Android Virus Protection: “BS Software” from “Scammers” Says Googler

Malvado

DF News Team/Mod
Premium Member
Joined
Nov 7, 2009
Messages
1,989
Reaction score
16
Website
www.myspace.com
Android-No-Malware.png


I always cringe when I see companies selling Android Anti-Virus software. But when my RSS reader fills up with stories about percentage increases of mobile malware and how consumers NEED protect themselves immediately? I consider snapping my phone in half for two main reasons:

The best protection is being a smart consumer. Download apps/products from companies you know. If you don’t know them, do your research: take note of their rating, read the customer reviews, see what permissions they require, and ensure yourself that the app is safe to use before downloading.
We’re so used to malware, trojans, and computer viruses that these software makers are extending the fear to mobile, making a quick buck by preying on the fears of the uninformed.

An Information Week article by Eric Zeman exposes the annoying and outrageous claims of these anti-malware makers, but more interestingly, it includes the take of some disturbed Googlers. Here is a comment from Google’s open-source guru, Chris DiBona:

“Virus companies are playing on your fears to try to sell you bs protection software for Android, RIM and IOS,” he wrote on Google+. “They are charlatans and scammers. If you work for a company selling virus protection for android, RIM or iOS you should be ashamed of yourself.”

Although there HAVE been some issues with banking apps and spam apps in the past, they have usually been obvious ploy and traps into which the uncareful consumer falls. If an app helps you identify which apps/games are potentially harmful in addition to using your own tuition… is it worth it? I think so. But maybe tweak the name and stop pumping out white papers about how mobile malware is on the rise so you can sell more mobile anti-virus software.

What’s your take on the Android Virus Protection issue? And mobile anti-virus in general?

SOURCES: https://plus.google.com/u/0/114765095157367281222/posts/ZqPvFwdDLPv
Android Security: Threat Level None? - Security - Mobile Security - Informationweek
Twitter
 
I use Lookout. I got it primary for backup and it's phone finding features. It also has a scanning functionality that I consider extra.

Personally, I've never had a negative reaction from it scanning stuff. It takes like what 4 seconds for it to scan something newly installed. Frankly, it doesn't negatively effect anything so I keep it.

As for the other protection stuff I have no experience from it. Would I go out and buy one? No. Why? Cause I'm ridiculously froogle with apps.

If it doesn't negatively effect the phones performance I don't see what the deal is in having it. It is their phone afterall. If if makes them feel better to have it whatev.
 
Last I checked, there are no known Android viruses so I've always wondered what the heck those apps scan for. It's a waste of resources and in some cases the scanning software causes problems.

Furthermore, Android is UNIX-based. This ain't Windows so you can feel secure.

That being said, installing "ROMs" or APKs from unknown sources will eventually catch up with you. If you stick to the stock OS and only download from the Android market then you'll be safe. You'll just have to watch out for apps that try to steal your data. One way is if the app mimics an official banking app. These apps are usually removed from the market immediately but the potential is there. Another way is if an app has access to internet and your SD card or other data. It could potentially upload all of your data to hackers. One other potential pitfall is when you allow an app to send SMSes and make phone calls. It could potentially send a text or make a call that costs you money and makes money for hackers.
 
Furthermore, Android is UNIX-based. This ain't Windows so you can feel secure.

No, Android is Linux-based. And Linux is not UNIX, it is a UNIX-like OS but is not certified. All an Android phone is, is a handheld PC running a flavor of Linux. And it should be treated as thus as far as antivirus goes. The general answer to the question "Does Linux need antivirus protection?" is pretty much "No, but that doesn't mean Linux cannot get viruses." - so a decent Android antivirus app (one that isn't a malicious app itself) is not a bad thing to have. Especially if it uses heurisitcs as well as definitions. It could potentially catch an unknown threat.
 
No, Android is Linux-based. And Linux is not UNIX, it is a UNIX-like OS but is not certified. All an Android phone is, is a handheld PC running a flavor of Linux. And it should be treated as thus as far as antivirus goes. The general answer to the question "Does Linux need antivirus protection?" is pretty much "No, but that doesn't mean Linux cannot get viruses." - so a decent Android antivirus app (one that isn't a malicious app itself) is not a bad thing to have. Especially if it uses heurisitcs as well as definitions. It could potentially catch an unknown threat.

It's just semantics but I disagree with your point about Linux not being UNIX. See: Linux News: News: Is Linux Unix?

I do agree with what you say about heuristic analysis being valuable but I don't know how feasible it is for an Android app to do some of the necessary actions, like sandboxing of other apps.

The main point is that antivirus on Android is currently BS.
 
I use Lookout. I got it primary for backup and it's phone finding features. It also has a scanning functionality that I consider extra.

Personally, I've never had a negative reaction from it scanning stuff. It takes like what 4 seconds for it to scan something newly installed. Frankly, it doesn't negatively effect anything so I keep it.

As for the other protection stuff I have no experience from it. Would I go out and buy one? No. Why? Cause I'm ridiculously froogle with apps.

If it doesn't negatively effect the phones performance I don't see what the deal is in having it. It is their phone afterall. If if makes them feel better to have it whatev.

The problem isn't in having the apps. The problem lies when they charge you guys. They make you pay a premium for "security". But like these guys say, it doesn't need such apps.


Sent from my Droid 3 directly to YOU!
 
I've honestly never understood it..

in the days before serious "virus" protection, I was simply careful. I remember in 1997 when I first started getting online... I didn't start using antivirus until late 2007ish... and even now I just use no-script and ad-block. that's not to say I don't use antivirus, I just don't rely on ONLY it.

man... consumers will fall for anything wont they.
 
The problem isn't in having the apps. The problem lies when they charge you guys. They make you pay a premium for "security". But like these guys say, it doesn't need such apps.


Sent from my Droid 3 directly to YOU!

How much are they asking?

Sent from my DROID BIONIC using DroidForums
 
Last I checked, there are no known Android viruses so I've always wondered what the heck those apps scan for. It's a waste of resources and in some cases the scanning software causes problems.

Furthermore, Android is UNIX-based. This ain't Windows so you can feel secure.

That being said, installing "ROMs" or APKs from unknown sources will eventually catch up with you. If you stick to the stock OS and only download from the Android market then you'll be safe. You'll just have to watch out for apps that try to steal your data. One way is if the app mimics an official banking app. These apps are usually removed from the market immediately but the potential is there. Another way is if an app has access to internet and your SD card or other data. It could potentially upload all of your data to hackers. One other potential pitfall is when you allow an app to send SMSes and make phone calls. It could potentially send a text or make a call that costs you money and makes money for hackers.

I respectfully disagree here. There were no virus's for Apple until recently either. Bottom line here is; Once a platform gains a solid user base; then there is a desire for scammers/hackers to write virus code for it. Right now; this may not be an issue, but; it will be. Are you willing to take Market based programs as "safe" just because they are on the market!? I'm not! I'm paranoid about viruses/malware etc.... I lock everything I own that is connected down tight. Point here is; complacency is going to get lots of people in trouble.

As for the OT; I currently do not use any software because my OG droid is just getting too slow as is. I do however constantly check my Market account and I make certain that an app is legit by researching it before I load it onto my phone. Once I upgrade; I will be using Symantec; at least until ESET releases something better for Android.
 
Back
Top