Thursday, October 28, 2010

Correction to my last post and Android at risk

In my last post I talked about secret SMS replicator and called it as the first Trojan on Android. I have been wrong in two ways. This software is not a Trojan, in best case it is a Spyware and more shocking there has been already a Trojan for the androids earlier this year.
The Trojan-SMS.ANdroidOS.FakePlayer.a virus for Android has been discovered by Kaspersky Lab and has apparently infected smartphones.

I did do some more research and I got more shocked, just by searching the web. i found at least a handful of spyware for androids. One spyware is available for almost all blackberries, Androids, windows etc phones. It is called mobile spy tool.
This tool does work as well on iPhones and iPad but only if they are jail broken.

I have to admit that I tested a few android phones but never really dived into possible security problems through viruses till I saw the SMS spyware blogged about it and then readers complained I don't do my homework.
The point in my last post was that Android is in danger in terms of viruses and malware because there is no controlling system in place besides self controlling through the community which is a nice idea but does not prevent to get applications with viruses or Trojan into the android app platform.

And i have to admit that I thought that viruses will be not a problem for Android because it is based on Linux and I thought there are no viruses because Linux has no executables. But i have been wrong, even Linux is not immune from viruses. Just by looking at wikipedia I could find a big list of viruses etc for Linux distributions:

Kaiten - Linux.Backdoor.Kaiten trojan horse[18]
Rexob - Linux.Backdoor.Rexob trojan[19]
Waterfall screensaver backdoor - on[20]

42 [21][22]
Arches [23]
Alaeda - Virus.Linux.Alaeda[24]
Bad Bunny - Perl.Badbunny[7][25]
Binom - Linux/Binom[26]
Bliss - requires root privileges
Caveat [29][30]
Coin [31][32]
Diesel - Virus.Linux.Diesel.962[33]
Hasher [34][35]
Kagob a - Virus.Linux.Kagob.a[36]
Kagob b - Virus.Linux.Kagob.b[37]
Lacrimae (aka Crimea) [38][39]
MetaPHOR (also known as Simile)[40]
Nuxbee - Virus.Linux.Nuxbee.1403[41]
Podloso - Linux.Podloso (The iPod virus)[44][45]
RELx [46]
Rike - Virus.Linux.Rike.1627[47]
RST - Virus.Linux.RST.a[48] (known for infecting Korean release of Mozilla Suite 1.7.6 and Thunderbird 1.0.2 in September 2005[49])
Satyr - Virus.Linux.Satyr.a[50]
Staog - made obsolete by updates
Vit - Virus.Linux.Vit.4096[51]
Winter - Virus.Linux.Winter.341[52]
Winux (also known as Lindose and PEElf)[53]
Wit virus[54]
ZipWorm - Virus.Linux.ZipWorm[55]

Adm - Net-Worm.Linux.Adm[56]
Cheese - Net-Worm.Linux.Cheese[58]
Mighty - Net-Worm.Linux.Mighty[61]
Millen - Linux.Millen.Worm[62]
Ramen worm - targeted versions 6.2 and 7.0 of the Red Hat Linux distributions only
SSH Bruteforce[64]

The list of course is much smaller than for Windows but still surprising for me.

Now the good part is that Google has in their latest OS a kill switch with allows them remotely to delete any malicious software (BTW Apple has this kill switch too and got a lot of complains and critics about this but I did not hear so much negative about the Google kill switch).

The more I search the more i read, I feel happy not to own an android phone, that at least I don't need to think about anti virus software.

A lot of analyst are saying Androids are not enterprise ready, because of this possible security problem. I think the IT departments are not ready for androids. They don't know yet how to manage the smart phones and how to make sure viruses can't come on the phones. The only company which can somehow ensure no viruses, is Apple, because of their controlling and audit system. However they have already over 200k applications some of them might be malicious and Apple just missed it when they approved. And there the 8% of jail broken iPhones which can have any virus, who knows.
iOS is Unix based but this does not mean it can't get a virus, even if there are not so many viruses for Linux or Unix out there.

The advantage of the iPhone is that IT could complete manage these phones by managing which app can be installed. Apple even allows companies to build their own apps which can be only installed through IT and not through the Apple app store.
And only registered developers can even submit apps to Apple app store. Apple might find the developer source (I hope) if there is a big security problem.

Smobile Systems is warning against using Android as enterprise phones in a report titled Threat Analysis in the Android Market. Please read the PDF if you are interested.

Android 2.2 might not be ready for Enterprise use but for sure it is shocking that over 20,000 apps can access very important user information and that we need to think in terms of a smart phone like a PC. We need to have anti virus software, anti Trojan etc, we will have these very fast phones which are slowing down because of anti virus softwares.

If we don't install anti virus then we should think at least three times if it is ok to install this or that software.

A lot of my friends are developers and complaining they can't really develop apps for iPhone, because Apple does not allow what the developers want to do.

Right now I am (as a consumer) happy that Apple does not make the developers life easy.

- Posted using BlogPress from my iPad.
Please visit my blog

Location:Spinning Wheel Ln,Spring Hill,United States

No comments:

Post a Comment