- OS -

Last update 30.08.2017 22:46:18

Introduction  List  Kategorie  Subcategory 0  1  2  3  4  5 

Modern OSs for embedded systems

24.6.2018 Kaspersky OS
A review from KasperskyOS developers
At Kaspersky Lab we analyze the technologies available on cybersecurity market and this time we decided to look at what OS developers are offering for embedded systems (or, in other words, the internet of things). Our primary interest is how and to what degree these OSs can solve cybersecurity-related issues.

We’d like to point out that this review reflects the author’s subjective opinion, and for the purposes of this analysis we developed our own classification of OSs.

Moreover, throughout this research we have compared other operating systems with KasperskyOS to see what we can learn from them and how we can improve KasperskyOS. The results of this comparison will also be presented in this article.

We analyzed a total of several dozen operating systems, from the most widespread to some niche players. The vast majority of the operating systems we looked at primarily handle practical functional tasks. Information security features, if they are included in the design, are merely extensions to the existing functionality in the form of plugins, components implementing encryption algorithms or add-in architecture. These measures can help improve the overall information security posture of a solution, but cannot guarantee protection from all modern threat models. If cybersecurity issues are not addressed in the initial design, it inevitably leads to compromises later when protection mechanisms are added.

Operating systems can be classified according to numerous criteria. Our approach was to treat operating systems from an architecture standpoint, so we classified them into four large classes according to their kernel types.

monolithic systems,
operating systems with monolithic kernels,
microkernel-based operating systems,
hybrid systems.
Monolithic systems
This is the most widespread type of operating system architecture for embedded devices. Most of the operating systems we analyzed are monolithic environments designed to work in microcontrollers where all processes (both user and system) run in a single address space without restrictions.

From an information security standpoint, this architecture is only suitable for very simple tasks – as the functionality becomes more complex, the risk of vulnerabilities becomes too great. Whenever vulnerabilities occur in such systems, whether it’s in implementations of system services or in an auxiliary application, this leads to the entire solution being compromised.

Libraries containing sets of encryption algorithms are usually offered as extra security measures for such operating systems. However, these measures can hardly be described as sufficient, because they don’t envisage a comprehensive solution to many important issues, such as the generation and storage of keys and certificates, ensuring trusted downloads, secure updates, etc. Also, because these libraries are created specifically for the appropriate operating systems, they often don’t undergo verification and/or sufficient testing, so they themselves may contain vulnerabilities and therefore reduce (rather than improve) the overall security of the solutions they’re part of.

Other measures (such as stack protection, various types of additional checks etc.) may ensure protection against different types of failures and errors, but they are often useless at protecting against targeted attacks that exploit known vulnerabilities within the system.

Even if a microkernel architecture was formally applied in a solution like this, an acceptable level of protection is impossible to ensure unless user processes are isolated from system processes, since any user process could affect the operation of the microkernel. Examples of microkernel operating systems in which processes are not isolated properly include the popular RIOT OS, Zephyr, Unison RTOS, and even the commercial microcontroller kernel µ-velOSity provided by Green Hills, as well as Microsar OS, the basic operating system for automotive solutions provided by Vector.

Despite all the security shortcomings of monolithic systems, such compact operating systems are suitable for work in cheap microcontrollers. They can be used in simple and compact devices where the only task is to measure a single parameter, such as temperature, pressure, volume, etc. Devices like these must be simple, compact and cheap. In our view, monolithic systems are not the best option when faced with tasks that are more complex.

Monolithic kernel systems
Monolithic kernel systems are another type of operating system architecture. This is perhaps the most widespread and popular type of operating system architecture both for embedded systems and for general-purpose systems (i.e. servers, workstations and mobile devices.)

Unlike in purely monolithic solutions, user processes in monolithic kernel systems are isolated from the kernel and only have access to its functions via a limited number of system calls. This constitutes a serious advantage from the information security standpoint.

A large number of services run in the kernel context, such as protocol implementations, file systems, device drivers, etc. Examples of monolithic kernel operating systems include those based on the Linux kernel (and its derivatives), as well as Windows, FreeBSD, RTEMS, etc.

The operating system’s kernel services still leave a large attack surface, while the code base operating in the kernel context cannot be considered as trusted. Therefore, don’t expect the kernel services to be free from vulnerabilities (in fact, vulnerabilities are regularly detected).

The compromise of any kernel service inevitably leads to the entire system being compromised, no matter what tools are employed to protect it.

The second problem is especially relevant for embedded systems. It is the need to restart the device when kernel models are updated. Indeed, restarting is not always required, however any case when a restart is not required is the exception rather than the rule.

The main advantage of monolithic kernel architecture is its better performance as compared to microkernel operating systems. This is due to the smaller number of context switches.

Different Linux distributions
Operating systems based on the Linux kernel are very user-friendly: they are available in source code, offer excellent hardware support and have a large amount of application and system software. All this makes these operating systems extremely attractive for developers of embedded systems.

Note: Linux only serves as the kernel of an operating system. Full-fledged operating systems are Linux-based distributions.

It’s worth noting that Linux was developed as a kernel for a multi-user operating system and contains a set of built-in security mechanisms, but from a modern-day perspective it has a number of information security issues, both in terms of architecture and implementation.

Conventional wisdom suggests that a properly configured Linux-based solution is sufficiently secure. However, the actual configuration process is quite complicated and most security restrictions can be bypassed. Besides, there are also difficulties with Linux that are related to the implementation of secure boot mechanisms, updating operating system components, and a multitude of other problems.

A large number of Linux-based branches and distributions have been developed that aim to improve security. Extensions have also been developed to tackle information security issues, including AppArmour, GRSecurity, PAX, SELinux, etc. These extensions help improve the security posture, though they cannot guarantee sufficient security, because the code base of the Linux kernel is quite large, and there’s no way of making the kernel’s computing base trusted. This problem appears to be insurmountable. According to www.cvedetails.com, 453 vulnerabilities were detected in Linux kernels in 2017. That number includes 159 vulnerabilities that allow execution of arbitrary code in the kernel context. Exploitation of a vulnerability in the Linux kernel makes it possible to circumvent any protection mechanisms, even the most sophisticated and carefully configured.

Android 8.0 Oreo is the latest version of the Android operating system for mobile devices and, according to the developers, contains a multitude of new information security mechanisms. The key security features in this operating system are aimed at mitigating the consequences of exploiting vulnerabilities and reducing the attack surface, as well as the use of the principle of least privilege. There have also been changes to the API design and to the architecture. Some of the innovations are described below:

Smart protection of app authorization.
Advanced verification during updates of applications and the operating system to prevent common types of attacks, including rollback.
In-built support of HSM (hardware security module).
Application sandboxing with support for seccomp filters (secure computing restricts apps’ ability to make system calls) and the WebView component is isolated.
Support for a set of encryption profiles (different profiles use different sets of keys).
In-built support for two-factor authentication using physical keys.
Complicating paths to apps. An app can no longer be found at its static location. Instead, it is installed each time to a new location, and a special call to the system must be made to gain access to the app.
Discontinued support of outdated and vulnerable protocols and algorithms, such as SSL v3.0.
These are all necessary and useful measures that substantially complicate post exploitation of vulnerabilities and the ability to gain root privileges.

However, it shouldn’t be forgotten that the Linux kernel is inside Android with all the drawbacks inherent to it. An analysis of the monthly security bulletins shows that new vulnerabilities are being discovered in Android all the time, and a significant portion of them enable execution of arbitrary code.

Microkernel operating systems
One possible solution to the above problems is the use of microkernel architecture.

A microkernel provides only the elementary functions of process management and a minimum set of hardware abstractions. Most of the work is done with the help of dedicated user processes that don’t run in the kernel’s address space. This helps to substantially reduce the attack surface of the kernel services, while the kernel of the operating system can be rigorously verified (thanks to the small code base) using, among other things, formal verification methods. To learn more about verification and how it is different from validation, check out Ekaterina Rudina’s article devoted to this topic.

The most meaningful results from an information security standpoint have been shown for microkernel architectures, for example, the Separation Kernel approach and the use of MILS architecture.

Different types of microkernels and microkernel operating systems are widely available on the market. Some examples from this category are QNX, INTEGRITY RTOS, Genode, the L4 kernel and its derivatives.

We would like to dwell a little bit on the microkernel L4. It’s the result of an evolutionary process in the microkernel approach to the development of operating systems. Today, L4 is effectively the de facto standard in the development of microkernel operating systems.

L4 microkernel family
The L4 kernel was initially developed to demonstrate the feasibility of creating a microkernel that is suitable for use in real-life, general-purpose operating systems. This attempt can be considered rather successful: there now exists a whole family of research and commercial projects that make use of the L4 derivatives. The kernels of this family have been ported on a large number of hardware platforms. It should be noted that solutions based on L4 support operation in hard real-time mode.

Among the microkernel implementations currently supported the following can be highlighted:

seL4 – the first microkernel to be formally verified. It is still undergoing active development.
Codezero – a commercial version of the K4 kernel. The source code of the kernel is available under GPLv3 license, while the source of the additional modules and libraries is closed and distributed under commercial licenses.
OC – a version developed by TU Dresden and distributed under GPLv2 license; commercial support is available.
For the listed operating systems, there are different virtualization solutions available. There are also other virtualization solutions based on the L4 microkernel that are worth mentioning – they are OKL4, NOVA and the PikeOS operating system.

The microkernels of the L4 family are also used in the following operating systems:

TUD:OS – an operating system developed by TU Dresden on the basis of L4Re, which is an L4-based framework for constructing solutions.
CAamkES – a framework based on the L4 microkernel that was developed by Trustworthy Systems Research Group @Data61.
L4Linux – a porting of the Linux operating system based on the L4-family kernel. In this implementation of L4, Linux plays the role of a user mode service operating simultaneously with other L4 applications (including real-time components). Linux kernel versions up to 4.14 and hardware platforms x86 and ARM are supported.
From a security point of view, the seL4 kernel is the most important member of the L4 family.

The microkernel seL4 implements an object-capability model. Formal verification has been conducted for it, meaning the operating system’s properties can be guaranteed within specified concepts and assumptions; this improves the overall protection status of the solution. However, if the input assumptions are incorrect, problems can arise. For instance, a substantial drawback of the formal model during seL4 verification is that it rules out simultaneous execution of several processes (a single-processor system with blocked interruptions is envisaged).

The object-capability model provides detailed control over system behavior, but by no means all security properties can be described with its help. There are numerous other security models whose properties are impossible to express based on the object-capability model. For example, security properties may depend on system status, take time relationships into account, etc. To describe such properties, extra mechanisms need to be added to the solution, and in that case the advantages of seL4 are lost.

KasperskyOS makes use of many of the ideas used in seL4. However, it also allows for a description of any security properties by using Kaspersky Security System (KSS), part of the KasperskyOS architecture.

Hybrid operating systems
A hybrid kernel exhibits a combination of properties typical of monolithic and microkernel architectures; a hybrid kernel-based operating system architecture is essentially a modified microkernel that allows operating system modules to be executed in the kernel space to expedite operation.

Operating systems with hybrid kernels have emerged as a result of attempts to use the advantages of microkernel architecture while retaining as much of the well-tested monolithic kernel code as possible. In operating systems of this class, however, the problem of information security remains unsolved, because the attack surface remains large.

The ‘secure by design’ requirement
Many of the older operating systems were initially developed with no regard for information security. When security features are introduced, functional mechanisms cease to operate as they did before, and compatibility issues arise. For this reason, and a host of others, it’s impossible to completely revisit the architectures of these systems, and there can be no security guarantees – it’s only possible to talk of enhancing some security-related properties. There are many examples of such solutions, including QNX, Linux, and FreeBSD.

Only those operating systems that took information security requirements into consideration during development can ensure proper implementation of security mechanisms without impacting their functional capabilities. The use of a secure-by-design approach is a key requirement for the final solution to be certified to Common Criteria standard, starting with EAL4. Examples of secure-by-design operating systems are seL4, INTEGRITY RTOS, MUEN RTOS, KasperskyOS and several others.

From the very start, KasperskyOS was created to meet the most rigid information security requirements. It was based on advanced practices and approaches to creating secure systems, in line with the requirements of all essential security standards. In light of this, KasperskyOS can be considered a truly secure operating system from its inception.

KasperskyOS uses microkernel architecture in which the microkernel system tools divide the system into security domains, or ‘entities’ in KasperskyOS terms. All communications between security domains (inter-process communications, IPC) are performed using the microkernel – and controlled by it. No communications are allowed to bypass the microkernel.

All communications are typed: the interface of the entities is described in IDL (Interface Definition Language), and only this interface can be used for IPCs. This is where KasperskyOS differs significantly from most other operating systems.

The KasperskyOS microkernel operates in conjunction with Kaspersky Security System (KSS), which is a subsystem that calculates security verdicts. For each IPC, the KasperskyOS microkernel requests a verdict from KSS, which it uses as a basis for permitting or blocking that particular IPC. For verdict calculation, it is not only the fact and type of communication that is taken into account but also the system’s topology, the context in which the communication takes place, as well as the assigned policy described within the framework of a set of formal security models.

KSS supports a large number of formal security models, for example, Domain Type Enforcement, Object Capability, Role-Based Access, diverse temporal logic dialects, etc. New models can be added when required.

This provides the developer with a flexible tool to describe security policies with as high a level of detail as required. We are not aware of any other solution that provides this degree of detail.

Security policies are defined in a high-level language, which greatly simplifies the verification of the solution in accordance with stipulated requirements. This also makes it possible to run formal verification of the described properties[1].

If we consider systems with limited functional capabilities that perform a limited set of functions, theoretically it’s possible to provide the specified security properties and guarantee there are no vulnerabilities in the software code.

As a solution grows progressively more complex, the addition of different protocols, algorithms, functions, etc. makes it impossible to guarantee there are no vulnerabilities in it. Special measures must be taken to ensure these vulnerabilities cannot be exploited or that their exploitation does not lead to undesirable consequences. These protection measures should include isolation of processes, restricted access to resources, attack detection systems and countermeasures, etc. In that case, the security properties must be guaranteed by the system’s trusted components, i.e., by the OS kernel, security features, subsystems providing specific types of protection, such as cryptographic protection, etc.

At the same time, the relevant security policies need to be defined in an increasingly detailed way, and there comes a point when the capabilities of policy refinement reach a limit. For example, capability-based policies can allow or deny access to a certain resource, though there is no ability to define a situation in which such access would be contingent on something. In such cases, the required security properties are considered functional requirements, and are implemented in the solution’s code along with its other features. This leads to a progressive growth in the volume of the code base that needs to be controlled, and ensuring its verifiability becomes an increasingly challenging task. Consequently, the solution again becomes insecure.

With the help of KasperskyOS and KSS, it’s possible to provide as detailed a description of security properties as desired, and through decomposition of the solution it’s possible to select a limited set of individual modules containing the minimum required functions that require verification. These modules can be viewed as standalone and isolated – their verification then becomes easy.

The code base of KSS responsible for implementing the solution’s security policies can be generated, is formally verifiable[2] and, in this sense, it is trusted. This solves the problem of uncontrolled growth of the code base to which requirements of trust are imposed.

Since security properties are defined regardless of the functional logic, the developer can construct a security system for their solutions without taking into account the details of how specific components are implemented.

The described capabilities of KasperskyOS make it possible to follow a natural course of developing secure solutions that includes the following steps:

Threat analysis and threat modeling.
Development of a set of formal security policies to counter the threats described in step 1.
Decomposition of the solution into security domains, and definition of IPC interfaces in line with the data obtained at step 2.
Implementation of the solution in line with the data obtained at step 3, and configuration of security policies aligned with the results obtained at step 2.
The ability to follow the described process of development is an important methodological advantage over other operating systems. This ensures a key advantage of KasperskyOS: complex systems can be built to meet specific information security characteristics.

KasperskyOS supports virtualization with the help of the Kaspersky Secure Hypervisor (KSH) application. Its key feature is that it can work together with KSS to implement security policies related to the control of virtual machine access to the hypervisor’s internal resources. KSH is a lightweight solution. This makes it possible to verify its code base and means it can be viewed as being part of a trusted platform. The hypervisor can apply KSS verdicts to its internal processes even in situations where cross-domain interaction does not take place.

This capability does not exist in any other virtualization solutions; it is only possible to set rules to define how a specific virtual machine interacts with other isolated components of the system.

Now, in the internet-of-things era, cybersecurity issues surrounding connected devices are becoming increasingly critical. In our opinion, it is the security of the operating system that defines the overall level of cybersecurity of an entire embedded system. Unfortunately, issues of information security are still not given sufficient consideration during the development of operating systems. For nearly half of the operating systems we have considered, information security aspects are either not addressed whatsoever, or the functions associated with information security are implemented at a level that is unsatisfactory.

We hope that this review will, firstly, encourage the developers of operating systems for embedded systems to devote more attention to issues of cybersecurity, and, secondly, help developers choose an operating system for their projects. After all, it’s important for all of us that the internet of things doesn’t grow into an internet of threats.

Windows 10 Source Code Leaked Online

26.6.2017 securityweek  OS
A portion of Microsoft’s Windows 10 source code was leaked online this week on an enthusiast website that tracks Windows releases.

The source code, which Microsoft already confirmed to be from the Shared Source Initiative, was supposedly accessible only to OEMs (Original Equipment Manufacturers) and partners.

The code was listed on enthusiast site Beta Archive, but was listed on a free private FTP where numerous archived Windows builds are also present.

As per the rules of the site, only beta builds that have been already superseded by newer releases are accepted, “sourced from various forum members, Windows Insider members, and Microsoft Connect members.” Core source code isn’t accepted on the site.

The leaked source code was stored in a FTP folder called “Shared Source Kit,” and Beta Archive removed it immediately after learning that it might contain sensitive data. Specifically, it removed the folder after an article on The Register came into focus, claiming that several terabytes of internal builds and core source code leaked online.

A Beta Archive admin named Andy also provided some explanation on this action, revealing that they decided to remove the folder from the FTP server, along with listings on the site, to review its content “just in case we missed something in our initial release.” The folder will remain offline until a full review is carried out and its content is deemed acceptable under the site’s rules.

The administrator also explains that the folder was only 1.2GB in size, and that it contained “12 releases each being 100MB,” thus being far smaller than “32TB as stated in The Register’s article.” Being this small, the folder could not possibly cover core source code, the admin also noted.

Apparently, Microsoft already had a look at the contents of said folder and determined that it did contain “a portion of the source code from the Shared Source Initiative.” This means that the code, although not publicly accessible, was already available to Microsoft’s customers looking to license it through the program.

According to Windows Internals Expert Alex Ionescu, only the source code in the ARM Shared Source Kit was leaked in the incident.

<blockquote class="twitter-tweet" data-lang="en"><p lang="en" dir="ltr">No source code has been leaked other than the ARM shared source kit.</p>&mdash; Alex Ionescu (@aionescu) <a href="https://twitter.com/aionescu/status/878379371135946752">June 23, 2017</a></blockquote>

<script async src="//platform.twitter.com/widgets.js" charset="utf-8"></script>

The Register article also claimed that “top-secret builds of Windows 10 and Windows Server 2016, none of which have been released to the public,” along with “prerelease Windows 10 "Redstone" builds and unreleased 64-bit ARM flavors of Windows” were also leaked on Beta Archive.

The site indeed lists a great deal of beta Windows builds, some of which weren’t accessible to the public at the time of their release, but accepts only defunct builds, which have been already superseded by newer ones. However, these builds were added to the site over time, and aren’t part of a single large leak.

However, a large number of builds were added on March 24, 2017, when some of the site’s users provided “a lot of Windows releases,” and the incident might be related to the recent arrest of two Britons for “unauthorised intrusion into networks belonging to Microsoft.”

The two supposedly hacked into Microsoft’s network between January and March this year, but no confirmation of a connection with Beta Archive has emerged. Referring to the arrests, the site’s admin said: “we don’t believe there is any connection with this alleged “Windows 10 core source code leak”.”

32TB of Secret Windows 10 Internal Builds & Partial Source Code Leaked Online
24.6.2017 thehackernews OS
A massive archive of Microsoft's top-secret Windows 10 builds, and the source codes for private software has been reportedly leaked online, which could lead to a nasty wave of Windows 10 exploits, journalist at the Reg claims.
The Leaked files – uploaded on BetaArchive website – contains more than 32 terabytes of data, which includes many non-public Windows 10 and Windows Server 2016 builds created by Microsoft engineers for testing purpose.
Interestingly, Windows 10 internal builds include private debugging symbols defined by the engineers usually to help other in-house developers understand how some specific codes in the operating system works and what functions it calls, the Register reports.

Private debugging symbols reveal some sensitive in-depth knowledge about the operating system that could be used by exploit writers to find vulnerabilities.
Moreover, the dump also contains Microsoft's Shared Source Kit, which includes source code for Windows 10 hardware drivers, such as:
Plug-and-Play system
USB Stacks
Wi-Fi Stacks
Storage Drivers
ARM-specific OneCore kernel code
According to Microsoft's website, Shared Source Kit is available only for "qualified customers, enterprises, governments, and partners for debugging and reference purposes."
However, BetaArchive has now removed the confidential ‘Shared Source Kit’ from its servers.
“We have removed it from our FTP and listings pending further review just in case we missed something in our initial release. We currently have no plans to restore it until a full review of its contents is carried out, and it is deemed acceptable under our rules.” BetaArchive said.

The leaked files also contain Microsoft's Windows 10 Mobile Adaptation Kit, a private software toolkit created by Microsoft designed to run Windows 10 operating system on mobile devices.
So far, it’s unclear who is behind this massive leak, but it could be from one of the Microsoft OEM partners.
Stay tuned for more information.

Features of secure OS realization
11.2.2017 Kaspersky OS

There are generally accepted principles that developers of all secure operating systems strive to apply, but there can be completely different approaches to implementing these principles. A secure operating system can be developed from an existing OS by improving certain characteristics that are the cause (or the consequence) of that operating system’s insecure behavior, or it can be developed from scratch. The former approach has the clear advantage of lower development costs and compatibility with a broad range of software.

Let’s consider this approach in the context of systems that are part of the critical infrastructure. Two factors are important for such systems:

The ability to fulfil special security requirements, which may involve not only preserving certain general properties of information (such as confidentiality), but such things as tracking certain commands and data flows, having no impact on process execution in the system, etc.

The provision of guarantees that the system will work securely and will not be compromised.

Building a secure system based on a popular OS commonly involves implementing additional mechanisms of access control (e.g., based on the mandatory access control model), strengthened authentication, data encryption, security event auditing, and application execution control. As a rule, these are standard security measures, with the system’s special requirements addressed at the application level. As a result, special (and often also general) security measures rely on the implementation of numerous components, each of which can be compromised. Examples include: SELinux, RSBAC, AppArmor, TrustedBSD, МСВС, and Astra Linux, etc.

To improve security, tools that make it more difficult to exploit some vulnerabilities, including those inherent in the system due to its insecure original design, can be built into the system. Examples include: Grsecurity, AppArmor, Hardened Gentoo, Atlix, YANUX, and Astra Linux, etc.

Only a few years ago, a commonly used approach was to provide “security” guarantees based on scanning software code for errors and vulnerabilities and checking software integrity by comparing checksums. That approach was used in Openwall Linux, and some operating systems developed in Russia.

Although these measures lead to an overall improvement in the characteristics of general-purpose systems, they cannot address the special requirements for systems that are part of the critical infrastructure or guarantee security with a high degree of confidence.

Unlike initiatives based on attempts to improve the security of existing operating systems, KasperskyOS was, from the start, designed based on architectural principles that can ensure its secure behavior, that meets the requirements of special-purpose systems.

However, operating systems originally designed as secure cannot always guarantee that specific security policies will be enforced. Objective reasons for this include the difficulty of specifying clear security goals for such a relatively versatile IT product as an operating system, as well as the large number and variety of threats posed by the environment.

If an operating system is designed for specific uses on a more or less fixed range of hardware, with specific software running under it within defined operating scenarios, then security goals can be defined with sufficient accuracy and a threat model can be built. To achieve security goals, the model is used to develop a specific list of security requirements and trust requirements. Fulfilling these requirements is sufficient to guarantee the system’s secure behavior. Examples include specialized embedded solutions from LynuxWorks, Wind River, and Green Hills.

For a general-purpose operating system, achieving the same guarantees is more difficult due to a broader definition of security goals (which is necessary for the system to support a broader range of secure execution scenarios). As a rule, this requires support for a whole class of policies that are needed for a specific access control type (discretionary, mandatory, role-based), customary authentication mechanisms, and other protection tools whose management does not require specialist knowledge. This requires implementing relatively universal security mechanisms. Sometimes, provided that the OS runs on a fixed hardware platform (usually from the same vendor), compliance of these mechanisms with a certain standard or security profile can be guaranteed with a sufficient degree of confidence. Examples include: Oracle Solaris with Trusted Extensions, XTS-400, and OpenVMS, AS/400.

Finally, for a general-purpose operating system that runs on an arbitrary hardware platform, achieving high security guarantees is even harder because in this case the threat model grows out of all proportion.

This problem can be solved using an approach based on building a modular system from trusted components which are small and which implement standardized interfaces. The architecture of a secure system built in this way makes it possible to port a relatively small amount of software code to various hardware platforms and verify it, while keeping top-level modules so that they can be reused. Potentially, this makes it possible to provide security guarantees for each specific use of the OS.

The development model of the KasperskuOS operating system is based on implementing small trusted low-level components which enable top-level components to be reused. This provides maximum flexibility and efficiency in tailoring the system for the specific needs of a particular deployment, while maintaining the verifiability of its security properties.

The first step towards creating a modular operating system is using a microkernel-based architecture. The microkernel is the system’s only method of interaction and data exchange, providing total access control.

However, access control provided by the microkernel cannot implement properties of the system related to supporting specific security policies. KasperskyOS implements the principle of separating access-related decisions based on the policy defined from access control implemented at the microkernel level. Access decisions based on computing security policy compliance verdicts are made by a dedicated component – the security server. Flask is the best known architecture based on this principle.

It should be noted that a number of enhanced-security operating systems (SELinux, SEBSD) based on general-purpose systems have been built using the Flask architecture, but these systems use a large monolithic kernel. In fact, Flask does not require using a microkernel, but it works best with one.

KasperskyOS does not reproduce the Flask architecture in full but develops its ideas to provide better security and flexibility of use in target systems. The original Flask architecture describes interfaces and requirements for the two main components involved in applying security policies to interaction – a security server, which computes security verdicts, and an object manager, which provides access based on these verdicts. The development of KasperskyOS is, to a large extent, focused on preserving trust not only for mechanisms that compute and apply verdicts, but also for the configuration based on which this computation is performed. Basic security policies are combined into more sophisticated rules using a configuration language. These rules are then compiled into a component that acts as an intermediary between the security server and the microkernel, enabling verdicts to be computed in a way that provides the required business logic.

The major architectural difference between KasperskyOS and other secure operating systems available in the market is that the former implements security policies for each specific deployment of the OS. Support for those policies which are not needed is simply not included in the system. As a result, in each deployment of the operating system the security subsystem provides only required functionality, excluding everything that is not needed.

As a result, KasperskyOS provides configuration of overall security policy parameters (system-wide configuration at the security server level) and rules for applying policies to each operation performed by each entity in the system (through configuration of verdict computation).

The trusted code obtained by compiling configurations connects application software with the security model in the system, specifying which operations performed by programs should be governed by which security policies. Importantly, the code does not include any information about operations or policies except references to them.

The architecture of KasperskyOS supports flexibility, applying policies to individual operations performed by different types of processes (without potentially jeopardizing security through possible compromise of the configuration).

Of course, a microkernel-based system that has Flask-like architecture is not a unique idea invented by KasperskyOS developers. There is a history of successful microkernel development (seL4, PikeOS, Feniks/Febos), including microkernels with formally verified security properties. This work can be used to implement an OS that can guarantee security domain isolation (provide “security through isolation”) – an architecture known as MILS (Multiple Independent Domains of Safety/Security).

However, this case involves developing not just a microkernel but a fully-functional operating system that provides not only the separation of security domains and isolation of incompatible information processing environments, but also control of security policy compliance within these domains. Importantly, the microkernel, the infrastructure of the OS based on it and the security policies are developed by the same vendor. Using third-party work, even if it is of high quality, always imposes limitations.

KasperskyOS is based on a microkernel developed in-house, because this provides the greatest freedom in implementing the required security architecture.

The greatest shortcoming of operating systems built from scratch is the lack of support for existing software. In part, this shortcoming can be compensated for by maintaining compatibility with popular programming interfaces, the best known of which is POSIX.

This shortcoming is also successfully remedied by using virtualization. A secure operating system in whose environment a hypervisor for virtualizing a general-purpose system can be launched, will be able to execute software for that OS. KasperskyOS, together with Kaspersky Secure Hypervisor, provides this capability. Provided that certain conditions are met, an insecure general-purpose IS can inherit the security properties of the host OS.

KasperskyOS is built with modern trends in the development and use of operating systems in mind, in order to implement efficient, practical and secure solutions.

To summarize, the KasperskyOS secure operating system is not an extension or improvement of existing operating systems, but this does not narrow the range of its applications. The system can be used as a foundation for developing solutions that have special security requirements. Capabilities related to providing flexible and effective application execution control are inherent in the architecture of KasperskyOS. The system’s development is based on security product implementation best practices and supported by scientific and practical research.

Cyanogen is shutting down CyanogenMod, it will go on as Lineage, maybe
26.12.2016 securityaffairs OS

The most popular custom Android ROM, the Cyanogen OS, Announced That it is closing its services starting from December 31, 2016.
Bad news for users of the most popular custom Android ROM, the Cyanogen OS, that is now closing its services.

Cyanogen was launched with the intent to provide an improved version of the Google Android operating system but following some technical and potential legal issues, it decided to shut down its custom services.

CyanogenMod OS is not a commercial operating system that implements features not available in the official firmware distributed by mobile device vendors.

It is managed by a community of developers led by Steve Kondik, which is one of the co-founder of Cyanogen.

“As part of the ongoing consolidation of Cyanogen, all services and Cyanogen-supported nightly builds will be discontinued no later than 12/31/16. The open source project and source code will remain available for anyone who wants to build CyanogenMod personally.” reads an official statement published on the official website.

The planned shutdown of Cyanogen was officially announced late Friday through a very brief blog post made by the company, saying “as part of the ongoing consolidation of Cyanogen,” it’s shutting down all services and nightly builds on December 31.

What does it mean for end-users?

Starting from January 2017, there will be no more Android ROM updates, anyway, the open source project and source code will remain available for those people that want to build their own CyanogenMod.

Cyanogen will stop providing nightly builds and security updates for its OS, mobile devices running Cyanogen OS (i.e. OnePlus One), will have to switch to the open-source version of the CyanogenMod OS.

At the time I was writing the www.cyanogenmod.org is down.

The CyanogenMod team has published a post to confirm the shutdown of the CM infrastructure and revealing a plan to continue the open-source initiative as Lineage.

Below the full message from the team:

“Last week, we released the final CM-13.0 releases, updated to the latest security patches, in anticipation of what follows.

Yesterday, Cyanogen Inc (Cyngn) announced that they were shutting down the infrastructure behind CyanogenMod (CM). This is an action that was not unpredictable given the public departure of Kondik (cyanogen himself) from the company, and with him our last remaining advocate inside Cyngn’s leadership.

In addition to infrastructure being retired, we in the CM community have lost our voice in the future direction of CM – the brand could be sold to a third party entity as it was an asset that Kondik risked to start his business and dream. Even if we were to regroup and rebuild our own infrastructure, continuing development of CM would mean to operate with the threat of sale of the brand looming over our heads. Then there is the stigma that has grown to be attached to anything named ‘Cyanogen’. Many of you reading this have been champions of clarifying that the CM product and CyngnOS were distinct, yet the stain of many PR actions from Cyngn is a hard one to remove from CM. Given CM’s reliance on Cyngn for monetary support and the shared source base, it’s not hard to understand why the confusion remains.

It will come as no surprise that this most recent action from Cyngn is definitely a death blow for CyanogenMod.

However, CM has always been more than the name and more than the infrastructure. CM has been a success based on the spirit, ingenuity and effort of its individual contributors – back when it was Kondik in his home, to the now thousands of contributors past and present.

Embracing that spirit, we the community of developers, designers, device maintainers and translators have taken the steps necessary to produce a fork of the CM source code and pending patches. This is more than just a ‘rebrand’. This fork will return to the grassroots community effort that used to define CM while maintaining the professional quality and reliability you have come to expect more recently.

CM has served the community well over its 8 long years. It has been our home, bringing together friends from all over the world to celebrate our joy of building and giving. Its apt then that on this Eve of a holiday we pay our respects. We will take pride in our Lineage as we move forward and continue to build on its legacy.

Thank you & Goodbye,
The CyanogenMod Team”

Cyanogen shut down

The CyanogenMod community is now working to produce a fork of the CyanogenMod source code and pending patches.

Android community believes that a new project, dubbed LineageOS, will bo continue to live on it, but it is still in its infancy.

According to the CyanogenMod (CM) team, Lineage “is more than just a ‘rebrand’” and “will return to the grassroots community effort that used to define CM while maintaining the professional quality and reliability you have come to expect more recently.”

If you are interested in LineageOS you can give a look at its website, the files of the Lineage Android Distribution can be found on a repository on GitHub.

“So, yes, this is us. LineageOS will be a continuation of what CyanogenMod was. To quote Andy Rubin, this is the definition of open. A company pulling their support out of an open source project does not mean it has to die.” states the description about

Cyanogen Shutting Down All Services; No More Android ROM Updates
26.12.2016 thehackernews  OS
A bittersweet Christmas and New Year for users and fans of the most popular custom Android ROM, Cyanogen OS.
Cyanogen that tried and failed to kill Google's Android operating system is now shutting down the custom services that it provides to phones that run its Cyanogen OS as we know it and the "nightly builds" of said OS on December 31st.
Cyanogen came with an ambition to build better versions of the Android operating system than those created by Google itself, but following some technical and potential legal issues, the startup has decided to quit.

The planned shutdown of Cyanogen was officially announced late Friday through a very brief blog post made by the company, saying "as part of the ongoing consolidation of Cyanogen," it's shutting down all services and nightly builds on December 31.
"The open source project and source code will remain available for anyone who wants to build CyanogenMod personally," the blog reads.
What About Cyanogen OS-Powered Smartphones?
From January 2017, there will be no further updates to the Cyanogen OS, no more nightly builds, and no more security updates.
Eventually, smartphones running on the Cyanogen OS, like the original OnePlus One and Lenovo ZUK Z1, will have to switch to the open-source version of the CyanogenMod operating system.

CyanogenMod OS is not a commercial operating system and is managed by a community of developers led by Steve Kondik, the co-founder of Cyanogen.
'Death Blow' to CyanogenMod
However, the CyanogenMod team believes that the shutdown of Cyanogen is a "death blow" to CyanogenMod, the team announced just after the closure announcement by Cyanogen.
CyanogenMod team pays respects to the community as it served for more than eight long years and announced the next open-source Android project.
Embracing the spirit of Cyanogen, the CyanogenMod team of developers, designers, device maintainers, and translators are now working to produce a fork of the CyanogenMod source code and pending patches.
Next? CyanogenMod Team Launches Lineage OS
While both Cyanogen and CyanogenMod are saying goodbye this year, the spirit of CyanogenMod will continue to live on in the new open source project.
Dubbed LineageOS, the new OS is still in its inception phase and would take some time for people to see any progress from the newly formed unit.
According to the CyanogenMod (CM) team, Lineage "is more than just a ‘rebrand’" and "will return to the grassroots community effort that used to define CM while maintaining the professional quality and reliability you have come to expect more recently."
A website is being developed for LineageOS, and the GitHub repository can be found populated with CM files, called Lineage Android Distribution. The beginning of this new open source project "will be a continuation of what CyanogenMod was."

Ubuntu’s Crash Report Tool Allows Remote Code Execution
16.12.2016 thehackernews OS
No software is immune to being Hacked! Not even Linux.
A security researcher has discovered a critical vulnerability in Ubuntu Linux operating system that would allow an attacker to remotely compromise a target computer using a malicious file.
The vulnerability affects all default Ubuntu Linux installations versions 12.10 (Quantal) and later.
Researcher Donncha O'Cearbhaill discovered the security bug which actually resides in the Apport crash reporting tool on Ubuntu.

A successful exploit of this CrashDB code injection issue could allow an attacker to remotely execute arbitrary code on victim's machine. All an attacker needs is to trick the Ubuntu user into opening a maliciously booby-trapped crash file.
This would inject malicious code in Ubuntu OS's crash file handler, which when parsed, executes arbitrary Python code.
"The code first checks if the CrashDB field starts with { indicating the start of a Python dictionary," O'Cearbhaill explains.
"If found, Apport will call Python’s builtin eval() method with the value of the CrashDB field. eval() executes the passed data as a Python expression which leads to straightforward and reliable Python code execution."
The flawed code was introduced on 2012-08-22 in Apport revision 2464 and was initially included in release 2.6.1.
O'Cearbhaill has published the copy of his proof-of-concept (PoC) source code on GitHub.

Video Demonstration of the CrashDB Code Injection Attack
The researcher has also shared a video demonstration, showing that it is possible to gain control over the targeted Ubuntu box system using this flaw with the help of a malicious file.

O'Cearbhaill launched Gnome calculator with a simple Apport crash report file and explained that the code could be saved with the .crash extension or with any other extension that's not registered on Ubuntu.
The researcher reported the crash reporting app bug (listed as CVE-2016-9949 and a related path traversal bug as CVE-2016-9950) to the Ubuntu team, and the good news is that the team has already patched the flaw in Ubuntu on December 14 with O'Cearbhaill receiving $10,000 bounty.
Users and administrators of Ubuntu Linux desktops are strongly advised to patch their systems as soon as possible via the usual update mechanism.

North Koreans Red Star OS can be easily hacked remotely
6.12.2016 securityaffairs OS

The North Korean operating system Red Star OS isn’t hacker proof, researchers demonstrated that it can be easily hacked remotely.
Red Star OS is an operating system used by the population in North Korea. According to two German researchers from the IT security company ERNW who analyzed it early this year, it is characterized by a high degree of paranoia and invasive surveilling on users.

Florian Grunow and Niklaus Schiess downloaded the software from a website outside North Korea and explored the code in detail.

Red Star OS computer operating system
North Korea operating system ©Reuters

These are their findings:

Latest version is from around 2013.
Red Star OS is based on the Fedora Linux distro.
It has an Apple OSX look, the country’s leader Kim Jong-un, like his father, has been photographed near Macs.
Own version of encryption files, the North Korea wants to avoid the spread of any code that might compromise OS files.

If you believe that the North Korean operating system is hacker proof you are wrong, in fact, it can be easily hacked remotely.

According to the experts at security firm Hacker House, the Red Star OS is affected by a critical vulnerability that could be exploited by remote hackers to access the PC. The attacker just needs to trick a victim into opening a link.

“Hacker House team have previously disclosed a number of local root vulnerabilities [3] & [4] in Red Star OS to show how insecure programming practices are in use by the RedStar OS developers. We are sharing another amusing example of this in the form of a remote client-side command injection vulnerability to mark RedStar’s anniversary leak.” reads a blog post published by the Hacker House.”This exploit is a client-side remote exploit which can be triggered from the Internet/Intranet and used to install malware or exploit computers running RedStar OS just by having a user click a hyperlink.”

The latest version of the Red Star OS ships with the web browser Naenara which is the landing point for a remote attacker that wants to take over the system.

The experts exploited a certain Red Star application, the ‘nnrurlshow’, that handles Uniform Request Identifiers (URI), in particular the “mailto” URI ordinarily used for email could be used to remotely “execute arbitrary commands.” The Naenara web browser doesn’t sanitize the command line when handling URI argument allowing attackers to remote execute arbitrary code.

“Whilst probing for vulnerabilities it was noticed that registered URL handlers were passed to a command line utility “/usr/bin/nnrurlshow”. This application (aside from having null ptr de-refs and other cute bugs) takes URI arguments for registered URI handlers when handling application requests such as “mailto” and “cal”. Naenara doesn’t sanitize the command line when handling these URI argument requests and as such you can trivially obtain code execution by passing malformed links to the nnrurlshow binary.” continues the analysis of the experts.

“An attacker can get a user of RedStar OS 3.0 to execute arbitrary commands by enticing them to click on a link which points to “mailto:`cmd`”. Commands will then be executed as arguments when passed to evolution mail. An example of exploitation can be seen in the image below with the output of the “id” command visibly shown in the evolution-based mail client output.”

red star os

Kali Linux 2016.2 — Download Latest Release Of Best Operating System For Hackers
2.9.2016 thehackernews OS
As promised at the Black Hat and Def Con security and hacking conferences, Offensive Security – the creators of Swiss army knife for researchers, penetration testers, and hackers – has finally released the much awaited Kali Linux 2016.2.
Kali Linux is an open-source Debian-based Linux distribution designed to help ethical hackers and security professionals with a wide range of tools for penetration testing, forensics, hacking and reverse engineering together into a single package.
Earlier the Kali Linux distribution was known as BackTrack.
Kali Linux 2016.2 is an updated Live ISO image of the popular GNU/Linux distribution that includes the latest software versions and enhancements for those who want to deploy the operating system on new systems.
What's new?
Besides bringing the updated Live ISOs of Kali Linux, the Kali Linux team brings multiple variants of the GNU/Linux distribution with various Desktop Environments, specifically KDE, Xfce, MATE, LXDE, and Enlightenment – all available only for 64-bit platforms.
What's even more exciting is that, from Kali Linux 2016.2 onwards, the team promises to release updated Live ISO images of Kali with new software versions and the latest security patches every week.
Since Kali Linux has been the most advanced and widely used distro for penetration testing and forensics, this weekly update has come up as exciting news for those involved in various hacking and security-related projects.
It's been several months since the last update to the official Kali Linux Live ISOs, and there are a few hundred new or updated packages pushed to the Kali repositories.
This means that the packages incorporated in the previous Kali Linux ISOs need bug fixes and OS improvements, which are implemented in the most recent versions of the Linux distro.
"Since our last release several months ago, there's a few hundred new or updated packages which have been pushed to the Kali reports," the Kali Linux team's announcement reads. "This means that anyone downloading an ISO even 3 months old has somewhat of a long 'apt-get dist-upgrade' ahead of them."
You can download the latest Kali Linux 2016.2 ISOs from its official website now. The Kali Linux team has also promised to bring a lot of exciting announcements in the next few weeks, so keep an eye on its announcements for the latest updates.

Windows 10 Blue Screen of Death Gets QR Code
13.4.2016 OS
If you are a Microsoft’s Windows user, you may have encountered the infamous Blue Screen of Death (BSOD).
The Blue Screen of Death generally appears when Windows encounters any critical error due to software or hardware issues, displaying a sad face and no information other than "Your PC ran into a problem."
However, now the company is apparently giving its infamous Blue Screen of Death a makeover.
With the Microsoft's Anniversary Update, the company is making the Blue Screen of Death a little helpful for its users.
Microsoft is adding QR code to its Blue Screen of Death (BSOD) in Windows 10 that will make it easier for users to identify potential issues with their devices.
The new QR codes are featured in the Redmond's latest Windows 10 Preview, Build 14316, which will debut this summer as the Windows 10 Anniversary Update.
Must Read: Step-by-Step Tutorial to Run Ubuntu on latest Windows 10 Preview Build.
Now, when your operating system fails, you will see not just a sad face, but a QR code that would be helpful in two ways:
You would be able to scan this code with your smartphone and be directed to a Web page that could include the details on the encountered error.
You could also call Microsoft support to figure out the problem by determining the source of the bug based on the specific QR code and even help you troubleshoot or fix it.
Though the change is not groundbreaking one, it will surely benefit millions of Windows 10 users whose hearts stop for a while when their screen goes blue.
The BSOD QR codes are expected to come out this summer when Microsoft releases the Windows 10 Anniversary Update.
Microsoft's Anniversary Update for Windows 10 will bring a lots of new features, including Ubuntu file system that will allow you to use Bash to run command-line Linux applications without a virtual machine.
How many of you think the BSOD QR codes would be useful?
Let me know in the comments below.

How to Run Ubuntu on latest Windows 10 Insider Preview Build 14316
7.4.2016 OS
How to Run Ubuntu on latest Windows 10 Insider Preview Build 14316
As reported last week, Microsoft will launch an 'Anniversary Update' for Windows 10 that will bring Ubuntu file system, allowing you to use Bash to run command-line Linux applications without a virtual machine.
However, you do not have to wait until this summer to run Bash (Bourne Again Shell) on your Windows 10 OS, as Microsoft has released the first preview build of the Windows 10 Anniversary Update to the members of its Insider program.
Don't expect it to run Ubuntu directly on Windows 10, as this is basically Ubuntu user-space packages running natively on Windows 10 by the company coming up with real-time translation of Linux system calls into Windows system calls.
This new Bash Shell support features a full Ubuntu user space complete with support for tools including ssh, apt, rsync, find, grep, awk, sed, sort, xargs, md5sum, gpg, curl, wget, apache, mysql, python, perl, ruby, php, vim, emacs and more.
Windows 10 build 14316's biggest addition is running native Bash on Ubuntu in Windows 10, and you can install the new preview build to test this feature.
Here's How to Run native Bash on Ubuntu on Windows
Step 1: Enroll in the Windows Insider program and Select "Advanced Windows Update options" under "System Settings."
How to Run Ubuntu on latest Windows 10 Insider Preview Build 14316
Step 2: Set your update ambition to "the fast ring".
How to Run Ubuntu on latest Windows 10 Insider Preview Build 14316
Step 3: Now turn ON "Developer Mode" via Settings → Update & security → For developers, as this new feature is specifically meant for developers.
How to Run Ubuntu on latest Windows 10 Insider Preview Build 14316
Step 4: You now need to check for new updates (Insider Preview Build 14316), apply all updates, and then Restart your system.
How to Run Ubuntu on latest Windows 10 Insider Preview Build 14316
Step 5: Turn ON the new Windows feature, "Windows Subsystem for Linux (Beta)".
How to Run Ubuntu on latest Windows 10 Insider Preview Build 14316
Note: You need a 64-bit version of Windows. Without it, you won't see the new option.
Step 6: Reboot your system.
Step 7: Now Press the Start button and type 'Bash' or simply open Command Prompt and type 'bash.' This will launch a console window powered by Ubuntu's user-space.
How to Run Ubuntu on latest Windows 10 Insider Preview Build 14316
Bingo! Now experience Bash just as good as it's in variants of Linux.
Other New Features in Build 14316
Other new features in Build 14316 include improvements to the Microsoft Edge browser, new Skype Universal Windows Platform app, support for new emoji, and a new toggle that lets you switch between light and dark mode themes for Windows Settings, clock, calculator, and other apps.
However, Keep in mind that this is just a preview of upcoming Windows feature, so there may be some bugs, and some features may also change before they are launched for all Windows users this summer.

How to Disable Windows 10 Upgrade (Forever) With Just One Click
30.3.2016 OS
If you are a Windows 7 or Windows 8.1 user, who don't want to upgrade to Windows 10 now or anytime soon, you might be sick of Microsoft constantly pestering you to upgrade your OS.
Aren't you?
With its goal to deploy Windows 10 on over 1 Billion devices worldwide, Microsoft is becoming more aggressive to convince Windows 7 and 8.1 users to upgrade to its newest operating system, and it is getting harder for users to prevent the OS being installed.
But if you're worried that this out of control Windows 10 upgrade process will force you into downloading an unwanted OS; I have an easier solution to block Windows 10 upgrade on your PCs.
A new free tool, dubbed Never10, provides the user a one-click solution to disable Windows 10 upgrade until the user explicitly gives permission to install Windows 10.
Never10 has been developed by Steve Gibson, the well-known software developer and founder of Gibson Research, which is why the tool is also known as "Gibson's Never10."
How to Disable Windows 10 Upgrade on Your PCs
Go to Gibson's Never10 official site and click on the Download.
Once downloaded, the program detects if the upgrade to Windows 10 is enabled or disabled on your system and then shows a pop-up. If enabled, Click 'Disable Win10 Upgrade' button.
You’ll again see a pop-up that now shows Windows 10 upgrade is disabled on your system, with two buttons to 'Enable Win10 Upgrade' and 'Exit.' Click on Exit button.
That's it, and you have successfully disabled Windows 10 Upgrade on your PC.
Here's the kicker:
The best part of this tool is that you don't have to install an application on your PC to do this. Gibson’s Never 10 is an executable. So you just need to run it, and it doesn’t install anything on your computer. You can delete it when you're done.
"The elegance of this 'Never 10' utility is that it does not install ANY software of its own. It simply and quickly performs the required system editing for its user," Gibson writes on his page about the new utility.
According to Gibson, Never10 will be a great help to inexperienced users while advanced users will likely appreciate the fact that no additional software is installed and will be able to refer their family and friends to this easy-to-use utility.
For more technical details on how this tool works, you can head on to this link.
Unlike other available Windows 10 blocker tools, Never10 blocks the Windows 10 upgrade, but at the same time, the tool allows you to start the update process in case you change your mind, according to Windows watcher Paul Thurrott.
However, the primary purpose of Gibson's Never10 is to prevent Windows 7 and Windows 8.1 operating system from being upgraded to Windows 10. As Gibson says:
"Many users of Windows 7 and 8.1 are happy with their current version of Windows and have no wish to upgrade to Windows 10."
"There are many reasons for this, but among them is the fact that Windows 10 has become quite controversial due to Microsoft's evolution of their Windows OS platform into a service which, among other things, aggressively monitors and reports on its users' activities."
Moreover, just a month ago, Microsoft was caught displaying unsolicited advertisements on its Windows 10 users' desktops.
These reasons are enough for many users to stay on their previous versions of the Windows operating system.

Microsoft built a special version of Windows 10 just for Chinese Government
30.3.2016 OS
China is very strict about censorship, which makes it difficult for companies to launch their products in the country. But companies like Microsoft are playing smartly to target the largest market in the world.
Microsoft has found a way to enter into the banned Chinese Market, but this time with official support for Chinese Government through a new custom and exclusive Windows 10 version for China.
It sounds like Microsoft has no issues like Apple, which strongly refused the court order to create a special ‘GovtOS’ version to help the Feds with unlocking iPhone.
Microsoft’s CEO for the Greater China region Ralph Haupter has confirmed that the company has built a Chinese government-approved version of Windows 10 OS that includes “more management and security controls” and less bloatware (pre-installed apps).
Specialized Windows 10 'Zhuangongban' for China
In a joint venture with a state-run technology and defense company, CETC (China Electronic Technology Group), Microsoft developed its specialized version of Windows 10 to comply with governmental standards.
The codename for the exclusive version of Windows 10 for China is called "Windows 10 Zhuangongban," which means "Specialized Class."
The customized version of Windows 10 would come with basic apps and additional integrated privacy standards which could be a trust gaining strategy by Microsoft among Chinese nationals.
The initial stern action of Chinese Government to ban Windows from the Chinese desks was the outcome of discontinued support of Windows XP officially by Microsoft. Moreover, the company enforced its XP user base to switch to Windows 8.
According to the survey of Net Applications, a US Based Analytics firm, it is reported that 51% of the Chinese users relies on Windows 7, whereas 32.9% users are still relying on the Windows XP, a discontinued product.
There had been made various efforts made by Chinese Government to build the counterpart of Windows XP called Neo-Kylin. But as the new player is in its infancy, it failed to grab the market attention as it lacked in the technical support.
As no other options left, Chinese Government finally convinced Microsoft to team up with a local technological company (CETC) to build a new OS, and Windows 10 Zhuangongban is the result of the same.
Microsoft's Target -- 1 Billion Windows 10
Microsoft’s goal to install its newest Windows 10 OS on one Billion devices worldwide is not possible without covering the largest market in the world.
Convincing Chinese Government to adopt its Windows 10, even if it is a customized version, is a great achievement for Microsoft, which would help the company reach its 1 Billion goal soon.
China, being the largest populated country in the world is a golden egg client for Microsoft to broaden the Windows 10 market base.
With the Windows 10 Zhuangongban OS, now let’s see: Which Nation would be the next target for Microsoft to play the same move in order to reach its goal? Will it be Germany or Russia??

Windows 10 Started Showing Ads on LockScreen — Here's How to Turn It OFF
26.2.2016 OS
If you've upgraded your older version of Windows OS to an all new Windows 10 operating system then you may have noticed an advertisement appearing on your desktop or laptop’s lock screen over the past couple of days.
Yes, this is what Microsoft has chosen to generate revenue after offering Free Windows 10 Download to its users: Monetize the Lock Screen.
Thanks to Windows 10's new Spotlight feature that usually shows you clean and beautiful photographs and fun facts on your lock screen, but now started displaying advertisements to over 200 Million devices running Windows 10.
Some Windows 10 users have reported seeing ads for Rise of the Tomb Raider with links to Windows Store from where users can purchase the video game. Microsoft started selling the game last month.
Although the ads are not as annoying as the Windows 10 privacy concerns related to the way Microsoft collects your personal data, the good news is that you can turn the ads OFF.
Must Read: How to Stop Windows 7 or 8 from Downloading Windows 10 Automatically.
Here's How to Turn the Ads OFF
Disable Windows 10 Lock Screen Advertisement
The advertisements are because of the Windows Spotlight feature in your Personalization settings.
If you don't want to see these intrusive ads, follow the steps given below to disable Windows Spotlight:
Open the Start Menu and look for 'Lock Screen Settings.'
Under 'Background,' Choose either 'Picture' or 'Slideshow,' instead of Windows Spotlight.
Now, Scroll down to 'Get fun facts, tips, tricks, and more on your lock screen' and uncheck this box.
The advertisements are turned ON for your lock screen by default, which is definitely a clever way to offer companies to reach their customers, without mentioning the word 'advertisements' to the Windows users.
Also Read: If You Haven't yet, Turn Off Windows 10 Keylogger Now.
As I previously said: Nothing comes for Free, as "Free" is just a relative term. Everything comes with its own price.
As warned last year, Microsoft also started pushing Windows 10 upgrades onto its user's computers much harder by re-categorizing Windows 10 as a "Recommended Update" in Windows Update, instead of an "optional update."

Linux Foundation Launches 'Zephyr', a tiny OS for Internet of Things
20.2.2016 OS
The 21st century is witnessing a great change over in the daily life of folks with the advent of IoT devices that are capable of talking to each other without any human intervention.
Yeah! Now you do not have to individually cascade an instruction to each of your home devices to accomplish a task. All have gone automated with the actuators and sensors which are infused into the home appliances.
The fact is that your IoT devices would only comply within the family of same manufacturers. For example, if you have a Samsung smart refrigerator, and your wearable device is from Apple or any other vendors, then it couldn't sync as both are from different genres.
No need to worry now!
Zephyr: Future of IoTs
The Linux Foundation has broken all the barriers of compatibility issues by releasing a Real-Time Operating System (RTOS) for Internet of Things devices, dubbed "Zephyr". This OS enables connected devices to communicate with the same protocol.
So, no more digital barricades between your thermostat and your wearable devices, as they could communicate with each other using the same protocols.
The Zephyr project is supported by multiple platforms like NXP Semiconductors, Synopsys, and UbiquiOS Technology and is licensed under Apache 2.0.
Why is Zephyr so important?
Zephyr stands out from the crowd as it provides a scalable, customizable, secure and open source operating system to be used across multiple architectures.
Doing so, Zephyr could help solve many of the current limitations that prevent, so far, Internet of Things from becoming really mainstream.
Zephyr is expected to take the best of both sides: low-consumption as well as speed.
Here's some key points about Zephyr:
Scalability: Universality of Interconnected devices
Umbrella Platform: All smart devices could run under a single roof.
Baby Footprint Kernel: Zephyr kernel can run on 8kb memory devices
Modularity: Supports to integrate 3rd party modules for additional functions as intended by the developer.
Licensing: As startups does not have to bother about any licensing clash, as a unique license file would be mailed to everyone.
Apart from the special features, Zephyr also supports technologies including Bluetooth, Bluetooth Low Energy, IEEE 802.15.4, 6Lowpan, CoAP, IPv4 and IPv6, NFC, Arduino 101, Arduino Due, Intel Galileo' Gen 2, and NXP FRDM-K64F Freedom board.
Security in Mind

Since connected devices are most hack prone items, these devices may malfunction when gets compromised.
However, Linux is more concerned about the Security of Individuals, and generally open source software is considered more secure, as anyone can inspect flaws and debug the code.
For this, the Linux Foundation is maintaining a dedicated security working group and a delegated security maintainer to be available through IRC Chats, so that anyone could help report the vulnerabilities in open discussions.
Although there are many other alternatives available for Internet of Things RTOS like Brillo from Google, Rocket from Intel, and Ubuntu Core from Canonicals, nothing would be as fascinating as Zephyr.

Maru OS — Android ROM that Turns into Debian Linux When Connected to a PC
6.2.2016 OS
Good News for Linux Techno Freaks! Do you usually mess with your Android smartphone by trying out the continual ins and outs of various apps and custom ROMs?
Then this news would be a perfect pick for you!
What If, you can effectively carry a Linux computer in your pocket?
Hereby introducing a new Android-based Operating system named "Maru OS" that combine the mobility of a smartphone as well as the power of a desktop on a single device.
Maru OS allows you to turn your smartphone into a desktop when plugging it with an HDMI cable.
Maru custom ROM includes two operating systems:
Android 5.1 Lollipop for mobile phones
Debian-Linux for desktop monitor
When you connect your phone (with Maru OS installed on it) via HDMI to a monitor, it will load Debian Linux automatically on your desktop screen in less than 5 seconds.
"Your phone runs independently of your desktop so you can take a call and work on your big screen at the same time," Maru OS official website explains.
Maru is shipped with Zero Bloatware (no pre-installed apps), which facilitates lots of free space for all your apps and your phone runs fast.
Advantages of Maru OS
Dual OS in phone
Lightweight Distro Packages
Zero Bloatware, except Google Play
Run a web server from your pocket
You can set up a portable development environment
And the Best One:
If by chance… your phone get disconnected from your screen, Maru OS will preserve your desktop state in the background, helping you pick up right where you left off.
"Your hardware's capabilities are shared across your mobile device and desktop, so you don't have to context-switch around so much," reads the website.
This latest OS is still in beta stage and currently available only in Nexus 5 devices. We hope this limitation might disappear later on.

Latest Windows 10 May Have a Linux Subsystem Hidden Inside
3.2.2016 OS
A Few Months Back, Microsoft impressed the world with 'Microsoft loves Linux' announcements, including, development of a custom Linux-based OS for running Azure Cloud Switch and selecting Ubuntu as the operating system for its Cloud-based Big Data services.
Also Read: Microsoft Drops a Cloud Data Center Under the Ocean.
Now, a renowned Windows Hacker and computer expert, who goes by the name ‘WalkingCat’, discovered that the latest version of Windows 10 may have a Linux subsystem secretly installed inside.
According to his tweets, hacker spotted two mysterious files, LXss.sys and LXCore.sys, in the most latest Windows 10 Redstone Build 14251, which are suspected to be part of Microsoft’s Project Astoria.
Project Astoria, also known as Windows Bridge for Android, is a toolkit that allows running Android apps on Windows 10 Mobile devices.
The naming convention for latest discovered files is very similar to the Android Subsystem files from Project Astoria, i.e. ADss.sys.
So, the "LX" in these name, however, can only be taken for one thing, and that is LINUX, which suggests the Windows 10 will have access to a Linux subsystem also.
Why a Linux Subsystem?
Since Windows 10 has been introduced as a Universal Operating system for all devices, so it might be possible that Microsoft wants to expand Project Astoria from mobile devices to desktop users.
If this comes to be true, adding a Linux subsystem will be beneficial in case Microsoft has plans to offer support for Linux applications, especially servers related technology and software.
Isn't this exciting?
Stay tuned to The Hacker News Facebook page for further developments on this topic.

Here's Why Microsoft Drops a Cloud Data Center Under the Ocean
3.2.2016 OS
Where tech companies like Facebook and Google prefer to move their data centers to colder countries to reduce their air conditioning bill, Microsoft has come up with an even better home for data centers while cutting high energy costs for cooling them: Under the Sea.
Here's what Microsoft says:
"50% of us live near the coast. Why doesn't our data?"
Building massive data centers underwater might sound crazy, but it is exactly something Microsoft is testing with its first submarine data center, dubbed Leona Philpot.
World's First Underwater Data Center
The testing is part of Microsoft’s plan dubbed Project Natick — an ongoing research project to build and run a data center that is submerged in the ocean, which the company believes, could make data centers faster, cost-effective, environmentally friendly and easier to set up.
Leona Philpot (named after the Halo character from Microsoft's Xbox) was tested last August, when engineers placed an enormous steel capsule a kilometer off the California coast, 30 feet underwater in the Pacific Ocean.
A single datacenter computing rack was placed in an eight-foot-wide steel capsule, which was covered in around 100 sensors to monitor every aspect of the underwater conditions: pressure, humidity, and, most importantly, motion.
The test ran from August to November last year (exactly 105 days) and the engineers said it was more successful than expected.
Why Underwater Data Center?
According to Microsoft, these are the main reasons for experimenting with underwater data centers:
1. Air conditioning cost is one of the biggest pain in running data centers. Traditional data centers are believed to consume up to 3 percent of the world's electricity.
So, placing the data centers in the ocean eliminated the need for cooling and will highly cut energy costs required to cool the heat generated by the racks upon racks of servers that process and store the world's digital lives.
2. Half of the world's population is located within 200 kilometers of the coast, so placing data centers in the sea would reduce latency – the time data takes to travel from its source to customers, which simply means faster delivery of data.
3. Reduce the time to build a data center from 2 Years to 90 Days. Microsoft believes that if it can mass produce the steel capsules, the company could build data centers in just 90 days.
This would make its operations cheaper and much quicker than the time needed to set a data center up on land.
Moreover, the capsules designed by the company would also adopt new, innovative rack designs that do not even need to consider human interaction.
4. Use of Renewable Energy. The project's engineers even believe that in future, underwater data centers might be able to power themselves by renewable energy, as in this case, perhaps underwater turbines or tidal power to generate electricity.
5. Environment-Friendly. Microsoft will also be tackling environmental concerns related to underwater data centers. The company says its current underwater data center prototype emits an "extremely" small amount of heat energy into the surrounding waters.
A Few Limitations:
Data centers on land are open for IT engineers to fix issues and replace servers whenever required, but the company wants its undersea data centers to go without maintenance for years at a time.
Since Microsoft doesn't have a team of Scuba engineers, each Natick data center unit would operate for over 5 years without maintenance and then it would be dragged up to the surface to have its internal parts replaced.
Other obvious risks for submarine data centers could be saltwater that is corrosive and weather that can also be a problem, to name just two potential hurdles.
Future Of The Data Center
The company started working on this idea in 2013, but the development of a physical prototype began in 2014 and August last year with its first ever submarine data server, Leona Philpot.
Since Microsoft's Project Natick has been in its "early days," it is hard to say when underwater data centers can actually adopted. However, Microsoft has plans to design a new version of underwater data centers that's three times larger than Leona Philpot.
It is not just Microsoft; many tech companies are considering new ways of housing data. In 2013, Facebook located one of its latest state-of-the-art data centers in Luleå, the far north of Sweden, to make use of cheap, renewable energy generated by hydroelectric schemes and outside air for cooling.