Tuesday, December 06, 2005

 

The truth about the Mobile virus scares

Some simple facts before proceeding to cabir, the nemisis you were told

Fact: no-one can pass a virus to your Symbian smartphone over Bluetooth or MMS without your knowledge. See Viruses for Symbian OS below for much more on this.

Fact: it's impossible for any piece of malicious software to make your smartphone unusable. Even if you allow a piece of 'malware' (i.e. a malicious program) onto your unit, it can't touch the OS and applications in ROM, which means you can always do a hard reset to get back to a working system.

(For hard reset, type in ‘*#7370#’ works with older Series 60 smartphones, 'Dial'+'*'+'3' while powering on for newer ones, procedures for UIQ and Series 80 units are in the manual) to get back to a working system.

Fact: the Symbian 'viruses' you read about aren't really in the wild, in the same way that Windows viruses are. Because it's realistically impossible for these apps to spread, you simply will not come across them in any significant number in the real world.

Fact: you're not going to pick up a worm through being online either, as Symbian OS's TCP/IP stack and port handling is far, far tighter than that (that used to be) used in Windows.

Fact: the biggest hazard in the Symbian world is the 'warez' scene, where unscrupulous people 'crack' commercial software and then put it up for free download or try to get friends to beam it around. Quite apart from the ethical considerations about putting genuine Symbian authors out of business, these cracked versions are the perfect opportunity for a malicious cracker to insert routines designed to cripple your phone or scramble your data. You can stay clear of such malware by downloading your Symbian OS third party software from trusted sources and staying clear of warez.

There really is no danger whatsoever of your Symbian OS smartphone becoming 'infected' with something without your knowledge. So sleep easy.

Now do you think, you need a Anti-virus program for your mobile ?


Related Readings:
----------------------
Symbian resolute in face of mobile virus row:
http://software.silicon.com/malware/0,3800003100,39151947,00.htm

Mobiles catch Cabir virus at world athletics:
http://software.silicon.com/malware/0,3800003100,39151322,00.htm

Mobile phone viruses: 'Don't panic!' -- http://networks.silicon.com/mobile/0,39024665,39130139,00.htm

Viruses for Symbian OS - the truth -- http://3lib.ukonline.co.uk/viruses.htm

Excerpts from Original article by Steve Litchfield (www.allaboutsymbian.com)

Overview:

Have you ever tried getting an application (or indeed any other kind of file) from one smartphone to another? Quite apart from the logistics of getting Bluetooth in the right mode ('Visibility: shown to all') on the recipient phone and getting the phones to actually find each other, anything request from another phone to send something has to be manually authorised (i.e. the recipient has to actively read the warning and press a button marked 'Yes'). And, for an application, there are many extra steps to agree to, in terms of accepting that you want to install it in the first place, that it probably hasn't been officially signed and then deciding which disk (internal or expansion card) to install to.

This is totally unlike the virus situation on desktop computers, where viruses infect you quickly and silently, reaching out to others via extra email transmissions and via direct Internet probes. Under Symbian OS, there is (so far) no known way for software to get sufficiently under the hood without your express permission to be able to do any of these things.

A Symbian targetted virus in the Real World

So you're walking through Paddington station, London, within Bluetooth reach of a hundred other smartphone users. And you've left your Nokia 6600 (or similar Series 60 smartphone) open to incoming Bluetooth connections because you often share contacts and appointments with colleagues and it's simply more convenient to leave this setting 'on'. All of a sudden, an 'infected' Series 60 smartphone (assuming there are any in the wild) reaches out to your phone and you hear a beep. Looking at the display you see

"Receive message via Bluetooth from Nokia 3660?"
with buttons marked 'Yes' and 'No'.


Your first choice should obviously be 'No', as you're not with a friend or colleague and are not expecting an incoming contact, appointment or file. Pressing 'No' means instantly stopping the incoming connection dead in its tracks. But let's say that you press 'Yes', out of curiosity perhaps. The virus application will be received into your Inbox, which may even automatically spot that it's a Symbian Installation (SIS) file and will start installing it. There's still no need to panic, though, as you'll then have to accept the various installation warnings and questions:

"Installation security warning: Unable to verify supplier. Continue anyway?"
with buttons marked 'Yes' and 'No'.


There's no application title shown yet, and perhaps you decide to carry on a little further, again out of curiosity (remember that you're not expecting anything).

Now we're getting to the nub of the matter. Symbian OS next pops up the question:

"Install Cabir?" (or "Sexxy", or whatever the heck today's media-favourite virus is called)
with buttons marked 'Yes' and 'No'.

At this point, if you still answer 'Yes', then you deserve everything you get! (As an aside, there are still at least two more questions to answer before the application is actually installed, giving you two more chances to back out)

Conclusion

Does the above sequence sound like the seamless and invisible mechanism needed by any decent virus if it's to propagate itself effectively in the wild? An emphatic NO.

You can keep your Symbian smartphone completely free of malware by following a couple of simple rules:

1) Don't accept unsolicited Bluetooth transmissions from other phones. Or trust applications tacked onto MMS messages ('e.g. Hey, try my new, kewl game!')

2) Don't install applications unless they are ones you've asked for or have downloaded from reputable software sites (Handango, AllAboutSymbian, My-Symbian, 3-Lib, etc.)

3) In most cases, it's quite safe to leave Bluetooth visibility as 'Shown to all'. If you do get bothered by too many unsolicited connection attempts, simply change the setting to 'Hidden'. Although given that the number of 'infected' Symbian Series 60 phones worldwide is truly tiny, you really don't have to worry! You're more likely to be hit by lightning or to win the lottery...

(C) 2004, 2005 Steve Litchfield


Comments: Post a Comment

Links to this post:

Create a Link



<< Home

This page is powered by Blogger. Isn't yours?