMOPS that has been increasingly under consumer scrutiny due to its Open Source nature.
Open Source in MOPS, may bring about a surge in mobile content but it does not come without a significant handset threat level. What makes the G1 handset so attractive to hackers is the open availability of the Android Software Development Kit (SDK). This is the compromise of control that MOPS providers such as Google Android, Symbian, Microsoft Mobile, and others have to contend with as they continue to migrate toward an open source environment.
What happens when you put the SDK for a Mobile Operating System (MOPS) in the hands of hackers? Unfortunately, we are just beginning to find out. With unprecedented hacker access to these MOPS the reality of industry-wide mobile security threats is no longer a question “if” but when.
Your friend in mobile security,
Eric Everson
Founder, MyMobiSafe.com
