Do You Need Anti-Virus Protection?

This is a discussion on Do You Need Anti-Virus Protection? within the Android Forum forums, part of the Android Discussions category; You don't need SU permission to be malicious. Browsing history, contact information, etc. All of these things don't need SU access to read. So, an ...

Page 5 of 6 FirstFirst ... 3456 LastLast
Results 41 to 50 of 54

Thread: Do You Need Anti-Virus Protection?

  1. #41
    Super Moderator/RS furbearingmammal's Avatar
    Join Date
    Jan 2011
    Location
    Two hours north of Syracuse, NY. Yes, there IS civilization that far north.
    Posts
    3,983
    Thanked
    197 times
    Twitter
    FurryVarmint
    You don't need SU permission to be malicious. Browsing history, contact information, etc. All of these things don't need SU access to read. So, an app with internet permissions could be phoning all your contacts, contact data, location, whatever, to someone with malicious intent.

  2. #42
    Themer htc(hot-taco-cheese)'s Avatar
    Join Date
    Jan 2011
    Location
    127.0.0.1
    Posts
    479
    Thanked
    9 times
    Twitter
    hotTACOcheese
    @wug

    That could totally happen. I might try that. Not the virus part. Just link to weird websites.

    Sent from my ADR6300 using Android.net App

    There is not much to look at in this signature.

  3. #43
    Developer WugFresh's Avatar
    Join Date
    Jan 2011
    Posts
    169
    Thanked
    10 times
    Word. The QR code induced android apocalypse or the funny website series.. the choice is all yours. Lol.

    {{ WugFresh }}

  4. #44
    Android Lurker saikano17's Avatar
    Join Date
    Jan 2011
    Posts
    7
    Quote Originally Posted by WugFresh View Post
    The only way you could get a virus on your android device would be if you actually downloaded a viral apk and then installed it, or similarly, downloaded a malicious script and then ran it from terminal.

    Note that it would have to be either an apk or a script; android doesn't run/support exe files; so any viruses currently in circulation targeting windows (which the majority of them are) do not pose any threat to android users. They would have to be specifically designed to attack the android platform and be packaged in a compatible format (apk), further more YOU would have to be the one to install it, there are no equivalent's to autorun files on android.

    Basically, as long as you avoid third party markets, pirated apk's, texted apks, ect, then your good. For the few apps that you will end up having to download from third party locations, like z4 root for instance, just make sure you trust the source.

    Does that answer your question?

    {{ WugFresh }}
    that was really good answer thanks

  5. #45
    Developer WugFresh's Avatar
    Join Date
    Jan 2011
    Posts
    169
    Thanked
    10 times
    Your welcome. It's turns out however, after Debian schooled me in Unix, that what I said in that post is not entirely true. Most of it is; all the viruses currently targeted towards Windows OS do not/will not pose any threat to us. They will in fact have to be crafted to specifically target android OS and exploit the use of either script commands or viral apks. However, I was incorrect about file extensions, any file can contain script with adb commands and try to execute. Furthermore, scripts can run just by visiting a webpage. And since there are currently no script blockers built into our web browser, then to me it seems we are actually quite exposed to a malicious attack, even without Su permissions a script could still be used for malicious intent.

    Quote Originally Posted by furbearingmammal View Post
    You don't need SU permission to be malicious. Browsing history, contact information, etc. All of these things don't need SU access to read. So, an app with internet permissions could be phoning all your contacts, contact data, location, whatever, to someone with malicious intent.

    This is under the assumption that scripts can run on android without using terminal, which I am still unsure of. Can someone please clarify this. If not, then the only threat would be viral apks or pluggins.


    {{ WugFresh }}

  6. #46
    Rescue Squad Debian Dog's Avatar
    Join Date
    Jan 2011
    Location
    "The Sticks", VA
    Posts
    156
    Thanked
    8 times
    Wug I think you are over thinking this. Yes scripts could be spawed off in the background but they would to be authenticated and on your phone somehow. They would also need to be "called" from somewhere.

    This book is old but it give some very good insight into early Unix security and how people first got around it. Amazon.com: The Cuckoos Egg: Tracking a Spy Through the Maze of Computer Espionage. It is a very good read from a "story" point too.

  7. #47
    Developer WugFresh's Avatar
    Join Date
    Jan 2011
    Posts
    169
    Thanked
    10 times
    Ok. Well that makes way more sense, for a second there you had me thinking Unix defied basic user - computer communication structure. I will check that book out, but I should really be reading textbooks right now... lol. Regardless my QR code theory still holds true, however it would just involve a little more user interaction. Use basic common sense when it comes to downloading and running things, as you would on any machine.

    {{ WugFresh }}

  8. #48
    Android Jr Member Ubermicro13's Avatar
    Join Date
    Jan 2011
    Location
    Massachusetts
    Posts
    33
    Nah I wouldn't bother using an anti virus on any android device. Just make sure you know where your apps are coming from.

  9. #49
    Android Lurker Onyx's Avatar
    Join Date
    Jan 2011
    Posts
    14
    http://phandroid.com/2011/01/20/rese...h-a-usb-cable/

    Saw this and thought it was interesting albeit a bit scary. Unfortunetly, I don't know enough about the inner workings of android to understand how likely something like this is to ever occur on a largescale but its articles like these that always make me second guess playing with my phone too much (although its yet to stop me). Either way I thought it was relevant to the topic at hand.

    Sent from my Droid using Android.net App

  10. #50
    Developer WugFresh's Avatar
    Join Date
    Jan 2011
    Posts
    169
    Thanked
    10 times
    Thank you Onyx for posting that. That's an interesting article which highlights another "potential" security threat, however, I would like to explain to you, what would actually be involved to implement such an exploit for malicious activity. Hopefully, you will see through my explanation that although in fact this could be done, android users are at little to no risk for this actually occurring; furthermore I hope I will be able to dismantle any fears you or anyone else who read that article may have.

    Basically, in order for that to occurr two things would have to happen, both of which are highly unlikely and would be exposed through channels of communication long before it became a real threat.

    1. A developer would have to release a custom ROM with altered drivers for the sole intention of performaning malicious behavior.

    2. A viral apk would have to be preloaded on that ROM and hidden from the user to exploit the specifically altered drivers. This viral apk would have to be engineered to lay dormant until the user attached their device to their computer and begin taking it over.

    Why and how this exploit would actually work and why your computers AntiVirus wouldn't detect it:

    This exploit all has to do with how computers treat peripheral devices. When a user connects any peripheral device to their machine, the computer does not treat it as foreign object, but rather as something it needs to interface with; why? Because you as the user made the executive decision to plug-it-in in the first place. For example, you plug in a wireless mouse; your computer will then try and connect with it, so that you as the user can use it to control the machine. It is assumed that all peripheral devices are plugged in intentionally by the user, that's the whole point of plug and play. If it didn't work this way, then YOU would have to somehow validate that YOU are the one plugging it in, but that's impossible; how could you do that if you have no peripheral devices to interface with the machine in the first place; how could you type in a password to validate that the keyboard you are plugging in was intentional, if you have no keyboard to type it in... lol, Get it? Catch 22.

    So what they are saying in the article you posted is that simply by plugging in your android device via usb, your computer will naturally give your Droid the opportunity to have control over the system just as it would for any other peripheral device. The only difference is, is that your smartphone isn't like any other peripheral device: its not a mouse, or a keyboard, or a printer, or a monitor, what it actually is, is a fully independent miniature computer; and like any computer, it can be controlled via software or remote access. So yes, this is entirely possible, if your smartphone was specifically designed to be a rouge peripheral device in this matter, it could in fact take over your machine.

    HOWEVER

    What are the actual chances of this occurring?

    Slim to none. Why? Because we all know the devs who are making these ROMs for us, they are the same people who are on this forum helping you with all your tech problems. We all know the major players in the custom ROM game. In order for this to happen, one of your favorite devs would either have to suddenly turn evil overnight, or some new unknown dev would suddenly have to come on the scene and release a ROM specifically engineered to conduct this malicious activity. How long do you think it would take for this to be exposed via forums ect. Practically instantly. If some new unknown dev just poped out of thin air and released a ROM, other devs would be skeptical and uncover the shadiness very quickly.

    So in the end, this isn't a new exploit at all, it all comes back to the most fundemental preventative measure to protect against viral infections and attacks:

    ONLY DOWNLOAD AND INSTALL THINGS FROM A TRUSTED SOURCE

    So yes, in addition to being careful about general downloading, such as apks from non-market sources, ect. I guess its safe to say that you also need to be careful about downloading ROMs and trust the devs who are releasing them.

    {{ WugFresh }}
    Last edited by WugFresh; 01-20-2011 at 05:01 PM.

Page 5 of 6 FirstFirst ... 3456 LastLast

Remove Ads

http://www.scramblerducati.org/

Sponsored Links

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Similar Threads

  1. Anti virus/protection?
    By G2 Forum User in forum HTC G2
    Replies: 4
    Last Post: 11-05-2010, 02:35 AM
  2. Replies: 6
    Last Post: 10-31-2010, 02:38 AM

Search tags for this page

do android devices need antivirus protection
,
do android tablets need virus protection
,
do androids need virus protection
,
do i need a virus protection for my tablet
,
do i need antivirus protection for my galaxy tablet?
,
do i need virus protection for android
,
do i need virus protection for my tablet
,

do tablets need virus protection

,
do you need a virus protection for android tablet
,
do you need antivirus for tablets with android system
,
do you need virus protection for a tablet
,
does a tablet need virus protection
,
does android need antivirus
,
virus protection for android operating system
,
why do i need virus protection on my tablet
Click on a term to search our sites for related topics.
Android Forum