Mobile safety will probably be the most important concern as well as a fast rising market this year. As more and more people bring their own device to the office, or the companies device to the home environment, safety risks are growing exponentially. Intel Security (known to most as McAfee) names the financial world to be the most eager market to look for more safety. And somehow along the line they expect that the not so smart phone-user (Yep, one of them is typing write now…) but the producer will be made to ensure safety. Samsungs’ KNOX and Tizens’ Smack might lead the pack.
I bought a Samsung Note3 yesterday and had not too much time to tinker. Still I get messages of apps trying to alter my system or something. This makes no sense to me. Just inform me which app is trying to do so and what it would mean to my security. The tip is not to get apps from unknown sources but I just picked up some apps I need. Or is Samsung telling me GooglePlay is dangerous. In which I need to know where I can get safe apps but at least one of them is from spain, is available in G- and iStore and I do hope they’re serious!
Tizen, the new SmartOs, is very keen on dealing with security in the most stringent means. To ensure a serious support and quality their tool, Smack, is based on the Linux Security Module to provide the needed and often required access control. By embedding it in the most basic of the design as possible the best security targets can and should be reached. It’s our aim to have the best security on mobile devices, even better than other OS’s that have special applications added to cater for serious needs. Words of Casey Schaufler, an Intel Security Engineer as well as an author on Smack and a contributor to the Linux Project by means of the Tizen mailing list.
There will always be debate on which is the best security scheme and toeing the line between security and user experience. One cannot measure the feeling of security so it will always be in the way the user perceives the risks. By placing security to the the basis of the architecture, we believe that Tizen will be able to compare well to other systems on the market. ”
Tizen has positioned itself as a very open platform. At the kernel level, Tizen is just like most other Linux platforms. It will be the first major commercial for Smack. Security-Enhanced Linux is seen as to heavy and cumbersome.
Simple Smack or Mandatory Access Control Kernel is a security module for the Linux kernel that protects the data and processes of interaction. It uses a set of custom rules on mandatory access control (MAC) to fight of malware. It’s created with simplicity as a primary design goal. Smack has officially joined the ranks of respected security means since Linux 2.6.25. It is now used for HTML5 sandbox architecture to develop web applications in Tizen.
Other mobile platforms based on Linux, like Android, are known to have serious issues when it comes to security. Even Android devices equipped with KNOX, Samsungs’ enterprise mobile security solutions are not safe from malicious apps. According to Ben-Gurion University, where problems with KNOX were exposed, it is said that the problems that were identified by the end of 2013 are not specific to the Galaxy. It seems that these issues are a design problem in the official networking functions that are part of Android.
Carsten Haitzler, Principal Engineer at Samsung Electronics Mobile Platforms Group is also the author of Enlightenment (EFL), “Tizen has one extra layer of containering for apps compared to Android, which allows more control and still offer a familiar interface to the users and developers. “I would say there is nothing objective to the security in Tizen 3.0. Smack allows us to have multiple users and applications to effectively establish User ID.
“Everyone understands that security threats on mobile devices will continue to grow in numbers as well in their quality and sophistication. We believe it is important that Tizen integrates means and measures to combat malware as part of the base platform,” said Ryan Ware, Tizen Security Lead from Intel. “McAfee/Intel Security is very pleased to contribute to the Content Security Framework for the Tizen open source project. It will allow not just McAfee, but also other contributors to the the ecosystem to provide a safe user experience for Tizen users.”
Source
