[LINK] Android mobile phone antivirus?

Jim Birch planetjim at gmail.com
Thu Nov 14 09:58:43 AEDT 2013 

I have heard an Android security designers talk about the sandboxing
strategy.  This aims to hold the application at arms length from the
operating system so that it can't take over the base OS.   ("Once the case
OS is compomised it's game over").  Android does a pretty good job with
this, although there are some exploits esp. for early Android versions.

The bigger problem is malicious code that is downloaded as applications.
Part of the download installation process asks you to grant permissions to
potentially risky system functionality, like read and write user memory,
communicate via the internet, read the address book, detect telephony
activity, and so on.  There are good reasons for giving these permissions
to trusted applications, for example, to allow the application to limit its
activity while you are on the phone, to allow social applications to check
your address book for contact information, to allow the application to
collect information from the internet, and so on.

However, once you have handed out these permissions to a malicious
application it can do a significant chunk of what it might do if it had
root control of your phone, even though the application is still
"sandboxed".  Google does monitor applications via code scanning and
activity monitoring and does pull malicious applications but this process
is imperfect.  Applications that are downloaded from non-Google
repositories may have different processes.

Things that I would recommend are

* Buy a phone with an OS update policy.  The best option here is a Google
brand Nexus phone that gets OS updates as they are released by Google.
Many older phones are stuck in old Android versions.

* Only install applications from Google's store.  Their monitoring is not
perfect but it is better than nothing, and certainly better than a store
set up as a scam.

* Check the permissions.  If a FPS game wants to read your address book and
initiate phone calls you probably don't install it.  Some application will
need a lot of permissions to do what they are supposed to do.

* Pay for applications.  This raises your status in the developer's
business model.

* Get applications from companies you can trust.  An unknown company whose
sole product is a free application has to make money somehow and they take
less risk making unscrupulous decisions.

- Jim




On 14 November 2013 08:02, Nicholas English <nik.english at gmail.com> wrote:

> On 13/11/2013, at 12:08 PM, stephen at melbpc.org.au wrote:
>
> >>>> I'm fairly sure my current phone has malware.
> >>
> >> http://readwrite.com/2013/04/23/5-signs-android-smartphone-infected-
> > malware
> >>
> >>
> http://www.securelist.com/en/blog/8131/Obad_a_Trojan_now_being_distributed
> > _via_mobile_botnets
> >
> >> Still need to have gone on line though.  Regards, K.
> >
> >
> > Thanks Karl and Jan,
> >
> > Yes tried to reset the settings but now this Nokia phone also won't
> accept
> > the security code I originally entered, so, won't let me reset the
> factory
> > settings. Basically I think it's bricked. Now that I've bought the
> Samsung
> > Galaxy, mainly because of this problem, I'm just chucking this older
> Nokia.
> >
> > Just hope the sim card is not carrying this malware, but, it's a
> different
> > o/s so one would guess Android should be immune to any Nokia virus. I
> hope.
>
> Get a replacement SIM, maybe a small fee, number portability should
> present no problem. Declare the old one damaged/lost.
> >
> > Guys, DO NOT get a phone virus. Computer viruses aren't deadly, but
> phones
> > seem to be too new for an adequate app protection, in my recent
> experience.
> >
> > Even Wikipedia says major antivirus apps can't over-ride Android
> sandboxes.
> > (See, the last sentence of my last Link post)
> >
> > Unless anyone knows of any new Android antivirus/antimalware app, that
> can
> > over-ride Android sandbox system functioning, and protect the whole
> phone?
> >
> > Cheers,
> > Stephen
> >
> > Message sent using MelbPC WebMail Server
> >
> >
> >
> > _______________________________________________
> > Link mailing list
> > Link at mailman.anu.edu.au
> > http://mailman.anu.edu.au/mailman/listinfo/link
>
> _______________________________________________
> Link mailing list
> Link at mailman.anu.edu.au
> http://mailman.anu.edu.au/mailman/listinfo/link
>

More information about the Link mailing list