Jump to content

PPC viruses?

Guest flyswat

By Guest flyswat
in Pocket PC General Discussion

 Share

Recommended Posts

Guest flyswat

Guest flyswat

Posted
Posted

Does anyone know much about viruses on the PPC platform. I have just upgraded onto the M500 and was looking on a website for accessories and noticed anti-virus software.

I was a bit non-plussed as I had never heard of any real harmful viruses on the PPC platform, is this just some sort of marketing ploy aimed at peoples' fear of viruses, like the production of AV software for smartphones, or are there actually a few nasties around?

Any thoughts.

Guest psionandy

Guest psionandy

Posted
Posted
They are certainly a threat. Even Microsoft said it was 'a case of when no if' or something like that I read.

http://www.airscanner.com/products.html

These guys do PPCAV Free and a firewall too.

<{POST_SNAPBACK}>

At the moment I think you are still pretty safe. No viruses out in the wild and only some theoretical ones. So the PPC AV industry are selling lucky charms and snake oil at the moment.

Admittedly this could change very quickly... but I'd be more worried about making sure that any PC you sync with has got up to date virus deffs on it

Guest Xenzo1990

Guest Xenzo1990

Posted
Posted

Absoutley Andy. It could all change overnight. Think about how fast theses things could spead. Think of all the unprotected PPCs. It could all spead in emails. Attack computers and spread through SYNCING.

Guest psionandy

Guest psionandy

Posted
Posted
Absoutley Andy. It could all change overnight. Think about how fast theses things could spead. Think of all the unprotected PPCs. It could all spead in emails. Attack computers and spread through SYNCING.

<{POST_SNAPBACK}>

But as the threat isn't there yet nobody knows how much protection the PPC virus solutions will offer. I suspect that some vendors will be very emabarrised when the big threat comes. Also there will probably be some warning through forums like this when the threat becomes real.

The syncing threat is why i would be concerned about desktop antivirus software. Email could be a threat too (as could web pages) but I don't think that PIE is clever enough to be infected or do to much damage.

Guest psionandy

Guest psionandy

Posted
Posted

In 5 years time anyone looking at this thread probably won't believe how dismissive were of the threat.

Still I suppose we should enjoy the good times while they last :)

Guest Xenzo1990

Guest Xenzo1990

Posted
Posted

Yep. Its gonna be yet another problem for Target:Microsoft.

Guest fraser

Guest fraser

Posted
Posted (edited)
But as the threat isn't there yet nobody knows how much protection the PPC virus solutions will offer.

<{POST_SNAPBACK}>

They offer absolutely NOTHING and I would recommend ignoring all anti-virus vendors on PPC as a general rule. The only virus that exists is a proof of concept. What they are selling is a rip-off. How can you defend against something that does not exist? What exactly is in the virus signatures they use to detect mallicious code? ;)

A virus could get on the phone via an email attachment, browser hole, BT and more worringly, through a remote exploit. With GPRS, WiFi and BT attack vectors, it's only a matter of time before an exploit is found. I did a brief audit of the phone when I got it; when you are connected to ActiveSync, I found a listening network port. Doing a buffer-overflow on it would likely be very easy; these things are usually fixed after badness is found.

Firewalls, hmm, they have some worth. Would stop the above open port problem, but that would likely break activesync. One day I'll give my phone a good check over, but I'm not too worried. Yet.

Over a year old and still no threat.. (no need to move to palm just yet) :)

<{POST_SNAPBACK}>

Why would palm be any better? The most dangerous platform is the most common one. The reason MS has so many viruses is that they own like 90% of the computers on the planet that are not owned by folk who know what they are doing. The viruses on Windows exist because of your gran and grampa. The only reason we have it easy right now is because so few folk have these devices. If a virus mails itself out to 20 folk in your address book, how many of them have pocket PCs? Likewise, how many WiFi/GPRS IP addresses are in use by PocketPCs? A virus would have a hard time spreading at the moment.

It won't last though. psionandy is right, in five years you'll look back at this thread and laugh.

Edited by fraser
Guest fraser

Guest fraser

Posted
Posted
For those interested, McAfee is offering a free beta copy of there mobile virus scanner.

http://www.mcafeemobile.com/

<{POST_SNAPBACK}>

Did you see my post? This is a con. A rip off. A sham. There aren't any viruses on the PPC, so this is snake oil. If you are interested, I'm selling "bear-repellant" rocks on eBay at the moment. How do they work? Well, do you see any bears around me? :)

If you search their virus information database for "mobile", you get five hits. Four hoax emails and a win32 virus. A search for "PPC" lists a Visual Basic script (not PPC, dunno why it shows up). Finally, "Pocket PC" lists nothing. Zip. Squat. Diddly! What exactly is this thing supposed to be scanning for? These things work using signatures, basically a snippet of the virus code. No viruses, no signatures to look for. No point.

Yes, viruses are going to appear one day, it's inevitable. McAfee are just wanting you to test their cleaner, so that when one does appear, they will be ready to cash in. Seems like a really long beta though; this was released in April according to the release notes. Still no viruses for it to find though... ;)

Guest Xenzo1990

Guest Xenzo1990

Posted
Posted

I read their are currently 36 viruses for Pocket PCs.

Guest psionandy

Guest psionandy

Posted
Posted
I read their are currently 36 viruses for Pocket PCs.

<{POST_SNAPBACK}>

Any source to that.. or is it just something from somewhere? And if they aren't in the wild then they aren't much of a problem. As long as you have backups, and your PIM data synced then you can just hardreset and wipe out the virus anyway

Guest scottb

Guest scottb

Posted
Posted (edited)
Did you see my post? This is a con. A rip off. A sham. There aren't any viruses on the PPC, so this is snake oil. If you are interested, I'm selling "bear-repellant" rocks on eBay at the moment. How do they work? Well, do you see any bears around me? :)

[snip...]

<{POST_SNAPBACK}>

Yes, I saw your post, but I didn't realize it meant I could not have a differing point of view. :shock:

IMHO, there is no rip off, sham or otherwise low-life activity since I did not pay for anything. I feel McAfee is a reputable company and I'm willing to beta test for them (though I would prefer Norton AV :roll: ).

Yes, viruses are going to appear one day, it's inevitable. McAfee are just wanting you to test their cleaner, so that when one does appear, they will be ready to cash in.

So what's wrong with this? It happens all the time--we test the products for those who develop and sell them. I've done it for other develepers, why not McAfee? I would rather have it work when the first virus hits my PPC then have it need more testing at that time.

I'll consider you one not among the group of "For those interested...". ;)

Edited by scottb
  • 3 months later...
Guest bmonninkhof

Guest bmonninkhof

Posted
Posted

Hi there,

I've got a question about virusses infecting a computer trought Active Sync. First of all I want to sync with my home-pc and with the pc of my work.

homesync:

- email

- agenda

- tasks

- notes

worksync:

- agenda

- tasks

- notes

Is is possible / likely that a virus can spread through Active Sync to the network of my work? If so, will a virusscanner on the pocketpc make it save?

Brian

Guest fraser

Guest fraser

Posted
Posted

In theory, the PPC could carry a virus from one Outlook to another. If you had a message in your inbox with a trojaned attachment, it would get transfered. However, you'd need to execute it on the second PC to actually infect it. It's possible that a clever virus writter could exploit a bug in Outlook to open attachments automatically during a sync, but I reckon that'll never happen. The number of people syncing to multiple PCs is a very small subset of PPC owners, who again are a small subset of "computer users". It's not worth a virus writters time to code this as the chances of getting the code to a vunerable PC are nil. Unless you knew a virus writter with a personal grudge against you!

Your work virus scanner should catch the virus if it's any good, but it's possible that WRT email it only scans incomming pop/imap mail and "injecting" the mail into the mail store via activesync may bypass this check. However, should you double click on the attachment (or "save as"), it will appear in the disk briefly in a temporary folder, catching the attention of the virus scanner. If the scanner doesn't catch it then, then it is a worthless scanner as these temp-files are how most current email viruses actually execute themselves.

If so, will a virusscanner on the pocketpc make it save?

No, unless the PPC scanner also looks for PC viruses, which is currenly also a no. Perhaps if .Net viruses take off (possible), then you might get mallware that affects both systems, that would make it worthwhile to add the virus signatures to the scanner.

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share
Go to topic listing
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept