18
Nov
android-virus-1

What happens when Google's open-source program manager Chris DiBona reads one too many false claims about the nature of open source software? He takes to his soapbox on Google+ to put everyone in check.

That's exactly what happened a couple of days ago after DiBona read yet another article pounding the nature of open source, citing that it's "inherently insecure." Like any advocate for a cause would do, DiBona immediately set out to uncover the truth about security in an open source environment, paying particular attention to mobile operating systems, including Android and iOS.

No major cell phone has a 'virus' problem in the traditional sense that Windows and some Mac machines have seen. There have been some little things, but they haven't gotten very far due to the user sandboxing models and the nature of the underlying kernels.

No Linux desktop has a real virus problem.

Yes, virus companies are playing on your fears to try to sell you bs protection software for Android, RIM and IOS. They are charlatans and scammers. If you work for a company selling virus protection for android, rim or IOS you should be ashamed of yourself.

Pretty strong words, no? DiBona went on to say that a "virus of the traditional kind" on a mobile device "is possible, but not probable," and each time an analyst firm claims there is a virus infecting iOS, Android, or RIM devices they are "not being honest" and "extraordinary claims need extraordinary evidence."

In a nutshell, don't believe everything you ready about mobile viruses, because it's probably not true anyway.

Are you uninstalling that AV app yet?

[G+ via Cnet]

Cameron Summerson
Cameron is a self-made geek, Android enthusiast, horror movie fanatic, and musician. When he's not pounding keys here at AP, you can find him spending time with his wife and kids, plucking away on the 6- or 7-string, or watching The Texas Chainsaw Massacre on repeat.

  • skinien

    My thunderbolt has HIV.

    • Don

      Keep it out of your rump! Lol!

  • http://www.rafaelzanetti.com.br Rafael Zanetti

    I use AVG just because of the locate my phone feature, which is something google could offer out the box

  • awg_ilyas

    Using the free version of Lookout.

    And hey it tracts my missing phone as well. :P

  • JCS

    I install one every now and then to run a scan, then I uninstall it again. My OG Droid can't give up that much real estate without serious performance issues.

  • BobbyPhoenix

    OK so what classifies as a traditional virus on a phone? There have been apps that steal user info, send texts to rack up your bill, etc that have been caught by the teams of Lookout and such. I thought these would be considered traditional viruses. I guess not. Lookout has flagged an app for me once, and it later turned out that in fact the app would have "read my sensitive data" and probably could have stolen my info. I think Chris needs to do some more research.

    • cintra

      Did you check the permissions required by Lookout before installing it? They certainly stopped me from installing it..

  • Ryan S

    Its more accurately malware, meaning its software you had to install and then does something it doesnt tell you about. He is right, NOT a virus. The only big one was the square text message that hit the iphone a while back.

    Being said some malware protection might be a good idea for moronic owners who dont read the security permissions or install stuff from russian freeware sites. At least then some program would tell them they are an idiot for installing a fart app that requires 4 CC numbers and internet access.

    • BobbyPhoenix

      OK. That actually makes sense. So really the app makers should market their apps as Anti-Malware more than Anti-Virus. That would put an end to it.

      • JayMonster

        Not necessarily, anti-virus and anti-malware are not the same things. If they are actually anti-virus programs, then they should create a true anti-malware, not just rebrand.

    • DanCandy

      You nailed it, 100%.

      Couldn't have said it better myself.

      Unfortunately, the masses don't understand (or care to) what a virus is vs. spyware/malware/adware/etc.

  • digitalthug

    Everytime a customer walks into my store saying their phone is slow and freezing, I immediately know its these goddamn anti-virus apps. Low and behold, that's always the case. Most people use Lookout, so I just go into the settings and disable everything except for Phone Location. Idk what's worst, av apps or task killers!

  • Mike Snyder

    Viruses are malicious programs that replicate repeatedly in effort to eventually take control of or crash the kernel.

    Viruses aim to destroy data/hw/sw, not house or send your personal data.

    To date, there has been no such thing in ANY mobile device.

    What we are seeing in the market are actually spyware. These spyware applications glean information unbeknownst to the user and then either transmit this information to the creator of said app or house the information for some future use. Much like the name implies, spyware literally steals information that it is not supposed to have access to. It really is that simple.

    Another entity we have been seeing is adware. Adware apps use the information on your phone (such as location, browsing habits, etc.) to generate a "relevant and/or meaningful" advertising experience on your mobile device. A lot of adware apps are paired with some sort of spyware code so that the application winds up learning all of the users information, possibly using the mobile device's communication features (phone, email, text, data) to communicate with certain 'pay-for' mediums - Like 900 numbers, premium text numbers, etc.

    These so-called Anti-Virus applications are nothing of the sort. Anti-malware, sure. Anti-spyware, maybe. But to market them as any sort of all-in-one solution that will 'protect your phone' is simply a hoax.

    • Nick W

      I just basically posted the same thing. :) This guy is actually right. It's spyware folks, not malware or a virus. :D

  • Jaz

    Google should have a built in location app in Android that has been tested to be accurate. Then all these other programs won't be needed and we won't have all these people trying to install programs that bog down their phones. I currently have 3 location apps on my phone since everytime I test them only 1 works. So cmon google make it happen.

    • Freak4Dell

      Agreed. With how tightly these phones are tied in with Google services, it would not be difficult whatsoever to add on-demand location tracking, especially for the geniuses at Google.

  • Jonathan R

    However, in the common lexicon they see that as viruses. Like a child calling a spider a bug. Perhaps google should develop their own native anti-malware apps to contend with the charlatans and free up resources.

  • duder

    like most people - i just have the free lookout version and if my phone is stolen ill do the remote find/wipe as needed.

    Other than that, Lookout is completely disabled as far as the other features go.

  • Nick W

    Most of you are wrong when you say that the "viruses" that android gets are malware. Malware is intended to harm the user to an extent *shut down keyboard on screen and mainly loss of functionality that the attacker chooses. It's actually spyware since the dominant forms end up taking sensitive data or taking money from the user without showing the user anything. Malware is intended to harm, spyware is used for stealing while running in the background.
    How do I know this? I had to learn to remove viruses from computers and you have to know what it does before you remove it incase you decide to take a sample for later.

    • Ryan S

      With respect to what you are saying its doing you are correct but there is can could be malware for mobile devices, easily.

      The issue is people think of them as a virus, which can be self replicating and exploit vulnerabilities in the OS, which is much harder on these devices. So far there is only one I know of that has been successful. On an unrooted phone its basically impossible because nobody has access to the core OS, even rooted its still pretty limited since its a VM.

      The big thing is the -ware, meaning its a software of some kind that requires a user intervene to enable it. When Google forces any app you install to disclose the permissions it will be assigned i think its more of an ID10T error than anything else.

      If you accept that a camera app needs access to everything you type and to record calls then its your own fault.

  • MindStrider

    I think my biggest problem with AV apps on a phone personally is how annoying they get. I tried AVG for a while (it's served me well enough on Windows desktops) but an extra notification every time I did anything and it repeatedly flagging my SuperUser app as a virus really got on my nerves. I imagine any other rooted users will have had similar issues!

    • Justin

      Did I have that issue? Yes, did I just white-list it? Yes. That way I don't have a problem. That being said I did uninstall the AVG antivirus and I'm am just using LBE now and do things manually.

      • MindStrider

        You make a good point. I did comment somewhat hastily. Overall though I found AVG on Android to be more fuss than it was worth. Perhaps it's just that I'm already pretty careful about what I install and that I found AVG's approach a little simplistic for me. I can't comment on other AVs for Android (as I should have said), so I don't know whether they're really much different.

  • Vision77

    I say root and use LBE Privacy guard....and take control over which apps get the privilege of using which permissions.....

  • NYC_Dude

    To all those touting the benefits of location tracking in apps like Lookout and so forth, any smart person who chances upon a cool expensive smartphone knows to immediately put it in airplane mode till he/she gets home and flashes the ROM to something else...

    ..or tries to return it to owner if owner's info can be found...

    • BobbyPhoenix

      That may be true if it was stolen, but when the average person leaves it in the car, or over a friends house, or any legit non thief reasons, it really comes in handy. Especially if you travel a lot, and have a habit of leaving it in someones house, but you don't know who's, so instead of calling everyone, or visiting them, you can fire up Lookout on the web, and boom, there it is!

  • Dimitry

    I have been using android since the time of the G1. I have never even bothered to install anti virus or malware apps. They're complete bs! Not to mension, similar to Linux the user has to self compile the virus and run it to get infected. That in its self is difficult for an end user to do. Android also shows you the permissions that makes it easier to spot foney apps.
    Anti virus companies make a killing on windows operating systems. I usually just hunt down the Trojans in the windows directory, kill them then remove the files from registry. No need for anti virus programs!

  • Greg

    I think most people seem to be missing the point that "Anti-Virus" or "AV" is the common term most people use to describe security software. And I dont mean the kind of people that read androidpolice.com I mean the kind of people that buy a $200 HTC and then install 100's of free apps that need 20 permissions. The same people that dont read or undertsand the permissions and havn't rooted their phones. For these people, an app that can warn them that the camera app asking for permission to read and send SMS messages isn't good, is a must have...no matter what you call it.

  • Phil

    What people don't realize is that antivirus programs, on the computer or otherwise, only protect you against known threats. Meaning that, even with an antivirus, you are and always will be suspetible to attacks via zero-day vunerabilities or malicious applications that haven't been identified.

    Since malicious applications are removed from the market when they are identified(or actually removed from the infected person's phone by Google themselves), Lookout and similiar apps are only protecting you against threats that are no longer present and are thus a waste of system resources. If you want a Find My Droid feature, there are other apps that can provide it that are less intrusive and system hungry.

    • Guest

      No.
      Heuristics and behavior analysis are standard in every modern AV.

  • jonathan

    To make it simple guys. What we've seen on android are not viruses, and actually i'm not quite sure if its right to call them spyware as all those apps had to ask for your permission to share data when u installed them. So all those anti virus apps just read the apps permission and tell you when something might be wrong (eating all your cellphone's processing power along the way). People is just lacking knowledge about how to stay safe in mobile plattforms. I think 5 minutes is more than enough to understand android apps permission and save yourself a lot of headaches. Now if u want a "find my andoid" functionality i recommend you guys seek droid app

  • cathy

    The definition issue does not bother me much, since most of the major security vendors have made these points clear since malware/virus/anyware-doing-things-without-you-knowing.

    What scares me most is an OS developer assumingly stating "we don't have security issue you should all care about". Android/iOS is now have huge market share like Windows, deeply tied with credit cards, and I'm sure that's pretty inviting for financially motivated organizations.

    ...Is Google's security really OK?

  • Dan

    Here's a "mainstream" news outlet that actually reported on this. Surprised me.

    http://www.informationweek.com/news/security/mobile/231903411

  • ChumbleSpuzz

    If you want location tracking without the AV overhead, just install Prey.

  • DiBonehead

    DiBona. Where to begin with this guy...

  • Mitch

    NetQin is Checkmark certified by Westcoast Labs for Mobile Security Antimalware & Mobile Security Loss Control. Haven't found another test like it from any other lab.

    Hopefully others will submit their products for testing through Westcoast labs, AV Copmparatives etc...