Questions tagged [operating-systems]
The operating system is the software component that provides abstraction of physical hardware, and provides a generalized model for application software to execute without the need for specific hardware knowledge. Questions on the topic of operating system security should use this tag; you may also like to use one of the [windows], [linux] or [macos] tags.
437 questions
1
vote
1
answer
79
views
Payload doesnt fires up outside gdb?
I'm very beginner in exploitation, I'm stuck in rather very famous why my exploit works in gdb but not in terminal?
Context: I'm using Qemu emulator, using Qcow2 image of amd64 https://exploit....
- 21
18
votes
4
answers
4k
views
Why might an operating system require a restart after N failed login attempts?
I continually entered my password incorrectly whilst trying to login to Windows 11. I expected that after N failed attempts I would then start to see an increasing time delay after each subsequent ...
- 285
1
vote
0
answers
129
views
How to use one of Microsoft's new computers without leaking information?
Let's say I am interested in using one of Microsoft's new computers but I have concerns over the massive amount of data, personal behavior, and whatnot being consumed by the machine. Microsoft claims ...
- 111
1
vote
0
answers
106
views
How relevant are OS security measures for everyday single-user personal computers? [closed]
For example, Meltdown and Spectre are serious security issues since they allow application to read unauthorized memory. However, from my understanding, most everyday computer setup allow any untrusted ...
- 119
1
vote
2
answers
227
views
Is hardware linked between different operating systems installed in same computer?
I know the safest bet If I want to remain anonymous is having 2 separate computers, but I was curious if having 2 OS in different hard drives (both encrypted) but on same computer the same? Is the ...
- 13
2
votes
2
answers
172
views
Standards for Secure Products
I am interested in standardizations for secure design and development of products, especially towards operational technology / IoT / ICS. My understanding of information security management systems ...
- 91
0
votes
1
answer
391
views
Filter CVEs by affected OS
Is it possible to filter CVEs by affected platform/OS?
Some sources do provide this, like exploit-db, but the main vulnerability source NVD, National Vulnerability Database, doesn't seem to have such ...
- 1
1
vote
0
answers
123
views
What tool can I use to verify the output from Nmap? [closed]
With OS detection enabled I noticed that the device fingerprints is running something entirely wrong. Is there another tool that I can use that can verify since something looks odd?
- 11
1
vote
0
answers
107
views
Where to find updated best practice on using unmaintained or legacy software on a patched OS?
I assume most of the security issues with old software are
that scripts or .exe will run against the bugs in the software.
and that the firmware on the device OS bugs aren't patched.
Or some parts of ...
- 129
1
vote
1
answer
355
views
Should old versions of TLS be disabled at the OS level and the server level?
My environment has a variety of operating systems (Windows, Linux, etc.), servers and applications. Infrastructure scans are showing old versions of TLS that need to be disabled at the OS level, while ...
- 143
1
vote
0
answers
146
views
Can you configure Tripwire to produce an actual diff between modified files
I'm using the open source version of Tripwire on Ubuntu 22.04. Right now when a file is modified Tripwire will document this in the integrity check with an "Expected" vs "Observed" ...
- 31
0
votes
1
answer
176
views
What type of attacks can be carried against an OS with FDE, if we assume OS and FDE are implemented correctly?
The question is mainly stated in the title. I was wondering what kind of attacks can be launched on such a setup, where someone has access to a running OS with locked screen (needs password for the ...
- 101
33
votes
1
answer
6k
views
Should I worry about compromised firmware when reinstalling an OS?
I have a machine that I suspect to be compromised and am installing a new OS from a usb. I know that there have been cases of malware surviving this, and even BIOS-reflashing, and something about the ...
- 341
0
votes
1
answer
212
views
How to harden a FOSS and gratis operating system?
I want to migrate from Windows to Ubuntu.
I understand that Ubuntu's1 security model is a bit different than that of Windows but I don't aim to ask about this particular OS, rather, in general, what ...
- 639
1
vote
0
answers
171
views
Is it possible for malware to overwrite UEFI code when installing an operating system?
If the ISO file for an operating system is malicious, is it possible for it to overwrite UEFI code when booted (If secure boot is disabled)?
18
votes
4
answers
5k
views
What is the frequency of open security bugs in an operating system with increasing age?
I am having a discussion with friends and my point is that the older a feature-frozen operating system is, the fewer security bugs are left unpatched and therefore the cost for the company to fix them ...
- 343
3
votes
1
answer
294
views
Child processes vs microservices for communication between components
This is a question for operating system security experts.
We have an application using one platform/language, and it has to integrate with a library that uses another platform/language. There is no ...
- 254
-2
votes
1
answer
490
views
Why are mobile phones OS easily hackable (Pegaus & Co)
Every now and then, you here a story about misuses of mobile OS' spyware softwares, developed by technology firms which usually sell their products to governments or groups with similar power.
You ...
- 1
0
votes
1
answer
300
views
How is re-encryption of a drive after a crash handled? [duplicate]
If you have full-disk (or a partition) encrypted, and your computer crashes, without the opportunity to re-encrypt the data (I'm assuming that happens with a graceful shutdown), isn't that a security ...
- 1,376
0
votes
0
answers
1k
views
Can an OS implement Trusted Boot without TPM given Secure Boot?
Since Secure Boot authenticates software, the OS only needs to check hardware. The implementation I have in mind measures hardware and compares the result of the measurement to the value in an EFI ...
- 167
18
votes
4
answers
6k
views
What are the risks of desktop personalization on Windows?
I've worked on places where the admins have disabled desktop personalization on Windows for settings like:
changing desktop background and lock screen images
local themes - no high contrast for ...
- 293
1
vote
4
answers
4k
views
Is Linux really not spying on us?
When I ask someone about Linux, people always say it's really safe and this OS doesn't collect your data and these are not spy operating systems.
When I ask them "how?" they say, "...
- 21
1
vote
0
answers
678
views
How to encrypt and hide a GNU/Linux operating system and create a decoy system?
My goal is to be protected against key disclosure laws and possible extortion. I know dm-crypt can be used to perform full disk encryption for GNU/Linux distros. However, it is not enough. I want to ...
1
vote
1
answer
602
views
How should GNU/Linux noobs harden their dekstop OS?
I'm interested in using GNU/Linux for different reasons. Partly for freedom, privacy, and security. But also to force myself to learn Linux. One issue I’ve found is that desktop Linux seems to have ...
- 41
1
vote
0
answers
242
views
How to install Java 8 on Kali Nethunter [closed]
Guys I need to install jdk 8 for my programs to work better, many programs do not support the version higher than Java 8 so I want to install Java 8 to run better, I tried to install via apt-get, but ...
- 121