Questions tagged [operating-systems]
The operating system is the software component that provides abstraction of physical hardware, and provides a generalized model for application software to execute without the need for specific hardware knowledge. Questions on the topic of operating system security should use this tag; you may also like to use one of the [windows], [linux] or [macos] tags.
435 questions
18votes
4answers
4kviews
Why might an operating system require a restart after N failed login attempts?
I continually entered my password incorrectly whilst trying to login to Windows 11. I expected that after N failed attempts I would then start to see an increasing time delay after each subsequent ...
- 285
1vote
0answers
58views
Syscall manipulation [closed]
What are some known methods where attackers, by changing just a single value (like rax in x86_64, which is the syscall number) they can change the entire nature of the syscall?
1vote
0answers
100views
How to use one of Microsoft's new computers without leaking information?
Let's say I am interested in using one of Microsoft's new computers but I have concerns over the massive amount of data, personal behavior, and whatnot being consumed by the machine. Microsoft claims ...
1vote
0answers
47views
Why is the "Scope Changed" CVSS Metric for Kernel Crash Vectors always "Unchanged"? [closed]
Looking at all the recent Linux kernel crash CVEs I see that the "Scope Changed" metric is always "Unchanged" indicating that "The vulnerable component is the affected ...
- 1,279
1vote
0answers
83views
How relevant are OS security measures for everyday single-user personal computers? [closed]
For example, Meltdown and Spectre are serious security issues since they allow application to read unauthorized memory. However, from my understanding, most everyday computer setup allow any untrusted ...
- 119
1vote
1answer
160views
Existence of sandbox to protect programs from a hostile host
As I understand it, a sandbox is an isolated environment on a machine, used to protect the host from the programs in the sandbox. Is there something similar but in reverse, for running important ...
- 11
1vote
2answers
177views
Is hardware linked between different operating systems installed in same computer?
I know the safest bet If I want to remain anonymous is having 2 separate computers, but I was curious if having 2 OS in different hard drives (both encrypted) but on same computer the same? Is the ...
- 13
1vote
1answer
155views
Security vulnerabilites in Windows updates from local network
Windows has offered the ability to download updates from machines in the local network for some time. My gut feeling tells me this would be a great attack vector for Windows security vulnerabilites. ...
- 123
2votes
2answers
135views
Standards for Secure Products
I am interested in standardizations for secure design and development of products, especially towards operational technology / IoT / ICS. My understanding of information security management systems ...
- 91
1vote
1answer
397views
Can mobile hardware have backdoor access to camera, microphone that bypasses operating system?
I found out about AOSP variants such as Calyx, Graphene, etc. They promise increased security. I want to know if hardware backdoors can allow access to the camera, microphone, etc. and subsequently ...
- 13
0votes
1answer
324views
Filter CVEs by affected OS
Is it possible to filter CVEs by affected platform/OS? Some sources do provide this, like exploit-db, but the main vulnerability source NVD, National Vulnerability Database, doesn't seem to have such ...
0votes
1answer
138views
OS/DB Hardening Checklist Drafting Process
We are looking into reviewing our organization OS/DB hardening checklist (done by predecessor). We're aware that there are various benchmarks out there like CIS & STIG to guide on that, and the ...
- 3
1vote
0answers
115views
What tool can I use to verify the output from Nmap? [closed]
With OS detection enabled I noticed that the device fingerprints is running something entirely wrong. Is there another tool that I can use that can verify since something looks odd?
- 11
0votes
1answer
374views
How does anti-cheat prevent mocking itself?
As far as I understand, usually the game anti-cheat runs in another process from the game client. This makes it obvious to try to simulate anti-cheat, for example, to replace it with your program, ...
1vote
0answers
92views
Where to find updated best practice on using unmaintained or legacy software on a patched OS?
I assume most of the security issues with old software are that scripts or .exe will run against the bugs in the software. and that the firmware on the device OS bugs aren't patched. Or some parts of ...
- 129
