Jump to content

Virus threat to Smartphones ignored?

Guest Simon Desser

By Guest Simon Desser
in Smartphone (Standard) News

 Share

Recommended Posts

Guest Simon Desser

Guest Simon Desser

Posted
Posted

"The Inquirer" reckons it's only a matter of time before a virus is written for MS Smartphones :!:

Here's what they say.

Guest midnight

Guest midnight

Posted
Posted

and hence the reason for application certification :lol:

but seriously, how easy is it to remove a smartphone virus?

a doddle, just hard reset

and how would they send this virus from phone to phone?

it isnt quite as cut and dried as they make out

Guest James

Guest James

Posted
Posted
and how would they send this virus from phone to phone?

it isnt quite as cut and dried as they make out

Through MMS?

could this be the start of SPAM or junk MMS??

Guest spacemonkey

Guest spacemonkey

Posted
Posted

Even with our "dangerous" unlocked smartphones a virus could not spread through MMS as the operating system is split into a priveleged and non-privileged model. A virus could only run in the non-privileged area so therefore could not send MMS.

Virus's spread on the PC mainly because of outlook, smartphone isn't vulnerable to this for a number of reasons, namely:

a)not very sophisticated web browser. It doesn't do Java or javascript

b)not much support for attachments

c)most people probably don't use pop on it anyway

On the palm platform there are a few "virus"s but if you look at it you'll find they're all trojans that you'd have to load deliberately and run. And hey, if you do that, just hard reset your device, re-sync it and you're back to a pre virus state.

At the moment, virus's on handheld platforms really aren't a big worry.

Guest midnight

Guest midnight

Posted
Posted

javascript support is very limited though i'm afraid

and spacemonkey, you beat me to the reply hehe, that was my whole point, the delivery method for virus's isnt really there, there is no scripting support in emails, so no automatic launching of the virus, and, the only real way of delivering the virus would be exe files and cab/hme files, which is highly unlikely. But the main thing is, it cant spread from device to device, only method would be website to device, and that would mean the user physically going to that webpage and physicallydownloading the file to device, also, that would be found out pretty quickly.

I'm not saying someone will not try and create a virus, that will probably happen, but its effect would be tiny.

Guest The PocketTV Team

Guest The PocketTV Team

Posted
Posted

If the virus sends itself to all the email contacts in the form of an email with an attached CAB file, subject line "try this cool free game", don't you think a fraction of the users will be dumb enough to install the attached CAB ?

Guest spacemonkey

Guest spacemonkey

Posted
Posted

But the majority of emails in my address book (or email history) aren't other SPV users... and besides, I don't use pop on my phone, so no risk. And I imagine the majority of users probably have their phone in a similar situation.

Guest midnight

Guest midnight

Posted
Posted

my point was, how does it send that email?

you cannot programmatically (as far as i'm aware) do this cos its non-priveledged access to the radio functions etc. of the phone, which i believe includes email/sms/mms (could be wrong, but i thought the whole reason ms did it this (amongst other things) way was to prevent virus's).

Guest XGEOX

Guest XGEOX

Posted
Posted
If the virus sends itself to all the email contacts in the form of an email with an attached CAB file, subject line "try this cool free game", don't you think a fraction of the users will be dumb enough to install  the attached CAB ?

In order to install the cab file, the user would have to have unlocked the phone, and i doubt anyone intelligent enough to unlock the phone would be stupid enough to install the cab. But your probably right - there is always someone...

On another note;

How do Orange CS send those special sms messages which change settings on your phone? could that be imitated by a determined hacker?

Guest Monolithix [MVP]

Guest Monolithix [MVP]

Posted
Posted

I think you'll find there are plenty of GSM security holes that need to be addressed (reverse charging built-in and uncontrollable anyone?) before we can even consider "smartphones". In the case of the SPV we are programmatically safe due to the signing lock being on by default.

Guest Hax

Guest Hax

Posted
Posted
my point was, how does it send that email?

you cannot programmatically (as far as i'm aware) do this cos its non-priveledged access to the radio functions etc. of the phone, which i believe includes email/sms/mms (could be wrong, but i thought the whole reason ms did it this (amongst other things) way was to prevent virus's).

It could be spread using a web sms client (similar to the way the Planus app works) - but that's also unlikely due to the cost (to someone!) of the sms service that would be abused....

Hacker's have very little to gain from spreading a virus on the smartphone platform - one of the main uses of viruses is to provide a backdoor into the victims computer so that private info can be lifted or the 'puter used as a slave in some more "sinister" plot - DOS attackes for example. However, with the smartphone, the GPRS connection will hardly ever be open in comparison to the connections that we have to our PC's, especially with the advent of "broadband" connections.

And as midnight has already said, access to the GSM functionality is *very* restricted.

Just my thoughts (for what they're worth)

Hax

Guest rogerbates

Guest rogerbates

Posted
Posted

I have McAfee Virus Scan and when I synch with my PC it starts scanning Windows CE on my phone.

After reading that article and and it saying there is little support for Smartphone antivirus stuff, does that mean that Mcafee is just looking for virus's that could be spread to my PC is or is it actually checking the smartphone then?

When I first saw the CE virus scanner I thought I was sorted for phone virus's.

Guest axe

Guest axe

Posted
Posted

rogerbates : that's some handy info .... if all hell breaks loose, I'll recommend McAffee here at work :lol:

Guest midnight

Guest midnight

Posted
Posted

the main worry is actually not a smartphone based virus but a pc based virus. Can you image an infected app, that appears to be installing something to your phone, but it isnt, its gathering alll your contact info and other stuff from off your phone, then it mails itself from the pc to all your mail contacts and sends then all your private personal contact info from your phone, while simultaneaously deleting the contact info from the phone and erasing that info from outlook aswell (effectively losing all your contacts).

The amazing thing is, it would work for app locked phones, so bang goes the application certification security.

the only good thing about all this is that you have to be gullible enough to run the app in the first place, but as we've seen on modaco recently, hoaxing is not exactly difficult.

Guest Hax

Guest Hax

Posted
Posted
the main worry is actually not a smartphone based virus but a pc based virus. Can you image an infected app, that appears to be installing something to your phone, but it isnt, its gathering alll your contact info and other stuff from off your phone, then it mails itself from the pc to all your mail contacts and sends then all your private personal contact info from your phone, while simultaneaously deleting the contact info from the phone and erasing that info from outlook aswell (effectively losing all your contacts).

That's ok though Midnight - one of the best IT practices I believe - multiple off-site backups :lol: You just need to pursuade your friends to give you the information back!

Seriously though, you have a good point - the SPV *is* still vulnerable to a PC based attack - even when app locked! Just gotta hope that AV companies are able to counter the virus (should one occur) in time.

As for being gullible enough to open the virus - that's not strictly true - what's to stop the "preview" pane of Outlook opening it for you - that's how most viruses seem to spread today - not saying that people don't fall for the "Have a look at the attached document (readme.doc.com) for more details on your guranteed free £1 million home"

Hax

  • 2 weeks later...
Guest Jrobert

Guest Jrobert

Posted
Posted

Hey peepz,

Anyone ever experience the smart fone 2002 sound intermittently fading then comes back after a while? My units like 1 month freakin' old and its doin' that... Only additions made were upgraded the boot loader, os updates, and thats about it. Any insights, quick fixes, tips? I heard from other peepz that they got the same problem too... Could be technical issue growing. Pls advise. :?

Thanks,

J.Robert

Site Supervisor

Dell Technical Support

Desktop Dimension LOB

WW Relationship Services

Personal email: [email protected]

Guest Paul [MVP]

Guest Paul [MVP]

Posted
Posted

JRobert, sounds like a faulty handset to me...

P

Guest Jrobert

Guest Jrobert

Posted
Posted

Then that means that I aint the only one with a faulty handset then. They gotta recall those.

Thanks,

J.Rob

Site Supervisor

Dell Technical Support

Desktop Dimension LOB

WW Relationship Services

Guest Paul [MVP]

Guest Paul [MVP]

Posted
Posted

Strange, because i've never heard of the problem before?

P

Guest Jrobert

Guest Jrobert

Posted
Posted

Hmmm... I guess this maybe something to watch out for. Later.

______________________________________

(My bad for cross-posting)

 Share
Go to topic listing
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept