Slashdot Mirror

← Back to Stories (view on slashdot.org)

Anti-virus Vendors Eye Cell Phones

Posted by ryuzaki0 on from the need-anti-virus-to-stop-telemarketers dept.

coastin writes "Are cell phones and handheld devices the next big market for anti-virus software vendors? While there have been more than 150 cell phone viruses discovered since 2004, compared to over 150,000 Windows PC viruses the count seems low at this time. Marketing researcher Gartner suggests a widespread attack could surface by the end of next year. With the number of cellular devices sold in 2005 far beyond that of Windows PCs and no choice of anti-virus protection for most cellular device customers, should the cell carriers listen more closely to the anti-virus vendors?"

2 of 119 comments (clear)

  1. Battery life? by chrismcdirty · · Score: 4, Interesting

    How would an AV scanner affect my battery life? Would it constantly run residently, waiting for me to download something? If it halves my battery, no thank you.

    --
    It's like sex, except I'm having it!
  2. Running up the bill by duplo1 · · Score: 2, Interesting

    Personally, until mobile wireless broadband (e.g. HDSPA, EVDO, etc.) services become more pervasive and not to mention MUCH cheaper, I don't think there will be a huge problem. Viruses don't spread through the air - they would require the terminal device to be active and connected.

    Assuming a piece of malware could activate the data radio at pre-determined times (e.g. late at night), it could really run up the bill for those who don't have unlimited data plans.

    Another avenue of attack, which I see as most likely in the near future (especially for pocketPC users) are malicious websites. Not a whole lot of research seems to be going on in mobile vulnerability development, but when research increases, there will be a problem. Of course much of the research will probably be funded by the AV companies or their subsidiaries. I'm sure you've seen the job postings for security engineers and researchers at companies like symantec so don't deny it.

    Now that mobile networks and fixed networks are converging, they really resemble fixed networks, thus controls that work on fixed networks will probably work on the mobile networks with little modification.
    Firstly, terminal devices, especially J2ME capable ones have reasonable controls by way of very granular permissions that are found in any java runtime environment. I'm not however aware of how extensive the controls are at the OS level. If operators are smart, they will be rather restrictive with these permissions.

    Lastly, network controls need to be in place. Perhaps this will be a good use for Unified Threat Management firewalls, which could possibly be placed at the Base Station Subsystem (BSS) level.

    The next 12 months will be very interesting. I certainly don't look forward to having to install Norton AV on my Samsung i730!