Ah if it isn’t the IT geek’s favorite OS – Linux. A company, named Canonical has decided to develop a mobile version of Linux’s most widely used distribution – Ubuntu. But is it safe? This question is a coin with two sides, because there are features that make it one of the top OS regarding safety and then again, there are also situations that put those features out of business. We have decided to check both sides of the coin, named Ubuntu Touch and see whether or not it is time for you to consider this operating system if you are sensitive regarding security.
Why Ubuntu In General Is Safer
For starters, after its release, Ubuntu has been tested by many, including the CESG, UK’s National Technical Authority for Information Assurance. In the test, which the experts there have performed, several key security areas and elements were reviewed:
- Virtual private networking (VPN).
- Disk encryption.
- Secure boot.
- Platform integrity and app sandboxing.
- Application whitelisting.
- Malicious code detection and prevention.
- Security policy enforcement.
- Device update policy.
- Event collection for enterprise analysis.
- Incident response.
Several different operating systems (including the Ubuntu 12.04 LTS) and devices running them were compared in the research:
- Android 4.2
- Android 4.2 on Samsung’s devices.
- Apple IOS 6.
- Apple OSX 10.8
- Blackberry 10.1(Corporate)
- Blackberry 10.1(Regulate)
- Google Chrome OS 26
- Ubuntu 12.04
- Windows 7 and 8
- Windows 8 RT
- Windows Phone 8
The way the research was described was via color prioritization of three colors – green, orange and red (green being the best and red being the worst). The results from this very research could be summarized in the following table:
Table Source: Ubuntu Insights, report on CESG’s results.
From what is visible, the Ubuntu 12.04 OS, in general, is reported to be a step ahead regarding security and it is expected that these security elements are almost identical when it comes to the mobile version. One of the reasons why this might be true is the fact that Ubuntu is focused on device convergence so that they are able to impress the user by lowering the number of devices being utilized.
Furthermore, what makes this OS one step ahead is that it is not used by the masses, whereas the situation with Android and Apple’s iOS is quite the contrary and this is why we see most of the malware to be written for these two OS’s despite the fact that they are very secure as the research results show.
Why Ubuntu Is Risky
However, now is the time to focus on the dark side of the coin. A soon as it came out in October 2015, the security report by Canonical indicated that an exploit which appeared in an application, named “test.mmrow” and infected 15 users with malware pointed out that the mobile OS is not impenetrable, not at all. Of course, Canonical has immediately fixed the bug but how many do we not know about at this moment?
Also, there is the issue of network security in overall. Because any device is as exposed as the network, it’s connected to. If a Wi-Fi router is hacked, the Mac addresses of the connected hosts to the device can be revealed, and traffic can be sniffed and this is also a factor when it comes to online security.
And here is also the issue of privacy. Yes, Ubuntu is open source and hence transparent, and it has always been such software. But when it comes to the privacy policies of the most used services such as Facebook, Google Accounts, Twitter, we all known what type of permissions such applications obtain when they enter your device.
The good side about it is that Ubuntu, unlike Android or iOS does not contain such privacy policies that retain and collect user information and this is where you should really consider using it. In addition to that, the software promises a lot of security features, and it is constantly updated by its developers. So basically this operating system is very security oriented and we expect to see the same in their mobile version.
The fact that it has the obligatory for Ubuntu terminal enabled and is very well oriented towards user privacy is very promising, because it allows customization and overview, especially for people who understand how to work on Linux environment. So the bottom line is that no OS is 100 percent secure so far and this is why a less known operating system(if possible custom made) is the most secure. This is where the open source defeats the default. But of course you have the challenge of users and their preferences to counter that. At the end we could say that you need to have some skills and know what you are doing to have a secure OS.
So yes, these are the main elements when it comes to a secure mobile OS, but what do you guys think. Leave a comment to let us know below and if you have any questions do not forget to write on our security forum.