What's new
DroidForums.net | Android Forum & News

This is a sample guest message. Register a free account today to become a member! Once signed in, you'll be able to participate on this site by adding your own topics and posts, as well as connect with other members through your own private inbox!

Is antivirus really necessary?

bearman said:
My 2 cents:

I'm currently researching AV/malware protection for my Droid and plan to deploy as soon as I find a product that meets my needs and comes from a source that can be verified as being legitimate.

Konstructa mentioned that "some of the first root kits were Unix based". Actually, the very first root kits were Unix based.
Speaking of root, how did we get root access on our device? Someone found a vulnerability that we have exploited to run code of our choice. Guess what - malware writers do the same thing.

Many have stated that Android doesn't need AV because it is Linux based. I've even heard a number of colleagues state the same thing when approached by management asking about AV on Unix servers.
But a common flaw in that thinking is this: most malware anymore doesn't even target the OS. Rather, it targets the applications such as the web browser, email client, Java, Acrobat, Quicktime, etc. Anyone out there avoiding those apps?
Anyone stating we won't ever need protection is just burrying their head in the sand.

My bottom line:
Just because there are no known viruses or malware targeting our beloved platform at the moment is no reason not to research and support tools to protect our platform and the data stored therein.
Click to expand...

I don't think (or at least I hope) that anyone's contention is that Linux can't get viruses or can't be compromised somehow. Any computer, any OS, anything in the world that connects to the Internet can be compromised. However, the odds of your Linux system being compromised are almost slim to none and to be honest, you'd almost have to allow it to get infected. You left off some important things:

Sure, malware targets applications such as browser, acrobat etc, but most (not all) binaries which are downloaded to a linux system wont be executable by default. In other words, if you link to some binary on the net, or if some rogue application downloads a binary, it's not going to result in an automatic execution on your system (unlike Windows), hence the "This application uses" screen before you install an app, and the "Trust 3rd party" checkbox.

Second, even if you do run a package from an attachment and even if you do put in your sudo password (or in this case run as root), you're still going to be told that this is from an untrusted/unsigned source and you have to make the decision to proceed. Again, you'd have to essentially try to infect your system if you download some rogue app from a third party that you know nothing about.

Third, most linux targeted viruses can't self-replicate so again it's essentially you attempting to infect your system.

If you download a binary from www.removedlink.com called "GetPeoplesCreditCardInformation.apk", run it at root, trust it, and install it and your system gets infected, that's a user flaw and not a Linux flaw.

I have no intention to install any antivirus on my Linux systems, or my phone as it is unnecessary. Can Linux/Android be compromised? Absolutely. Is it likely that you're going to get compromised by downloading an app from a malicious coder? Yes, if you agree to all the security warnings that are presented to you before you install. There are far too many checks done before something actually executes, and I would honestly blame the user if he/she managed to somehow mess up their system.

If I'm completely wrong about this, someone please correct me, but I'm pretty sure I'm not haha...
 
czerdrill said:
I don't think (or at least I hope) that anyone's contention is that Linux can't get viruses or can't be compromised somehow. Any computer, any OS, anything in the world that connects to the Internet can be compromised. However, the odds of your Linux system being compromised are almost slim to none and to be honest, you'd almost have to allow it to get infected. You left off some important things:

Sure, malware targets applications such as browser, acrobat etc, but most (not all) binaries which are downloaded to a linux system wont be executable by default. In other words, if you link to some binary on the net, or if some rogue application downloads a binary, it's not going to result in an automatic execution on your system (unlike Windows), hence the "This application uses" screen before you install an app, and the "Trust 3rd party" checkbox.
...
If I'm completely wrong about this, someone please correct me, but I'm pretty sure I'm not haha...
Click to expand...

Malware that targets the apps doesn't have to be a system executable binary. For example, quicktime and PDF files are not system executable but can still have nasty surprises.

Also, you don't necessarily have to allow an app to have root access in order for the app to receive root access. We have heard of vulnerabilities in various authentication and crypto modules (isc.sans.org mentions an Ubuntu PAM vulnerability just this morning). Applications can exploit these vulnerabilities to gain root access just as we did. Such an app can easily come from visiting a web page with malicious javascript or java or flash.
You may say don't visit malicious sites. Better stay away from most of the Internet then, as any site that takes input such as comments can be infected with XSS.

I agree that a 'Nix based OS is more resilient and currently not heavily targeted, but I still believe that we would be foolish to not investigate and prepare some defenses now.
 
bearman said:
I agree that a 'Nix based OS is more resilient and currently not heavily targeted, but I still believe that we would be foolish to not investigate and prepare some defenses now.
Click to expand...

At this time the only thing an AV app would do is use battery and resources.
Totally not needed.
 
OK, i'm new to this and have a stupid question. I'm using an exchange server to get work email on my Droid Inc. Can I send a virus to my computer from my droid through Outlook?
 
bearman said:
czerdrill said:
I don't think (or at least I hope) that anyone's contention is that Linux can't get viruses or can't be compromised somehow. Any computer, any OS, anything in the world that connects to the Internet can be compromised. However, the odds of your Linux system being compromised are almost slim to none and to be honest, you'd almost have to allow it to get infected. You left off some important things:

Sure, malware targets applications such as browser, acrobat etc, but most (not all) binaries which are downloaded to a linux system wont be executable by default. In other words, if you link to some binary on the net, or if some rogue application downloads a binary, it's not going to result in an automatic execution on your system (unlike Windows), hence the "This application uses" screen before you install an app, and the "Trust 3rd party" checkbox.
...
If I'm completely wrong about this, someone please correct me, but I'm pretty sure I'm not haha...
Click to expand...

Malware that targets the apps doesn't have to be a system executable binary. For example, quicktime and PDF files are not system executable but can still have nasty surprises.

Also, you don't necessarily have to allow an app to have root access in order for the app to receive root access. We have heard of vulnerabilities in various authentication and crypto modules (isc.sans.org mentions an Ubuntu PAM vulnerability just this morning). Applications can exploit these vulnerabilities to gain root access just as we did. Such an app can easily come from visiting a web page with malicious javascript or java or flash.
You may say don't visit malicious sites. Better stay away from most of the Internet then, as any site that takes input such as comments can be infected with XSS.

I agree that a 'Nix based OS is more resilient and currently not heavily targeted, but I still believe that we would be foolish to not investigate and prepare some defenses now.
Click to expand...

haha, well yeah if you want to preach gloom and doom then yes by all means stay away from the Internet. The reality is, your phone is not going to get a virus, and antivirus apps on android are about the most useless apps on the market.

of course, it is your phone so you can install whatever app on it that makes you happy :)
 
Waveraider said:
OK, i'm new to this and have a stupid question. I'm using an exchange server to get work email on my Droid Inc. Can I send a virus to my computer from my droid through Outlook?
Click to expand...

Yes. If you send an infected file from your Droid to an email address and open it on a Windows computer, the windows computer can be affected. Because the virus/infection would have been written for a windows machine. Your droid won't be affected because it can't run that code, but the windows machine will.

To clarify...this is a file that contains a Windows infection. There are no Droid viruses out in the wild.
 
Waveraider said:
Czerdrill, Can the droid send a virus to Outlook from surfing the internet?
Click to expand...

That I dont' know. You mean like automatically send a file while you're surfing? I doubt it. But if you're on some site that you can send files to an email address I guess it would work. Although why wouln't you just use your email client to do that haha...
 
Linux isn't hack-free for everyone that thinks that. I can create a virus on the computer that copies a worm tailored to the modified Android Linux OS which spreads to other phones through bluetooth if I wanted to. It's not that hard. So I use anti-virus...

Source: use to be a black hat hacker.
 
You must log in or register to reply here.

Similar threads

K
antiVirus App (Please Help)
2
Replies
20
Views
8K
shari'sdroid
S
H
antivirus for droid
2 3 4
Replies
51
Views
11K
furbearingmammal
F
B
The best cleaner and antivirus for Android
Replies
0
Views
2K
babylovebabie
B
E
WARNING- AndroLib.com infected with Rogue AntiVirus
2
Replies
28
Views
6K
seang
S
F
com.motorola.friendfeed is eating up my batt alive!!!
Replies
3
Views
4K
WaltA
W
Back
Top