I've seen many threads asking if antivirus is available for the android platform, but I haven't seen this discussed in detail yet, so:
Would you recommend antivirus to the average android user? By average user, I'm talking about someone who does not root their phone or install custom roms or anything that would potentially compromise the security of the OS. The way it seems to me is that it's like an antivirus for the mac: Not a requirement, but suggested to remain safe. Android has about as many viruses as Mac OS X (That means YES, there are viruses for both! A quick google search will confirm this), but considering how long the Android OS has been out and it's recent spike in market share, I would probably recommend it myself. However, the situation is in no way even close to that of Windows, where anyone not using antivirus software is simply asking for trouble.
Of course, not all people keep their phones stock. If you do install custom roms or root your phone, would an antivirus even help? After all, a windows antivirus is only effective as long as it remains up to date and you don't stupidly click on every little advertisement that looks shiny or has that product you suddenly realize you wanted. If you intentionally or even accidentally disable some security feature, you are inviting trouble. However, you also have more control over the phone, and could use that to your advantage. I don't have much experience with this, so I don't have an opinion.
Would a different android version affect your decision? For example, many phones are stuck on android 1.6 due to hardware limitations. How would your recommendation change if the phone in question was on 1.6, or 2.2, or any other version? People still running XP have more problems to deal with than Windows 7. Every new version of the Android OS has more security enhancements, making each one less prone to viruses, but it may also introduce new exploits.
Finally, what do you do? Do you have an antivirus yourself, or do you think yourself safe from what is out there? This is more a discussion than a recommendation for specific people, so I'd like to hear everybody's opinions as long as we play nice. I have an antivirus installed simply because I'd rather be safe than sorry. Would I be able to get a problem fixed if I go through my carrier? Probably. Do I want to go through all that trouble when a simple application can prevent it in the first place? Of course not.
A.Nonymous is right.
Theoretically, viruses can spread in Android, if you have root and grant the virus root privileges. Or (but its not virus, just mallware), if you grant to same application rights to make phone calls and send SMS, read your phonebook and send it over internet. It's like on computer, there are still many people, who are little bit "not smart" and do such things.
It's a little more secure than a computer though because the malware has to flat out state, "I'm going to steal your contact information and send it over the Internet. Is that ok?" Then you have to give the malware the approval to do that. If you do that, you deserve what happens to you IMO.
It's a little more secure than a computer though because the malware has to flat out state, "I'm going to steal your contact information and send it over the Internet. Is that ok?" Then you have to give the malware the approval to do that. If you do that, you deserve what happens to you IMO.
Which brings up the question of how do these antivirus programs even work? If you've granted those rights to a program, how and why would the AV stop it? Seems like a good way to break the functionality of an app... Maybe they just operate off a blacklist of scam programs to protect people who don't research apps from themselves?
Which brings up the question of how do these antivirus programs even work? If you've granted those rights to a program, how and why would the AV stop it? Seems like a good way to break the functionality of an app... Maybe they just operate off a blacklist of scam programs to protect people who don't research apps from themselves?
I'm not sure how they would work. They could kill the app, but Android would just re-spawn it so you'd have that battery suck going on in the background. They couldn't firewall it without root access and I'd be reluctant to grant an anti-virus app root privileges. They couldn't just uninstall the app for the same reason. I have no idea what means they would use to warn you or stop the app from running.
I'm not sure how they would work. They could kill the app, but Android would just re-spawn it so you'd have that battery suck going on in the background. They couldn't firewall it without root access and I'd be reluctant to grant an anti-virus app root privileges. They couldn't just uninstall the app for the same reason. I have no idea what means they would use to warn you or stop the app from running.
I believe they have a blacklist of apps that are known to be malicious and warn users against them. Needless to say it doesn't do much, but it is something, and it prevents the average user from stupidly giving the wrong program access to sensitive information. Agreed, they aren't very useful if you are smart enough to know what you are installing, and certainly not worth paying for at all.
Scan whole device and identify and remove viruses with a simple click
Automatic scans can be run weekly, daily, or on demand
Check apps for malware before downloading from app stores
Check website content, emails, and SMS for malware before downloading to device
Theft protection
Locate lost or stolen device using GPS
Create and display message on screen remotely
Lock device and wipe content
Manage applications remotely
SMS Spam Protection
Basic protection from SMS Spammers
TBH this was one of the first things I looked for when I got my Desire about a month ago, but after reading the above comments maybe I am just being paranoid, but thinking about it I have had winmo devices for years now and never had a virus once .............. so i would have thougt android to be more secure
Scan whole device and identify and remove viruses with a simple click
What virus? There's no such thing as an android virus (yet)
Automatic scans can be run weekly, daily, or on demand
Check apps for malware before downloading from app stores
Again, no such thing as a malware in apps. Android applications are self-contained. They can do things that the developer does that state on the store page (like sending off your personal information to 3rd parties), but they do not install hidden application on your phone.
Check website content, emails, and SMS for malware before downloading to device
There has yet to be a single case where someone downloaded a malicious application off the internet without knowing it. Theft protection
Locate lost or stolen device using GPS
Won't help if the thief decide to wipe your phone. And there are other apps dedicated to tracking phones.
Create and display message on screen remotely
How's that going to help? So you can swear at the thief?
Lock device and wipe content
Unless if you are the CEO of some large companies, no one will be interested in your messages.
Manage applications remotely
Not sure what they mean by this. But it sounds equally useless. SMS Spam Protection
Device(s): ASUS Transformer TF101
Evo Shift 4G
Epic 4G
Thanks: 1,169
Thanked 1,497 Times in 840 Posts
I like using Lookout, but not for the anti-virus features.
For 2.99 a month you get remote lock / remote wipe, plus the privacy advisor is pretty neato. Warns you of apps that have suspicious permissions should you have installed them without looking.
Plus being able to locate my phone from afar is pretty cool too.
Perhpas I simply don't understand things correctly, but if there truly cannot be viruses on android due to lack of root access, why haven't they done the same thing on desktop OSs such as Windows? I know they went with the whole asking the user if he/she wants things installed on Windows Vista/7. What I don't understand is how viruses get through at all then? Seems to me the same would apply to android, no? Is this just a case of people not having written the viruses for Android or is it truly immune?
__________________
"A dog is the only thing on earth that loves you more than you love yourself" - Josh Billings
Last edited by lordofthereef; December 23rd, 2010 at 08:48 PM.
Device(s): Evo 3D & 4G, Epic Touch, Epic 4G slide, Captivate. (Moment, LG Optimus S, Vibrant)
Thanks: 483
Thanked 464 Times in 338 Posts
Because prior to Windows 7 / Vista, all users had admin rights pretty much. So you could easily infect Windows machines. Android runs on linux, which is much more secure, all apps are sandboxed from each other, and root access is something that has to be explicitly given, not just granted. That makes it a lot more secure and harder to infect.
While I respect the senior people on this forum, I am gravely concerned when people make a blanket comment that viruses, trojans, and other hacking tools cannot "infect" android phones since it is not impossible to create these for any OS. And, while Lord Doom may be correct that he or she has never had a machine or device infected with a virus, I can say that, in my experience, there are people that are unaware of cases where they have had their devices infected when the code is written well.
A virus can be written to attack close to the metal so no OS is completely safe.
It's interesting how in a few months time, the android community went from "android doesn't need antivirus" to "what's the best AV to install on my android phone".
The problem is that the AV apps out there cause more problems than not. You always have to rationally weigh the risk of infection versus the costs of loading the AV app. At this point it is an easy decision. Not worth it.
__________________
Sprint wants me to make this absolutely clear: “The postings on this site are my own and do not necessarily represent the positions, strategies or opinions of Sprint.”
I work for Sprint, I do not represent them on this forum!
The problem is that the AV apps out there cause more problems than not. You always have to rationally weigh the risk of infection versus the costs of loading the AV app. At this point it is an easy decision. Not worth it.
Based on what? Have you actually used one and had issues with it or are you just repeating what others have said? I am now using lookout. It hasn't caused me any problems. It only scans when you download a new app, when you schedule it to run, or when you run a scan manually.
Outside of that, it just sits idle like any other app or widget.
Look at the screenshot, see how far down on the list lookout is with regard to how much cpu it's using.
The Following User Says Thank You to pool_shark For This Useful Post:
I think there are two questions people confuse here
1) Q: is Android secure?
A: In my opinion, yes, reasonably so and it's in the same ballpark as any other consumer OS including BB/WP7/iOS as well as the desktop OSes.
2) Is AV the needed/helpful?
A: Generally not. But if the user really doesn't want to know about how the digital world works, it may have a use.
But the real lasting solution is not AV. We dont buy sofware for people who are unwilling to learn how to drive, we dont buy software for people who are unwilling to vote.
There are some things society, especially geeks, need to push a bit harder on regular folks about.
And one of those is developing good security habits, and a good eye for scams.
The other, more technical part of the solution is to cut the damn telcos and hardware manufacturers out of the update process. These recent vulnerabilities were NOT caught by the AV companies but were already patched by Google for 2.2.2 Froyo and 2.3.3 Gingerbread.
So anyone who is running McAffee or Lookout or whatever, would not have been any safer than those that didn't.
So what can we do?
Don't buy locked phones from the manufacterurs and dont buy locked down phones on contract from the telcos. You arent saving any money anyways.
Buy vanila Android phones, or phones you can root and replace the ROM on. Those people running custom version of Gingerbread didnt get this virus because they were updated. Really the blame lies squarely with the telcos and manufacturers that lock the phones and are bad at updates (especially Sony, Moto and Samsung).
I think there are two questions people confuse here
1) Q: is Android secure?
A: In my opinion, yes, reasonably so and it's in the same ballpark as any other consumer OS including BB/WP7/iOS as well as the desktop OSes.
2) Is AV the needed/helpful?
A: Generally not. But if the user really doesn't want to know about how the digital world works, it may have a use.
But the real lasting solution is not AV. We dont buy sofware for people who are unwilling to learn how to drive, we dont buy software for people who are unwilling to vote.
There are some things society, especially geeks, need to push a bit harder on regular folks about.
And one of those is developing good security habits, and a good eye for scams.
The other, more technical part of the solution is to cut the damn telcos and hardware manufacturers out of the update process. These recent vulnerabilities were NOT caught by the AV companies but were already patched by Google for 2.2.2 Froyo and 2.3.3 Gingerbread.
So anyone who is running McAffee or Lookout or whatever, would not have been any safer than those that didn't.
So what can we do?
Don't buy locked phones from the manufacterurs and dont buy locked down phones on contract from the telcos. You arent saving any money anyways.
Buy vanila Android phones, or phones you can root and replace the ROM on. Those people running custom version of Gingerbread didnt get this virus because they were updated. Really the blame lies squarely with the telcos and manufacturers that lock the phones and are bad at updates (especially Sony, Moto and Samsung).
That is not a true statement. Lookout security did in fact catch the spider man app as malicious according to an article I read yesterday.
The author stated he had that app and lookout warned him about it.
Google stated that if those apps caused any damage to your device, that they can remove the apps remotely but they cannot do anything about the damage already done by those apps.
Google needs to start scanning the apps before they allow them to hit their market.
That is not a true statement. Lookout security did in fact catch the spider man app as malicious according to an article I read yesterday.
The author stated he had that app and lookout warned him about it.
Google stated that if those apps caused any damage to your device, that they can remove the apps remotely but they cannot do anything about the damage already done by those apps.
Google needs to start scanning the apps before they allow them to hit their market.
Sorry, I think that's incorrect -- would love a link to the article though.
Lookout updated their software after the discovery, which was made by some guy on reddit.
I don't begudge you the use of Lookout, they are very smart guys that know a ton about Android security, and their software has other nice features -- but AV is inherrently reactionary wherin lies the problem.
If lookout really had detected this, they would have gone on a PR blitz to show how needed their software is.
I don't begudge you the use of Lookout, they are very smart guys that know a ton about Android security, and their software has other nice features -- but AV is inherrently reactionary wherin lies the problem.
If lookout really had detected this, they would have gone on a PR blitz to show how needed their software is.
"Put a malware and antivirus scanner on your phone. Although many people still think that antivirus scanners on phones are useless, maybe outbreaks such as this one will change minds. Several different big-name security companies already offer mobile-security options, many of them free. I myself had downloaded "Spider Man," which is on a bad-apps list. My Lookout software identified it as a Trojan horse."
BTW Google pulled the apps on March 1st. The last update to lookout was February 24th.
Last edited by pool_shark; March 5th, 2011 at 07:22 PM.
apparently they're all fixed with a factory reset and I do them quite often to install ROMs. Does anyone know if Titanium backs up malware with system settings? that could be bad :/
"Put a malware and antivirus scanner on your phone. Although many people still think that antivirus scanners on phones are useless, maybe outbreaks such as this one will change minds. Several different big-name security companies already offer mobile-security options, many of them free. I myself had downloaded "Spider Man," which is on a bad-apps list. My Lookout software identified it as a Trojan horse."
BTW Google pulled the apps on March 1st. The last update to lookout was February 24th.
That article doesnt say when it identified the spiderman app. And that article was clearly written after the 50 apps were pulled (seeing as they have the list).
March 1
... Update: We’ve deployed an over-the-air update that protects Lookout users from all known instances of DroidDream.
They themselves say they deployed the update after the fact. And I'm quite sure they update their malware definitions over the internet, not through the market. So whatever date the app was last updated is irrelevant.
The PCWorld (written March 2) article says it too
Quote:
Lookout has issued an update to its mobile security software.
But like I said, they do have some useful features, and they know what they are doing, but this was a clear and obvious case of how "AV companies vs virus writers" is, and always will be, an arms race that puts the AV companies on the defensive -- always trying to react. This is true in any computer OS.
And any proactive steps AV companies take can potentially cause serious damage to computers (McAffee and AVG both had horrible update disaters breaking thousands of computers in the last year or two).
So over the years these companies have kind of evolved into scare-mongering PR machines. They know they can't really offer complete protection, and they might even break your device themselves, so instead they post a lot of news and blog stories to try and get people to buy their software. I think this is why a lot of support and computer professionals hate them with such fervor.
Still, I really think that if you like the features it gives you, there is nothing wrong with using Lookout. IMO it's pretty decent software.
PCWorld, on the other hand, is the WORST, most sensationalist, and technically incompitent, tripe-laden blogspam -- you should definitely avoid at all costs
The Following User Says Thank You to alostpacket For This Useful Post:
2) Is AV the needed/helpful?
A: Generally not. But if the user really doesn't want to know about how the digital world works, it may have a use.
But the real lasting solution is not AV. We dont buy sofware for people who are unwilling to learn how to drive, we dont buy software for people who are unwilling to vote.
I don't think anyone is implying AV is a cure all for software security. The point of AV is to provide a level of protection against threats. It won't detect or stop every malware that's out there (especially new ones), but at the very least it will give people a safety net for the threats that are known.
Quote:
There are some things society, especially geeks, need to push a bit harder on regular folks about.
And one of those is developing good security habits, and a good eye for scams.
I'm all for people developing good security habits. It's very important. But we shouldn't just rely on that. We are all human. Chances are we're going slip up and make mistakes. So it's important to employ multiple levels of security.
An analogy to this will be like securing a house in a bad neighborhood. It's not enough to just have good habits like remember to locks all doors and windows before you go out. It may be useful to have other measures like motion sensing alarms or guard dog etc. Having good security is about have multiple levels of protection. Using AV is one. They are there to help. It's not going to save you from everything, but at least it help guard you from some.
Quote:
Really the blame lies squarely with the telcos and manufacturers that lock the phones and are bad at updates (especially Sony, Moto and Samsung).
That's a little unfair. The slow updates is partly to blame. But you can't let google off the hook either. If they knew about this exploit since froyo 2.2.2, they could of have been more diligent in their approval of these apps and prevent them from the entering the market in the first place.
Also you have to keep in mind, not all phones that are out now can run froyo effectively. So some phones will be vulnerable regardless if the updates are available.
Anyways, AV is here to stay whether you like it or think it's necessary. It a few years time, we're all going to be using AV on our phones just like we do on our computers.
Last edited by dylo22; March 6th, 2011 at 12:08 AM.
Ah, but he provides logical evidence for his position.
Just as the other poster assumes the Author of the article found it afterward, where is you smart ass remark to him?
Not to mention where is your proof that the AV software causes problems?
I'm running AV software with no problems and provided proof that it isn't using any CPU on my device.
You're providing nothing but empty words with attitude.
Just as the other poster assumes the Author of the article found it afterward, where is you smart ass remark to him?
Not to mention where is your proof that the AV software causes problems?
I'm running AV software with no problems and provided proof that it isn't using any CPU on my device.
You're providing nothing but empty words with attitude.
when I had Advanced Task Manager, things seemed to FC a lot including itself, but I'm not sure that was the reason
when I had Advanced Task Manager, things seemed to FC a lot including itself, but I'm not sure that was the reason
Task killer and lookout are not the same app.
I've never used task killer, does it also have an AV?
I've been getting random reboots since installing better keyboard, but I really like the keyboard.
Not to mention where is your proof that the AV software causes problems?
I'm running AV software with no problems and provided proof that it isn't using any CPU on my device.
Unlike your anecdotal "proof", my evidence is from my extensive experience supporting Android phones. Just because YOUR phone is okay with it does not mean that the app is not causing significant issues with others' phones.
Hope you don't think that this reply is smartass as well just because you disagree with it.
Just as the other poster assumes the Author of the article found it afterward, where is you smart ass remark to him?
Not to mention where is your proof that the AV software causes problems?
I'm running AV software with no problems and provided proof that it isn't using any CPU on my device.
You're providing nothing but empty words with attitude.
Lookout said they updated their software afterwards, I've posted this fact (with the links showing where you can read it on their blog) twice now, I'm not sure why you don't accept that as proof. They said they had pushed the update on March 1 and your article where the guy mentions that lookout found it (but he doesnt mention when) was published on March 2.
I feel like I just told you this guy confessed to a crime and you're telling me he couldn't have done it because his mom had seen him at some point in the last week.
Saying that I'm making assumptions about your evidence is an example of a negative assertion/burden of proof fallacy. All I have to prove, is that your evidence doesn't show proof.
My evidence was that lookout said they updated after. Your evidence was inconclusive, and hence proves nothing.
If lookout had caught these apps beforehand they would have been all over promoting that fact about themselves.
Anyways, I dont really know what else to say.
Was kinda hilarious this guy had downloaded "spiderman" though and it's on a "bad-apps list" whatever that means. The technical incompetence of I.W. never ceases to amaze me.
Anyways, you seem like a nice dude, so don't take any of this too personally. I dig these good-spirited dicussions/disagreements on the forums.
Lookout said they updated their software afterwards, I've posted this fact (with the links showing where you can read it on their blog) twice now, I'm not sure why you don't accept that as proof. They said they had pushed the update on March 1 and your article where the guy mentions that lookout found it (but he doesnt mention when) was published on March 2.
I feel like I just told you this guy confessed to a crime and you're telling me he couldn't have done it because his mom had seen him at some point in the last week.
Saying that I'm making assumptions about your evidence is an example of a negative assertion/burden of proof fallacy. All I have to prove, is that your evidence doesn't show proof.
My evidence was that lookout said they updated after. Your evidence was inconclusive, and hence proves nothing.
If lookout had caught these apps beforehand they would have been all over promoting that fact about themselves.
Anyways, I dont really know what else to say.
Was kinda hilarious this guy had downloaded "spiderman" though and it's on a "bad-apps list" whatever that means. The technical incompetence of I.W. never ceases to amaze me.
Anyways, you seem like a nice dude, so don't take any of this too personally. I dig these good-spirited dicussions/disagreements on the forums.
Even if they updated their software after does not prove that their software didn't catch something within the app before hand. What you're using as proof is circumstantial.
The software didn't have to catch every single one of the bad apps, it could have only caught that one and it could have just been one particular thing in it.
No the guy in the article doesn't say when he downloaded spider man or when lookout detected it, but you're assuming that it wasn't until the app was updated as if there is only one thing inside that could or couldn't be detected.
I just asked the guy what date he downloaded the spider man app and what date lookout detected it as a trojan. If he responds I'll let you know what he says.
Last edited by pool_shark; March 8th, 2011 at 08:01 AM.
So really if root the phone how do you know if the ROM packages dont have maleware or some kinda of tracking software hidden to gain your Credit Card numbers, your location, or maybe turn on cam and spy on you.
I would rather wait for manufactors update and have to deal with such stuff.
So really not safe to root or unlock anything since mobile phone are gps units,phone,small factor Computer in which anybody can tap in to your Droid, and to would rather have full blown linux on smartphone then Droid.
So really if root the phone how do you know if the ROM packages dont have maleware or some kinda of tracking software hidden to gain your Credit Card numbers, your location, or maybe turn on cam and spy on you.
I don't know about other roms, but the Cyanogen roms are fully open source, so you can inspect the code yourself.
For android, I would say no, not at this time. However, it would be nice if the AV's dectected both Android malware and Windows Malware, since I use my phone as a storage device for my Windows machines. The only two that I have tried are Dr.Webs and AVG's, both seem to run fine.
Android Antivirus: Is it really necessary?
