The LinkRunner G2, LinkRunner 10G, CyberScope, CyberScop Air, and EtherScope nXG use a custom closed ecosystem, not a consumer device. We have taken the following steps to harden the tester.

 

1.  Our #1 concern is Potentially Harmful Apps (PHAs). We do not allow any applications to be put on unless they come through our application repository. This prevents games, social app, consumer apps, etc. from being installed on the unit.

2.  We have completely disabled sideloading. We currently have only 180 apps that can be installed on the unit that is intended to extend the workflow of the technician. The majority are from major corporations (Cisco, HPE, Aruba, Remedy, etc for trouble ticketing, label printing, and equipment provisioning (e.g Access points, IP cameras).

3.  We have disabled access to developer mode/options in the production unit. This prevents USB debugging, rooting the device, or downloading rootkits.

4.  App communication socket encryption is used internally to remove the possibility of maliciously probing middleware to get private customer information and device information.

5.  We use an EEPROM for isolated device specific information, apart from the system major memory system.

6.  The use of SELinux sandbox isolates apps from accessing unauthorized information.

7.  We support optional device encryption to encrypt accounts, settings, apps and their data, and other files. This would protect potentially sensitive data. Enabling encryption also forces screen locking with password, pin, or pattern.

8.  Existing Android tools such as control of usage permissions, memory usage, and such are included allowing the user to see what apps have what permissions or memory usage.

9.  We provide Sophos Mobile Security as the best in class scanner, web filter, app protection tool (additional scanners could be added if you have a preference).

 
So while we keep malicious apps off the unit, prevent system modification, support encryption and provide scanning, another difference is our custom hardware. Many exploits are targeted at consumer mass production hardware with Qualcomm (Snapdragon), Atheros, Nvidia graphics, memory arrangement which we don’t have, nor do we have traditional phone and SMS services.