Slashdot Mirror

← Back to Stories (view on slashdot.org)

BBC Builds Smartphone Malware For Testing Purposes

Posted by Soulskill on from the mainstream-security-research dept.

siliconbits writes "BBC News has shown how straightforward it is to create a malicious application for a smartphone. Over a few weeks, the BBC put together a crude game for a smartphone that also spied on the owner of the handset. The application was built using standard parts from the software toolkits that developers use to create programs for handsets. This makes malicious applications hard to spot, say experts, because useful programs will use the same functions."

4 of 60 comments (clear)

  1. Re:No defense by erroneus · · Score: 3, Interesting

    Why does this remind me of Bonzi buddy?

    I gave my sons their own computer when they were in elementary school. At the time, it was somewhat rare and they were excited by it. They had internet access which I vaguely watched... (meaning checking for porn) and all seemed well.

    Keep in mind that I had NEVER had problems with pop-ups and malware or any of that before simply because I instinctively knew better as do many people here on slashdot. (Not many of us had to learn the hard way... we pretty much already knew... what? install this program to see the video? WE don't fall for that one... but many do!) So it didn't occur to me that my sons were not yet as skeptical as I.

    So yeah... Bonzi buddy. They found this cute thing and installed it and it was fun for them to play with. It told jokes and they could type things in for it to say. Before long, the computer was doing things they didn't tell it to do. I remember the first time my younger son rushed downstairs to tell on his older brother for having naked pictures on the computer screen! The older followed behind closely and explained that they just started appearing out of nowhere! (Pop-ups! I had HEARD about them but never saw them before at the time!)

    So I reloaded the machine, let them install Bonzi buddy again and before long it was happening again. Didn't take me long to realize what Bonzi buddy was up to. Sad part was that Bonzi buddy attracted kids and exploited them with along with the adults.

    In short, there's nothing new or revolutionary in your idea. It has been done a lot already.

    In fact, Microsoft did that too. They could have secured their OSes from being copied from the very beginning. Instead, they used piracy (free copying) as a means of distribution to choke out the competition. Then, once they achieved the "critical mass" their revealed secret documents spoke of, they started locking their software down more and more. It's not like free copying wasn't a problem from the beginning... it's just that it was also useful in the beginning and stopped being useful once their ends were achieved.

  2. Re:No defense by VortexCortex · · Score: 3, Interesting

    Apple's walled garden does nothing to prevent the kind of malware you described.
    Getting hidden malicious functionality through the approval process would be a cinch.

    Yep, even teenagers can get trojan apps past Apple's approval process.

  3. Re:No defense by scamper_22 · · Score: 3, Interesting

    How about requiring all software be written and approved and digitally signed by licensed engineers with legal responsibility.

    That way, if malware gets in, you have someone to blame.

    Pardon me for combining job protection with societal benefit :P... you know... like how doctors and lawyers do.
    Sure it stifles open access... but at the benefit of quality and job protection...

  4. Re:How it is news by BasilBrush · · Score: 3, Interesting

    In many ways mobile phones are more secure than desktops. Sandboxes for apps, strong permissions schemes, app certification etc. But to counterbalance that, they have new facilities as standard that are more dangerous if compromised. Mobile phone charges, SMS, GPS, microphone, camera etc.