OS and Client Security FUD

CLAIM: What really provides virus protection for the Sun Ray is the lack of viruses written for it.  Sun Ray has an OS on par with Embedded Linux.

Perhaps the other side of the coin is that the Sun Ray was designed with security in mind and that the protocol affords for an extremely small instruction set that the competition can't match.  The only commands that a Sun Ray executes locally on behalf of a user (but not instructed by a user) are drawing primitives – no application code is ever executed locally and no install is possible – and so no virus can infect a Sun Ray.

Consider the following question:  What OS does your printer have?  The point is that an "OS" that runs any user applications or requires configuration is not required on a Sun Ray.  In fact, the Sun Ray 1 line (1/1G, 100, 150, 170) only had 640 KB of flash.  The Sun Ray 2 line (2, 2FS, 270) only have 4MB, of which the Sun Ray currently uses a maximum of about 500 KB.  With IPSec/GUI Firmware features, we bumped that requirement up to a whopping 600KB.

While you consider that, here's what the competition refers to as the Sun Ray “OS”.

There is a boot flash contains a 64 Kbyte boot sector which performs POST and DSA signature checks, a 64 Kbyte emergency firmware loader to deal with bad/nonexistent firmware, and a 3900 Kbyte firmware region which holds the firmware image that is used to implement the desktop unit portion of the Sun Ray product.  The flash also holds a 4 Kbyte unit configuration area to store preset network/unit parameters.  The configuration area is optional in Sun Ray Software 4 Update 2.  There is no user data stored in the flash device unless you are using this optional firmware, and even then it will default to prompting you for this information instead of storing it.

There is a DSA signature check before and upon loading a new firmware update. The DSA signature check verifies that the firmware and loader modules are signed by the firmware production signatures to verify that the firmware has been produced by Sun or if an OEM of Sun Ray, by that OEM for their Sun Ray technology.  This means that even an OEM of Sun Ray technology could not perform a firmware update on a Sun produced Sun Ray, or vice versa.
Comments:

Post a Comment:
Comments are closed for this entry.
About

Think Thin is a collection of bloggers that work with Oracle's Virtual Desktop portfolio of products.

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today