SpinetiX DSOS Explained — Digital Signage Knowledge

DSOS (Digital Signage Operating System) is a purpose-built operating system created by SpinetiX on Yocto Linux. It runs exactly one thing — the signage rendering engine — with zero unnecessary services. No app store, no browser, no shell access, no USB storage drivers, no user-controlled processes. DSOS exists for one reason: to make the media player unhackable, unrebootable, and unstoppable for 10+ years.

When DSOS Matters

Every deployment — DSOS runs on all SpinetiX players. You don't choose it; it comes built-in
Security conversations — when your CISO asks "what OS does this device run?" — DSOS is the answer that ends the conversation
Long-lifecycle projects — buildings, airports, hospitals where the OS must not require maintenance for a decade
Vendor comparison — when comparing SpinetiX to Android/Windows-based alternatives, the OS is the differentiator

How DSOS Works

Minimal Build

DSOS is built using Yocto Project, a framework for creating custom embedded Linux distributions. SpinetiX strips everything: no package manager, no shell, no terminal, no SSH, no Telnet, no user accounts beyond the rendering process. The kernel runs, the rendering engine starts, content plays. Nothing else.

Signed Firmware

Every firmware image is cryptographically signed by SpinetiX. The player verifies the signature at boot (TPM 2.0 + UEFI Secure Boot). If the signature doesn't match — the firmware doesn't install. Period. You cannot sideload code, inject binaries, or modify the OS even with physical access to the device.

Zero Attack Surface

DSOS eliminates attack vectors by removing the vulnerable components entirely:

No app framework — cannot install applications. The concept doesn't exist
No USB storage drivers — USB ports accept HID devices (keyboard/mouse for initial setup) only. No USB sticks, no malware delivery via removable media
No shell access — no SSH, no Telnet, no terminal, no pipes. No way to execute arbitrary commands
No browser — no JavaScript engine (except the jSignage rendering engine). No XSS, no CSRF, no browser exploits
No network services — only 2 port ranges open (80/443 for management, 81/9802 for publishing). Everything else is closed

CVE Immunity

Because DSOS doesn't include the vulnerable components, most global CVEs simply don't apply:

Log4j (CVE-2021-44228) — no Java runtime exists in DSOS
Heartbleed (CVE-2014-0160) — no OpenSSL heartbeat extension
Dirty Pipe (CVE-2022-0847) — no pipe primitives in user space
Meltdown / Spectre — mitigated at hardware level, but even without mitigation, there's no user process to exploit

Key Parameters

Feature	DSOS (SpinetiX)	Android (Signage)	Windows IoT
Base OS	Yocto Linux (custom)	AOSP (modified)	Windows 10/11
Attack surface	Zero (no shell, no apps, no USB)	Full (app store, ADB, USB)	Full (services, drivers, PowerShell)
CVEs inherited	Near zero per year	Hundreds per year	Thousands per year
Firmware signing	Crypto-signed + TPM + UEFI	Varies by vendor	Secure Boot (bypassable)
Update frequency	Quarterly, security-focused	Monthly (if vendor patches)	Monthly Patch Tuesday
Physical access risk	None — OS unmodifiable	High — ADB, USB boot	High — USB boot, Safe Mode
Expected lifecycle	10+ years	2–3 years	3–5 years

Common Mistakes About Operating Systems

Assuming all Linux is equal. "It runs Linux" means nothing. Ubuntu Linux and DSOS are both Linux — the same way a Ferrari and a tractor both use combustion engines. The build matters more than the base.
Thinking Android security patches fix everything. Android patches assume the manufacturer applies them. Most signage vendors delay or skip patches entirely. Even when patched, the attack surface (app store, ADB, USB) remains.
Believing "we'll just lock it down." Kiosk mode, MDM policies, and USB port blockers add layers on top of a fundamentally insecure OS. DSOS eliminates the problem at the root — there's nothing to lock down because nothing exists to exploit.
Ignoring the OS during procurement. The RFP asks about resolution, brightness, and price. Nobody asks about the OS. But the OS determines security posture, lifecycle, and TCO. Why security by design matters →

SpinetiX Reference

DSOS is SpinetiX's embedded operating system that powers all HMP players.

HMP Players Wiki: DSOS Wiki: Firmware Upgrade

SpinetiX DSOS Explained FAQ

What is DSOS?

DSOS (Digital Signage Operating System) is a purpose-built OS created by SpinetiX on Yocto Linux. It does exactly one thing — render digital signage content — with zero unnecessary services. No app store, no browser, no shell, no user-controlled processes. The OS cannot be modified, extended, or compromised through software.

Why not use Android or Windows?

Android and Windows are consumer/enterprise operating systems designed for thousands of use cases. They inherit thousands of CVEs yearly, require constant patching, and run services (Bluetooth, USB, browsers, app stores) that are attack vectors. DSOS eliminates all of these because they don't exist in the system.

Is DSOS based on Linux?

Yes — Yocto Linux, which is a build framework for creating custom embedded Linux distributions. SpinetiX strips it to absolute minimum: kernel, hardware drivers, rendering engine, and network stack. No package manager, no shell, no user space. It's Linux in DNA only.

How is DSOS updated?

Quarterly firmware releases with CVE-detailed security advisories. Updates are cryptographically signed — unsigned code won't install. Updates are pushed remotely via CMS (Arya or Elementi) and applied automatically during a maintenance window. No on-site visits needed.

Has DSOS ever had a security breach?

No known successful attack. The 2024 NCC Group audit (commissioned by SpinetiX) found no critical vulnerabilities. DSOS has zero impact from major CVEs including Log4j, Heartbleed, Dirty Pipe, Meltdown, and Spectre — because the vulnerable components don't exist in the OS.