Slashdot Mirror

← Back to Stories (view on slashdot.org)

Anti-virus Vendors Eye Cell Phones

Posted by ryuzaki0 on from the need-anti-virus-to-stop-telemarketers dept.

coastin writes "Are cell phones and handheld devices the next big market for anti-virus software vendors? While there have been more than 150 cell phone viruses discovered since 2004, compared to over 150,000 Windows PC viruses the count seems low at this time. Marketing researcher Gartner suggests a widespread attack could surface by the end of next year. With the number of cellular devices sold in 2005 far beyond that of Windows PCs and no choice of anti-virus protection for most cellular device customers, should the cell carriers listen more closely to the anti-virus vendors?"

13 of 119 comments (clear)

  1. ah excellent... by wetelectric · · Score: 3, Funny

    I can now spend 30mins removing norton from my customers mobile phones aswell! yay!

    --
    Most people have no idea what they are doing, and are silently panicking on the inside.
    1. Re:ah excellent... by feanor512 · · Score: 2, Insightful

      No. Some people would prefer one device that works as a cell phone, PDA, MP3 player, and camera. However, if you want to carry around your batbelt of accessories, go right ahead.

  2. Battery life? by chrismcdirty · · Score: 4, Interesting

    How would an AV scanner affect my battery life? Would it constantly run residently, waiting for me to download something? If it halves my battery, no thank you.

    --
    It's like sex, except I'm having it!
  3. If a widespread attack doesn't happen... by Ritz_Just_Ritz · · Score: 3, Insightful

    They would have to create one. Microsoft is going to eventually shut down their most lucrative market since consumers are more likely to trust Microsoft's own virus solution rather than pay a 3rd party. (I'm not saying that it is actually true that Microsoft is a better security guardian, but that's how average people are likely to react.) So the virus software vendors are about to become frantic for an alternate source of revenue.

  4. Network Filtering by MankyD · · Score: 2, Insightful

    Not that I support censorship in any way, but do not the cell companies have very tight control over their networks, and thus the data flow over them? What's to prevent them from disallowing certain data (i.e. known viruses) from flowing to their customers?

    <sarcasm>I mean honestly, can't they just check the evil bit?</sarcasm>

    --
    -dave
    http://millionnumbers.com/ - own the number of your dreams
    1. Re:Network Filtering by DMoylan · · Score: 2, Informative

      most of the content on my phone is uploaded from a pc. symbian 60 smartphones are hugely popular here in europe and most of the people i know upload from pcs. the viruses that are out there pretend to be games, apps for installation on the phone. the 2 s60 phones i have had defaulted to only installing signed apps. to install a virus i would have to turn this off and accept a whole pile of warnings about unsafe apps. viruses on symbian are like viruses on macs. anti virus companies seeking to expand their markets.

  5. don't trust anti-virus vendors by radarsat1 · · Score: 5, Insightful

    Part of the reason I don't use anti-virus software, other than because they slow down and hamper your computer, is because they are the ONLY corporate entity that literally have it in their self-interest for a virus to show itself once in a while on your computer. I'm not saying they write the damn viruses (I'm not saying they don't either) but I do think they try to make sure something will slip by once in a while, just to keep it in the public's mind that they need this software, so that they'll keep it installed and pay for upgrades.

    Of course on my linux side I have no virus problems, but it's also been ages since I've dealt with a windows virus, because I keep things updated and use better web browsers and email clients, and I also strongly suggest the same practises to people I know, people who I know will come to me for help when they get one. Viruses just aren't a problem if you use your computer intelligently and remain somewhat suspicious of odd behaviour.

    All I'm saying is that it's sort of counter-productive, if you think about it, to have an entire industry who's very existance depends on malware, and who, if they are doing their jobs, would eliminate their very reason for being there in the first place. (Sure, the police are the same thing, but that is exactly why the police are a public entity, and not corporately owned.)

  6. You'd think Verizon would stop them. by lancejjj · · Score: 2, Insightful

    I'm sure Verizon would be very interested in cell phone virus software if it can help them continue to prevent customers from using software other than Verizon's own software.

    But I doubt that such software would be used to improve service or reliability from the customer's point of view.

  7. how about less vulnerable phones? by Lxy · · Score: 2, Insightful

    Why does my phone need to have the ability to execute malicious code in the first place? A phone does not need a web browser, chat client, and e-mail client. A phone certainly DOES NOT need any sort of scripting engine. Why did the cell phone manufactures go and add vulnerabilities into the phone in the first place?

    --

    There is no reasonable defense against an idiot with an agenda
    :wq
    1. Re:how about less vulnerable phones? by drinkypoo · · Score: 2, Insightful

      I wish you pathetic luddites would fuck off back to the shack in the Ozarks that you crawled out of. Further, I wish the idiot moderators that keep modding you types as "insightful" would lose their eyesight - I can't imagine anyone being tenacious enough to read and mod slashdot on a braille reader, although now that I think of it probably 100% of those assholes would do so. The fact is that you are so far in the minority that you don't even show up as a inconsequential statistical anomaly. You don't even rate being described as "random noise".

      The fact is, everyone that matters wants complicated cellular telephones. Who matters? The people who actually buy them. This is why these cellphone companies have these phone upgrade packages. It's easier to get people to stomach another $10 a month than it is to get them to stomach paying another $100 (on top of what they're paying already) when they upgrade their phone. Note the $20 discrepancy in my article - the cellphone companies are of course making something for their trouble.

      If there were a worthwhile market for featureless cellular phones, they would exist. There isn't. They don't. Build a bridge, and get over it.

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
  8. Protect from what? by xdroop · · Score: 2, Insightful
    Virus protection is inherently a reactive process: until you understand the threat, you can't protect against it. (Proof: if Windows virii were understood in general correctly, you'd buy one virus scanner that would protect against any future virus. The fact that updates are constantly required illustrates the reactive nature of the business.)

    So "Virus Scanners" for cell phones today will only protect against those ~150 threats that exist today. By definition, you can not protect against all future threats today (because if you could, your OS provider would have already done so).

    Once threats become more widespread, the concept of a "Virus Scanner" will become more plausible.

    --
    you should read everything on the internet as if it had "but I'm probably talking out of my ass" appended to it.
  9. Re:Stupid people, smart phones by Zeinfeld · · Score: 2, Insightful
    I've personally seen just one infected S60 phone. The owner had hit 'No' a couple of times, then just "yes yes yes really yes ok ok ok yes" to get rid of the requesters. Stupid people should not have ANY control over their hardware.

    It sounds to me that the 'stupid person' here was the engineer that designed a user interface that didn't allow the user to say 'no means no'.

    The feature of javascript that allows programs to repeatedly display popups requesting a code download is a serious bug. It is the result of the Netscape mindset that the content producer 'owns' the user experience, not that the user does. It isn't the only think Netscape screwed up in the service of their real customers, the companies buying the Netscape servers and PSO engagements.

    I believe that there will be a market for cell phone anti-virus but not one that McAfee and Symantec are likely to make money from. The wireless customers are going to consider this the problem of the carriers, they are right. Anti-Virus systems for cell phones will all work at the network level.

    --
    Looking for an Information Security student project suggestion?
    Try http://dotcrimeManifesto.com/
  10. Running up the bill by duplo1 · · Score: 2, Interesting

    Personally, until mobile wireless broadband (e.g. HDSPA, EVDO, etc.) services become more pervasive and not to mention MUCH cheaper, I don't think there will be a huge problem. Viruses don't spread through the air - they would require the terminal device to be active and connected.

    Assuming a piece of malware could activate the data radio at pre-determined times (e.g. late at night), it could really run up the bill for those who don't have unlimited data plans.

    Another avenue of attack, which I see as most likely in the near future (especially for pocketPC users) are malicious websites. Not a whole lot of research seems to be going on in mobile vulnerability development, but when research increases, there will be a problem. Of course much of the research will probably be funded by the AV companies or their subsidiaries. I'm sure you've seen the job postings for security engineers and researchers at companies like symantec so don't deny it.

    Now that mobile networks and fixed networks are converging, they really resemble fixed networks, thus controls that work on fixed networks will probably work on the mobile networks with little modification.
    Firstly, terminal devices, especially J2ME capable ones have reasonable controls by way of very granular permissions that are found in any java runtime environment. I'm not however aware of how extensive the controls are at the OS level. If operators are smart, they will be rather restrictive with these permissions.

    Lastly, network controls need to be in place. Perhaps this will be a good use for Unified Threat Management firewalls, which could possibly be placed at the Base Station Subsystem (BSS) level.

    The next 12 months will be very interesting. I certainly don't look forward to having to install Norton AV on my Samsung i730!