Introduction and Overview of the Last Article
Our last article examined in greater detail the threats that are posed to the iOS Operating System, which in turn affects all of the wireless devices, which primarily include those of the iPhone and the iPad.
There is often this feeling of safety when using these devices. The major part of this reasoning is that in reality, Apple has not been afflicted as much with Cyber-attacks as much as the Samsung and the Windows mobile devices have been.
Security experts have noted that Apple goes to extraordinary lengths to ensure that their devices are as hacker proof as possible. For example, there are extremely rigorous Quality Control processes in place, as well as other systems of checks and balances to ensure that only the authorized end user is accessing his or her own iPhone or iPad.
To this extent, Apple has even introduced the use of Biometric Technology to provide a Two-Factor (also known as “2FA”) security approach. This can also be thought of as a “Multi-Modal” approach as well. Really, any Biometric could work in this regard, but Apple chose to make use of Fingerprint Recognition because not only of its strong levels of Ease of Use but also it is the most widely accepted Biometric Technology worldwide.
This push by Apple only came to fruition after it bought a Biometrics Vendor known as “Authentic” in a Merger and Acquisition (M&A) activity. At the time, Authentec was the premier provider of Fingerprint Recognition Sensors to the Biometrics industry, with a specialty in manufacturing Optical based Sensors.
In fact, this same technology is even being used in the “Apple Pay,” which is basically Apple’s version of the Mobile Wallet. This and the use of Biometric Technology in the Smartphone will be topics of separate articles in the future.
However, as our last two articles have shown, Apple can be just as prone to Cyber-attacks as well. The first article looked at uploading rogue mobile applications onto the App Store by manipulating the Digital Certificates, which are granted to an end user after they have created an account for themselves. The second article examined other Cyber based attacks, which include the following:
A Malicious Configuration Profile:
Most wireless devices consist of this file for it to make the end user to properly set up their Apple wireless device correctly the first time quickly and easily. However, the Cyber attacker has found a way in which to create a malicious Configuration Profile and inject that into the iPhone or the iPad.
The WebKit Vulnerability:
This is a software package, which is used to power the Safari Web Browser. In fact, Apple is not just using it; Google in their Chrome Web Browser is also using it. However, despite the efforts to safeguard this package, the Cyber attacker has found ways in which to inject malicious .exe files into it, with the end result being that the end user is redirected to a spoofed Website.
The Zero Day Attack:
In these situations, the Cyber attacker has advanced knowledge of a weakness or a vulnerability in the Source Code and takes full advantage of it before the Vendor even knows about it.
In this article, we continue with the theme of Security threats, which are posed to Smartphones-but this time, the focal point is on the Windows Mobile devices.
The Windows Mobile Operating System
Yes, we have all heard of the Windows Operating Systems. By far, it is the most widely used OS in the world, ranging from the Workstation to the Server editions. These have ranged all the way from Windows 95 to Windows XP to Windows Vista to the latest version now, which is running, Windows 10.
When compared to just about any other software application or OS (including even the Open Source ones such as that of Linux), Windows has been the most sought after prize of the Cyber attacker.
For example, just about every piece Malware, Spyware, Adware, and even Trojan Horse has found its way into it. However, unlike the other Wireless Vendors that have made a separate and unique Operating System for their Smartphone product lines, Microsoft took an entirely different approach, utilized their existing Operating Systems, and modified so that it would be the OS for their mobile phone line.
For example, since the latest version is Windows 10, Microsoft simply took the underlying Source Code of that and modified it fit their Smartphone models, and rebranding it as merely “Windows 10 Mobile”. This Operating System is now available on the Lumia line of Smartphones, which include the Lumia 635, the Lumia 730, and the Lumia 830.
Microsoft’s fundamental reason for taking this approach is that it wanted to “. . . share many of the same features as its desktop version, including the same kernel, UI elements, menus, Settings, and even Cortana.” (SOURCE: 1).
But however, there is one fatal flaw in taking this kind of approach: The same type of Cyber threats and risks which are posed to the Windows Operating Systems on the Workstations and Servers can also be used to manipulate the OS’s which reside on the Windows line of Smartphones.
Therefore, on a theoretical plane, the effects of one Cyber-attack on a Windows platform will thus be greatly proliferated onto the mobile devices, and vice versa.
TheRisksPosed to the Windows Mobile Operating System
ETHICAL HACKING TRAINING – RESOURCES (INFOSEC)
Making Network based Files and Shared Resources available to everybody:
Although the Windows 10 Operating System has put in extra safeguards to protect private and confidential files of businesses/corporations and even the end user, the rights, which are granted to access them, seem to be misconfigured at times, and this is an escalating trend that is of grave concern. This can happen for a wide myriad of reasons, such as employees who really do not know how to assign permissions properly, or even the Network/System Administrators who are so overloaded in their work that he or she does not double check the permissions that they grant. However, more often than not, it is also the work of the Cyber attacker who is also misconfiguring these specific rights and permissions as well. What is interesting about this trend is that the Cyber attacker is not out for personal gain in these matters; rather their main intent is to cause financial loss to a business or a corporation when their files and resources become available to the public at large. This type of attack is especially worrisome on the Windows Mobile devices, as many employees now use this tool to store both personal and work related files, as literally millions of wireless devices can fall victim in just a matter of minutes. It should be noted that the primary target in this kind of attack is in exposing the “Everyone Group” directory in the Windows 10 Operating System.
Lack of Enablement of the Personal Firewall:
As it was described in the last article, Apple develops a specific Configuration File for the end user to set up their iPhone properly. A major component of this is also making sure that the Security features have been enabled as well. This even includes the Personal Firewall. In sharp contrast, although the Windows 10 Operating System does have a feature related to the Apple Configuration File, the Security features which come on it are not all preset. In other words, the end user has to configure all of this themselves manually. Even though Windows 10 has a highly GUI centered approach for doing this both on the workstation and Mobile Device, it can still be very confusing if not daunting for the end user to configure the Security features and the Personal Firewall properly. As a result, they often give up, thus making their Wireless device that much more prone to a Malware or Spyware Attack. But on the flip side, the Personal Firewall on the Windows 10 OS has been deemed to be a powerful to use, such as when it comes to protecting the IPC$ and ADMIN$ share files. It has also been known to block out effectively any type or kind of Wireless Intrusion Attacks.
Unaccounted for Systems which are running in the background:
Because the Windows 10 Operating System is deemed to be in some ways “bloated” because of its Closed Source platform, there is one Security weakness it possesses that can affect both the workstation and the mobile devices: It’s lack of accounting for those resources which run in the background. What this means essentially is that the OS may not even be “aware” at times of the services and other related software applications which are running in the background. This very often includes the Internet Information Services (also known as the “IIS”-this is the Web Server software) and the SQL Server Express (this is the free and “watered down” version of the SQL Server Database). Because of this lack of unaccountability, a Cyber attacker can take advantage of this very quickly, and insert a malicious payload, which can spread itself very quickly.
There are no minimum Security Thresholds or Standards which have been established:
As described, although the Windows 10 Operating System does indeed come with a robust set of Security features, there is still another area in which it is severely lacking –a lack of Best Standards for the businesses and corporations to adopt which make use of this OS on their Windows Mobile devices. Because of this, the IT Staff at many organizations are often left to their own guises to experiment which Security features of Windows 10 are needed and those that are needed to come into compliance with the Security Policies, which have been set forth and established. As a result, there can be significant periods of when the “Security guard is let down,” thus making a very fertile time period for the Cyber attacker to launch a wide-scale attack upon the organization.
The Windows 10 for Mobile Phones cannot be tested using the traditional tools:
Sure, the Windows 10 OS can be tested to make sure that it does indeed come into compliance with the Security requirement and needs of the business entity. However, since this is the latest version from Microsoft, it requires the latest tools to test. The companies with the bigger budgets could probably afford to have these tools, and perhaps even hire top of the line Penetration Testers. Nevertheless, the truth of the reality is that many of the smaller to medium-sized businesses cannot afford this, and as a result, are forced to test their Windows Mobile with outdated testing tools. This leads to incomplete and very often inaccurate results, which will make the Windows Mobile device that much more vulnerable to a Cyber based attack. Another problem compounding this issue is that Windows 10 is based on a Closed Source platform (just like the older OS versions and other Microsoft products), so trying to conduct a Penetration Test on the Source Code is very difficult, if not impossible, to accomplish.
Automated Updates and Patches:
Windows 10 is notorious for this feature. It often occurs at the most inconvenient times. Although the primary intention of this is to keep the Windows Mobile device up to date with the latest Security Patches, there is a chance that one of those updates could very well be a rogue application (such as a Malware or a Spyware) inserted into the process by a sophisticated Cyber attacker. Unfortunately, there is no way of knowing of this until it is too late. For instance, the Windows 10 OS will only notify you which specific updates and/or patches have been installed after the fact.
In summary, this article has examined the Security threats and risks which are posed to the primarily to the Windows 10 Operating System (OS). As it was discussed earlier, this OS is not only available for the workstation and PCs, but it has also been modified and restructured in such a way by Microsoft that it is also available on their Windows Mobile phone product line as well.
Although this might have proven to be an effective strategy regarding cost savings, it also presents a double-edged sword when it comes to Security: For instance, the same threats, which are inherent to the workstation and PC versions, are also targeted to the mobile phone versions of the Windows 10 OS.
Thus far, in this series, we have examined the Security Vulnerabilities to all three major mobile phone OSs:
- The iOS
- The Android OS
- The Windows 10 Mobile OS.
A future article will examine how an end user, or even a business entity, can take preventative steps to make sure that their Smartphone does not become the target for a Cyber based attack. Our next article will focus on another Security concept of the Smartphone – “Jailbreaking.”
是的，我们都听说过Windows操作系统。到目前为止，它是世界上使用最广泛的操作系统，从工作站到服务器版本。这些都为所有的方式从Windows 95到Windows XP到Windows Vista的最新版本，这是运行Windows 10。
例如，由于是最新版本的Windows 10，微软只是把那底层源代码和修改它适合他们的智能手机，并将其命名为仅仅是“Windows 10移动”。该操作系统是目前智能手机Lumia线，包括Lumia 635、Lumia 730和Lumia 830。
虽然Windows 10操作系统已经投入额外的安全措施以保护企业/公司的机密文件，甚至最终用户的权利，这是授予访问它们，似乎是错误的时候，这是一个上升的趋势，严重关注。这可以为各种不同的原因发生，如员工们真的不知道如何分配权限是否正确，甚至网络/系统管理员谁是如此超负荷工作，他或她没有仔细检查权限授予。然而，更多的往往不是，它也是网络攻击者也错误配置这些具体的权利和权限以及工作。这个趋势，有趣的是，网络攻击者是不是出在这些事情上个人利益；而他们的主要意图是导致经济损失的企业或公司在他们的文件和资源提供给广大公众。这种类型的攻击是非常令人担忧的Windows移动设备，许多员工现在使用这个工具来存储个人和工作相关的文件，为数以百万计的无线设备可以牺牲品就是几分钟的事。应该指出的是，在这类攻击的主要目标是在Windows 10操作系统将“每个人组”目录。
因为它是在上一篇文章中描述，苹果为最终用户建立自己的iPhone适当开发一个特定的配置文件。这是一个重要组成部分也确保安全功能已启用，以及。这甚至包括个人防火墙。形成鲜明对比的是，尽管Windows 10操作系统也有一个苹果的配置文件相关的特征，这是它的安全功能是不是所有的预设。换句话说，用户必须配置这一切自己手动。尽管Windows 10有一个高度的GUI为中心的方法，这样做既对工作站和移动设备，它仍然可以非常混乱，如果不畏惧为最终用户配置的安全功能和个人防火墙的正确。因此，他们往往放弃，从而使自己的无线设备，更容易出现恶意软件或间谍软件的攻击。但另一方面，在Windows 10操作系统的个人防火墙已经被认为是一个强大的使用，如当谈到保护IPC$和ADMIN$共享文件。它也被称为阻止了有效的任何类型或无线入侵种。
由于Windows 10操作系统被认为是在某些方面“臃肿”因其闭源的平台，有一个安全漏洞，它具有可以影响工作站和移动设备：它是在后台运行的资源缺乏，会计。这实际上意味着操作系统甚至可能不“知道”的服务和其他相关的软件应用程序在后台运行的时候。这通常包括Internet信息服务（也被称为“IIS”-这是Web服务器软件）和SQL Server Express（这是免费的，“淡化”版本的SQL Server数据库）。由于缺乏这种不负责任的，网络攻击者可以利用这个非常快，并插入一个恶意的有效载荷，它可以传播很快。
如前所述，尽管Windows 10操作系统确实有强大的安全功能，还有另一个领域，这是严重缺乏–缺乏最佳标准，采取利用该操作系统的Windows移动设备的企业和公司。因此，IT人员在许多组织往往是留给自己的伪装实验安全功能的Windows 10是被需要的，那些是需要进入安全策略的一致性，并提出了建立。作为一个结果，可以有显着的时期，当“保安是失望，使一个非常肥沃的时间段的网络攻击者发动大规模攻击的组织。
当然，10 OS可以测试以保证它确实进入了企业法人的安全要求和需要遵守的窗户。然而，由于这是微软的最新版本，它需要新的工具来测试。与更大的预算的公司可能负担得起这些工具，甚至聘请顶级的渗透测试。然而，现实的事实是，许多小型到中型的企业无法承受，因此被迫要测试他们的Windows Mobile和过时的测试工具。这导致了不完全的和经常不准确的结果，这将使Windows移动设备，更容易受到网络攻击。另一个问题，这个问题是，Windows 10是一个基于开放源代码的平台（就像旧的操作系统版本和其他微软产品），所以要对源代码进行渗透测试是非常困难的，如果不是不可能的，完成。
Windows 10的这个功能是臭名昭著的。它往往发生在最不方便的时候。虽然这主要是保持Windows移动设备是最新的最新的安全补丁，这是一个机会，一个更新的很可能是一个流氓应用程序（如恶意软件或间谍软件）插入的过程中，通过一个复杂的网络攻击。不幸的是，有没有办法知道这个直到为时已晚。例如，Windows 10操作系统只会通知你具体的更新或补丁已经在事实之后安装。
- Windows 10移动操作系统。