Click here to learn
about this Sponsor:
Home  |  News  |  Articles  |  Polls  |  Forum

Keywords: Match:
Linux phone stack becomes more secure
Jul. 26, 2007

A la Mobile has added advanced security features to its embedded Linux stack for mobile phones. New security-oriented features in its Convergent Linux Platform (CLP) are said to include pre-boot OS signature checks, filesystem encryption, application sandboxing, and secure OTA (over-the-air) firmware upgrade capabilities.

The new security features, dubbed "Mobile Security Engine" (MSE), are said to operate "at the most fundamental layer," and the company claims to have a "pending patent focused on the location of the security technology -- at the bootloader and kernel levels."


Convergent Linux Platform architecture

According to a la Mobile, MSE comprises:
  • Pre-boot security checks to verify OS integrity; works with OTA firmware updates

  • Filesystem encryption, with encryption keys stored in CMOS on the processor

  • All applications in CLP stack are signed; unsigned applications can be run, but are sandboxed so they can not gain access to the telephony interface, filesystem, addressbook, and so on
Claimed benefits include protection from malware, malicious attacks, and unauthorized access.

Asked how pre-boot security and filesystem encryption could protect data, given that most phones are lost or stolen in a pre-booted state, a la Mobile explained, "A component of the Mobile Security Engine (MSE) allows for the handset vendor, or the enterprise customer, or the consumer to elect to 'lock' any files/items (e.g., contact list, corporate database, etc.). To unlock and gain access to the functionality and data, the user must enter a PIN/Password."

Eight million phones will be lost this year, including 700,000 smartphones, according to research from In-Stat, as cited by a la Mobile. "Smart phones are a corporate data security breach waiting to happen and make headlines," an unnamed In-Stat analyst reportedly wrote.

In a statement, CEO Pauline Lo Alker said, "Increased use of data-rich applications leaves mobile devices more vulnerable to a variety of security threats."

The new MSE features are "built in" to CLP, rather than available as a separate option, the company said.

Availability

A la Mobile's Convergent Linux Platform with Mobile Security Engine is available now for various XScale-based mobile phone application processors. Touted as the industry's only "complete" stack, it is said to include "all device drivers, Linux kernel and middleware, a browser, Java, Adobe Flash, and a core suite of applications such as messaging, push-mail, VoIP, firmware over-the-air update, and streaming multimedia."


Related Stories:

(Click here for further information)

7 Advantages of D2D Backup
For decades, tape has been the backup medium of choice. But, now, disk-to-disk (D2D) backup is gaining in favor. Learn why you should make the move in this whitepaper.

4 Legal Reasons to Control Internet Access
The Internet is obviously a valuable resource for many organizations. However, many are exposed to legal liability concerns because they fail to control Internet access. Learn if you're safe in this white paper.

Rapidly Resolve J2EE Application Problems
Whether you are in the process of building J2EE applications or have J2EE applications already running in production, you must ensure that they deliver the expected ROI. Learn how in this white paper.

Load Testing 2.0 for Web 2.0
There are many unknowns in stress testing Web 2.0 applications. Find out how to test the performance of Web 2.0 in this white paper.

Build Better Games Online
For the game infrastructure providers, life is complex. Making money from games has become more complicated. Why? Find out in this white paper.

Building a Virtual Infrastructure from Servers to Storage
This white paper discusses the virtual storage solutions that reduce cost, increase storage utilization, and address the challenges of backing up and restoring Server environments.

Gaining Faster Wireless Connections with WiMAX
Welcome to what is quickly becoming the hyperconnected world where anything that would benefit from being connected to the network will be connected. Learn more in this white paper.

Is Your Desktop a Security Threat?
The new wave of sophisticated crimeware not only targets specific companies, but also targets desktops and laptops as backdoor entryways into those business’ operations and resources. Learn how to stay safe in this white paper.

Increasing SAN Reliability by 100 Percent
Storage area networks (SAN) are a strong part of storage plans. Learn how to increase your reliability and uptime by 100 percent in this case study.

 
Got a HOT tip?   please tell us!
Free weekly newsletter
 Enter your email...
Click here for a profile of each sponsor:
PLATINUM SPONSORS
GOLD SPONSORS
(Become a sponsor)

ADVERTISEMENT
(Advertise here)
Check out the latest Linux powered...

mobile phones!

other cool
gadgets

BREAKING NEWS

• Linux video camera geo-tags, writes to SATA drives
• Garmin Nav devices run Gnome Linux
• Ten LiMo phones this month?
• It's a Yankee Doodle Linux phone
• Wind River to host "Developer Day"
• Dev boards gain Linux support
• 802.11n zooms ahead
• Low-power mini-ITX board runs Linux
• Pico-ITX board bears twins
• Mass-market WiFi router invites Linux hackers
• LiMo phone specialist buys app stack
• "PDA phone" runs Linux
• ST, NXP spin phone chip JV
• Military-grade USB key supports Linux
• USB Linux systems expand
Most popular stories -- past 30 days:
• World's cheapest Linux-based laptop?
• Ubuntu ported to a PDA
• 64-way chip gains Linux IDE, dev cards, design wins
• Embedded PowerPC dev kits come with Linux
• Rapid time-to-evaluation -- a key goal for silicon providers
• Embedded Linux is doomed. DOOOMED!
• Rugged PDA available with Linux
• Netflix Player runs Linux
• Miniature Linux PC targets military apps
• $7 SoC runs Linux
• Android Developer Challenge announces first-round winners
• Dual-core ARM SoC clocks to 1.2GHz
Linux-Watch headlines:
• Microsoft tactics push India toward Linux
• Bell, SuperMicro sued over GPL
• "Business intelligence" software goes GPL
• Will Atom bomb?
• LF Summit videos posted
• Linux gains "embedded" maintainers
• Virtualization on tap in SLES and RHEL upgrades
• Linux gets security black eye
• Verizon chooses Linux "platform of choice"
• Hats off to Fedora 9
Also visit our sister site:

Sign up for LinuxDevices.com's...

news feed
Home  |  News  |  Articles  |  Polls  |  Forum  |  About  |  Contact
 

Ziff Davis Enterprise Home | Contact Us | Advertise | Link to Us | Reprints | Magazine Subscriptions | Newsletters
Tech RSS Feeds | White Papers | ROI Calculators | Tech Podcasts | Tech Video | VARs | Channel News

Baseline | Careers | Channel Insider | CIO Insight | DesktopLinux | DeviceForge | DevSource | eSeminars |
eWEEK | Enterprise Network Security | LinuxDevices | Linux Watch | Microsoft Watch | Mid-market | Networking | PDF Zone |
Publish | Security IT Hub | Strategic Partner | Web Buyer's Guide | Windows for Devices

Developer Shed | Dev Shed | ASP Free | Dev Articles | Dev Hardware | SEO Chat | Tutorialized | Scripts |
Code Walkers | Web Hosters | Dev Mechanic | Dev Archives | igrep

Use of this site is governed by our Terms of Service and Privacy Policy. Except where otherwise specified, the contents of this site are copyright © 1999-2008 Ziff Davis Enterprise Holdings Inc. All Rights Reserved. Reproduction in whole or in part in any form or medium without express written permission of Ziff Davis Enterprise is prohibited. Linux is a registered trademark of Linus Torvalds. All other marks are the property of their respective owners.