Members
  • Total Members: 14197
  • Latest: Levine
Stats
  • Total Posts: 43431
  • Total Topics: 16526
  • Online today: 2962
  • Online ever: 51419
  • (01. January 2010., 10:27:49)
Users Online
Users: 1
Guests: 2850
Total: 2851









Author Topic: Android may not need antivirus software, researcher says  (Read 2717 times)

0 Members and 1 Guest are viewing this topic.

Samker

  • SCF Administrator
  • *****
  • Posts: 7529
  • KARMA: 322
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum
Android may not need antivirus software, researcher says
« on: 10. November 2008., 08:15:08 »


Antivirus developer SMobile released software this week to protect users of the G1 Android phone, although one security analyst wondered if people really need it.

Even though Android, the software developed by Google and running on just one phone sold by T-Mobile, is open source, it is unlikely to be more susceptible to malware than other, proprietary mobile operating systems, said Charlie Miller, principal analyst at Independent Security Evaluators and the researcher who found the first Android vulnerability.

While a developer could write a harmful application and distribute it via the Android Market, Google has put up some roadblocks that would make it hard for malware to cause much harm, Miller said. "If you want to do anything dangerous like access personal contacts, you have to specifically say to the virtual machine 'these are things I'm going to have to do,' and the virtual machine will ask the user if that's OK," he said. Android applications run in a Java virtual machine on the phone.

For example, if a user downloads a Scrabble game containing malicious code that tries to gather information from a user's e-mail account, the phone will ask the user to approve the application's access to the e-mail account. In that case, the user would decline the download, realizing that a Scrabble game shouldn't need to read from an e-mail account, he said.

Just this week, however, hackers discovered a way to install applications natively on the phone instead of using the virtual machine. The capability could open doors to new security threats by letting applications access any phone function. Google said it has developed a fix for the bug and plans to push it out to users soon.

That is the second vulnerability to be discovered in as many weeks. The first, discovered by Miller, resulted from Google using outdated open-source code that didn't include an update already issued that closed the hole. But such vulnerabilities aren't unique to Android or open-source software. "The fact is, you could do that against the iPhone or against the BlackBerry or whatever. All these phones have issues," he said.

SMobile argues that because Android is open source, it will attract more hackers who will be able to look for holes they can exploit to gather user data for malicious purposes.

While companies including McAfee, Symantec and F-Secure make smartphone antivirus software, although not yet for Android, only a few mobile viruses have appeared, and those haven't spread very far. That's partly because of the wide variety of operating systems that run mobile phones. A virus written for one operating system doesn't spread widely because it won't work on phones running different operating systems.

In addition, people generally don't use their phones to access or send the same kind of important data that they do on their PCs, making phones less-interesting targets for people looking to steal that information. Mobile commerce, for example, is a very small market, so few people enter their credit card numbers into their phones.

Miller said that if people are worried about security on their phones, software from providers like SMobile might let them rest easier, although he probably wouldn't bother to buy such software for himself.

While Google or mobile service providers are sure to patch holes or issue fixes to known problems, SMobile could potentially do so faster. Miller says he notified Google of the vulnerability he discovered on Oct. 20. Google and T-Mobile began sending out a patch on Oct. 31.

SMobile said its software will scan the G1 for more than 400 types of mobile malware, including viruses, worms and Trojans that can spread between mobile phones via the memory card. If new types of malware appear, SMobile's software will detect it and provide "timely" updates for users, it said.

Android users can buy the software at the company's Web site or at Handango, an online store for mobile applications. VirusGuard for Android costs US$10. Once the Android Market begins allowing developers to charge for applications, the software will be available there, SMobile said.

SMobile offers antivirus software for other phone platforms, including Nokia's S60. Nokia, the number-one cell phone maker in the world, and thus the best target for hackers, promotes SMobile's software on its Web site.

(NetworkWorld)

Samker's Computer Forum - SCforum.info

Android may not need antivirus software, researcher says
« on: 10. November 2008., 08:15:08 »

 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.codekids.ba:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Kursevi programiranja za ucenike u Sarajevu

Terms of Use | Privacy Policy | Advertising
TinyPortal 2.3.1 © 2005-2023