Slashdot Mirror

← Back to Stories (view on slashdot.org)

Nokia Phone Gets Virus Protection

Posted by timothy on from the prophylactic dept.

wan-fu writes "After all that talk about bluetooth vulnerabilities and mobile phone virii there will finally be a mobile phone with virus protection. Nokia's 6670 smart phone will be released in October and features software from F-Secure. Perhaps this will raise the eyebrows of some other mobile phone manufacturers to step up and increase their security policies for their phones' operating systems."

4 of 114 comments (clear)

  1. Re:Hmm by pyrros · · Score: 4, Informative

    >Why not just make a phone that is secure in the first place and
    >can't get viruses. This has to be the worst marketing ploy ever.

    Because people want more and more features. Series 60 phones from nokia can run user-installed programs, and we all know what happens when you mix ease of installation (browse to a WAP/web page) and clueless users.

    Still, the right aproach would be educating users and using some kind of sandbox model:

    "pr0napplet wants to make a phone call"
    [Allow] [Deny] [Always] [Never]

    But I completely agree that bundling snakeoil is NOT the way to go. Moving the antivirus arms race to mobile phones will only hurt the phone market in the long run: when your PC gets 0wned, most of the time you just lose the use of your bandwidth: the spam you send does not immediately hurt you. Should your phone get 0wned, you'll probaly run a service bill in the thousands of dollars (or euros). Once word gets out, some people will be too scared to use a smartphone.

  2. Nokia: fix the OS first by quigonn · · Score: 2, Informative

    I do Symbian OS programming for a living (Symbian OS is the OS that was once EPOC on Psion and now drives a number of mobile phones, including Nokia Series60/80/90 and UIQ [Sony Ericsson P800/900/910]), and I have to say, from the security aspect it's one of the worst operating systems I ever saw. It has absolutely no security measures (besides a trivial buffer overflow checker in TDesC and derived classes), no permission system, nothing. The only really secure part that I saw in it was the Java sandbox.

    So, my call to Nokia: get another OS vendor, try not to use Symbian OS anymore, and switch to e.g. Linux like Motorola did: it would be a relief for a lot of programmers, and help overall security on handsets and other mobile devices of your company.

    P.S.: from the theoretical point of view, Symbian OS is great: it's AFAIK the most widely deployed microkernel operating system. But theoretical greatness doesn't help you with practical security issues...

    --
    A monkey is doing the real work for me.
  3. Re:Hmm by jyristys · · Score: 2, Informative
    Still, the right aproach would be educating users and using some kind of sandbox model: "pr0napplet wants to make a phone call" [Allow] [Deny] [Always] [Never]

    Funny you should mention that, because that is pretty much exactly what new Series60 phones do. Also, the only way to get a midlet you write the full rights is to have it signed by the manufacturer of the device or the operator.
  4. really picky, but: no such thing as _virii_ by toomanyhandles · · Score: 2, Informative

    See here:
    here
    "virii" doesn't work as a plural.