• After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.

[OFFICIAL] Huawei Ascend Security Thread

Reposiric

Newbie
Feb 28, 2011
19
5
Hyrule
I have a new question. does anyone know if virus protection would be unneeded if ruining on icarus? I ask this because with computers, viruses have to be written to work in a particular operating system, likewith windows. Since windows is the most popular, most all viruses are written for that. But if you use linux, you can't really get viruses because not many are written for it. Would this be the same concept with icarus? I have the Lookout virus and malware protection on my phone.
 
At this point the main thing with Android is malware and Trojans and Lookout (as you installed) or ES Security Manager should be sufficient for those.

Here's my personal advice on the matter -

I think the takeaway is that malware is a problem anywhere.

Viruses are a class of that self-replicate.

This is a Trojan - it appears to be one thing, but it's another.

The distinction isn't philosophical or minor. Viruses are theoretically possible for any OS, but better *nix systems tend to be hardened against them by design.

Trojans are another matter. The reason that understanding the differences in these malware classes is of vital importance comes down to your first line of defense - user awareness.

That means recognizing that it can happen and what steps you can take to prevent it. Because these aren't self-replicating, their infection vector is the user granting permission.

What can you do?


  1. Scruntinize the permissions of any app before installation.
  2. Always Google for any app name before download, but add this term to your search: +malware
  3. Always check the source of the company or website providing the app. In the Market, the dev's website is given - google for this term: whois www.dev-site-name.whatever - and look at the ownership or the source.
  4. Consider rooting and installing DroidWall, the Android firewall. You know from Windows experience that firewalls aren't a lot - but sometimes they can make all of the difference. Don't allow outside requests in and scrutinize outgoing traffic.
  5. Install ad blocker.
  6. Ask in this forum if anyone's heard of the app and if they report positively. Ask if they've experienced any odd behavior, such as battery use or network lags since installing an app that you've never heard of and can't find in the press.
  7. Deny application permission to track your location.
  8. Deny your web browser the ability to store your passwords.
  9. Never download an app from the internet - especially one you trust but think you're getting to save a buck. It can contain a payload as a reward for your greed at attempting to thwart copyrights and a righteous dev. This happens to be the popular infection vector for this particular Trojan, per Rob's post.
  10. Never accept anything from the internet that you didn't initiate. This includes turning off your web popups and never opening attachments without knowing their content ahead of time, even if emailed from friends.

That's my Top Ten list for safety on any system.

As for Linux viruses - see Frisco's Most Informative Post here - http://androidforums.com/android-lounge/279174-can-android-get-viruses.html#post2290548

Apps run one of two ways in Android:

- Java (this is the normal way) - so everything like that gets contained within the Dalvik engine

- Native C++ (this is new) - very few apps are in this category, and those would be potential virus vectors. Things like this include mainstream browsers at this point, so I'm not sweating this class of apps just yet.

(sorry for the wall of text, but staff typically finds that security and user protection is never too far off-topic in update or app discussions)
 
Upvote 0
You may want to GOOGLE the recent malware/spyware called DROID DREAM & read a few articles to make an informed decision.LOOKOUT'S website www.mylookout.com has an article on the DROID DREAM malware as well,as does XDA DEVELOPERS.All of the mentioned above have a system cleaner available to detect malware associated w/DROID DREAM.


*Thank you EARLY MON for the wealth of info you provided on the subject,you brought up a lot of practices that we all pretty much know that we should be following,but,in reality,we could use a friendly reminder from time to time.Going to install the DROID WALL as soon as I'm done posting here.Putting your recommendations in the 'STICKY' @ the front of this forum would be welcome by most everyone here.HINT,HINT,JAZZIETTE, WHERE ARE YOU?! ;):)
 
Upvote 0
  • Like
Reactions: KOLIO
Upvote 0
  • Like
Reactions: KOLIO
Upvote 0
  • Like
Reactions: EarlyMon and KOLIO
Upvote 0
Warning - geek alert - get the popcorn and your comfy shoes...

Part 1 - scans

I use ES Security Manager and I do a manual scan after every app update or download, and then just when I'm bored waiting for the TV or whatever, and scan a) just to see if all is still well, and b) because I can.

I still don't think virus protection per se is anything more than a growth industry for Android - so I don't waste my battery running that.

I've nothing against Lookout, but I've not used it - I have used ES products (check out their file browser - I prefer it to Astro in many ways) and know and like them.

Part 2 - Droid Wall

OK - I use Droid Wall to keep things from chatting on the net where I see they have no need - this includes my soundwalls, beepers, coin flippers and other fun time-wasters, for example.

Here's the deal with Droid Wall - in the incarnation of Linux that Android is based on, everything - meaning everything - going thru network ops goes through what we call the iptables.

And those iptables can be neatly clamped and controlled. So - this doesn't really add anything to speak of in the way of overhead, and it's not a bolt-on that changes the OS behavior. So, that's why Droid Wall just gets it and you might want it.

Part 3 - AdFree

Same deal on AdFree - https://market.android.com/details?id=com.bigtincan.android.adfree

That one is terribly clever. Probably you've all heard of DNS - domain name services - that the thing that lets your phone or computer just point at one computer that magically seems to know how to decode names into addresses. That came from Berkeley unix. Once upon a time, we kept manual tables of known host names for our unix networks and the table mapping IP address-to-name was stored in a plain text file called /etc/hosts - and that started on the predecessor of the Internet - (D)ARPANET. And it was a pain to add a new machine to a network of 80~150 computers because each one needed its /etc/hosts file updated (and yes, we really did used to do that). So the Berkeley Internet Name Domain (BIND) software was born - and that's still the #1 DNS lookup software today.

SO - what's my freaking point? :D

Point is - on a Linux machine, before it goes elsewhere to look up any network name, it first runs home to Momma and asks what's in /etc/hosts because Momma knows best and let's trust look-ups in /etc/hosts - it's a game of Mother May I? - and that all plays well because that was the original Berkeley design, before Linux was ever conceived.

And AdFree creates entries in your phone's /etc/hosts for all the bad ad sites - and when a request for one of them occurs, the system sends back Mother said you may not.

And while not all ad sites are malware sites - many malware sites end up in that AdFree database.

So - all AdFree really does is give you an updated /etc/hosts file and a mechanism via the Market to keep that file automagically updated.

And like Droid Walls - it's exploiting existing known processes inside your phone, and isn't some kind of battery-sucking add-on.

Part 4 - Anti-virus

When an actual Android virus really hits, you'll see it on Phandroid.com - we care about that sort of thing around here.

Everyone should do as they feel best - but for my part, I'm not going to add on a virus checker unless and until it's established that it's a real threat for us.

~~~~~~

FWIW - I helped edit the second edition of the first Linux security guide, had the testbed where all of the security scripts were validated (by me) and used (by my business) as that book was written by a friend of mine. And I've done kernel dev for Mach, Berkeley and Linux and have written a little bit of network code in my time.

So - I'd submit that at least more than half of what I'm saying is pretty much The Truth. ;)

Hope this helps and clarifies.

(Let me know if you guys want to start a security thread and have it added as a reference to the sticky - does anyone want such a thing? I can never tell...)
 
Upvote 0
Warning - geek alert - get the popcorn and your comfy shoes...

Part 1 - scans

I use ES Security Manager and I do a manual scan after every app update or download, and then just when I'm bored waiting for the TV or whatever, and scan a) just to see if all is still well, and b) because I can.

I still don't think virus protection per se is anything more than a growth industry for Android - so I don't waste my battery running that.)

A Virus scanner and the Security Manager scan? What is the difference in it's function? My Virus scanner comes up after all new downloads and updates as well. From what I'd read the ES Security Manager is semi-functional as a sort of Virus/Malware protection. Isn't that similar to a Virus/Malware app? Sorry, I'm just curious. ^^.
 
Upvote 0
A Virus scanner and the Security Manager scan? What is the difference in it's function? My Virus scanner comes up after all new downloads and updates as well. From what I'd read the ES Security Manager is semi-functional as a sort of Virus/Malware protection. Isn't that similar to a Virus/Malware app? Sorry, I'm just curious. ^^.

So far as I know ES Security Manager doesn't scan for viruses but is apparently claiming effectiveness at scanning for other malware.

The security software gang ping-pongs users into confusion but I say security awareness is your friend and your #1 line of defense.

So -


  • The word for ache in French is mal, so bad software that makes you ache is malware.
  • A virus is malware that grows and self-replicates - just like a real-world, biological virus.
    • Sometimes growth alone is the whole idea, spawning copies until your machine and your friends' machines are all bogged down. In this case, the goal is to fail your machine.
    • Sometimes that growth is a smokescreen to install a nastier payload - just like a biological virus, a computer virus can weaken a system so secondary infections are possible. In this case, the goal is to weaken your machine and compromise your data.
  • A Trojan is malware that claims to be one thing, but it's goal - like the soldiers in the Trojan Horse - is to secretly sneak in with your apparent permission and wreck havoc. The goal is to typically compromise your data.
  • A worm is can be part of a Trojan or part of a virus payload - it's goal is to fail your machine by eating through pieces of critical operations, much like a worm eats out an apple.
  • Spyware is malware specifically targeted to compromise your data. Like a worm, this can be part of the payload for a virus or a Trojan.

So - popular virus scanners for PCs have grown up to include scanning and protection for all of these various threat classes.

But - in the mobile world, the app makers seem to be using the narrow definitions of these terms - so in my opinion - it's important to know these classes so you know what your software is capable of scanning for.

It's ok to think of it this way - viruses are most the most aggressive, so virus scanners have to be the most aggressive.

Some of them in the Android world are only protecting against really simple threats - like the ability for something to send SMS messages behind your back. And some of them that claim to be security blockers do nothing more than the Mickey Mouse of just blocking unwanted or unknown phone numbers from ringing or texting you (by itself, that's ok, but let's not call that malware protection like they claim to do).

Did I make sense there? Too simple or too obtuse? Some days I can't honestly tell, and this is one of them. :p
 
Upvote 0
android have built-in Firewall? like alls windows operating system have built-in firewall.

Yes, Android, being Linux, does indeed have a built-in firewall.

And just like with Windows - you need Adminstrator privileges to turn it on and configure it.

To get Administrator privileges in Android, you need to root your phone. We call it root because that is the name of the admin user account under Android (Linux/unix).

Once you are rooted (have root access) then you install the free Droid Wall app from the Market so you can turn the firewall on and configure it.
 
Upvote 0
I thought so myself. That's why I tended to opt for a Virus scanner. I know that that most higher security programs include a lot of lower features like malware scanning, Etc. Though I did not know if this applied to the Android world. As you'd said, Most PC Virus scanning programs have grown to include many other tools. I suppose I'd kind of taken that knowledge with me to the Android world but, Wasn't quite sure if that was a good idea.

I know generally what and how each category works, What I was so completely unsure of is how that applies to the Android world. I have never used Linux, Therefore don't know it's vulnerabilities. I have really only worked with Windows based electronics.
I suppose I need to look into the Virus program I have on here and really find out what it actually includes. I am going to also look into the droidwall as you'd said. Thank you very much!

OH so Droidwall is actually a program that works with the integrated firewall feature in the phone? Does it add anything? Is there any other way to access this feature or do you need the third party app?
 
  • Like
Reactions: EarlyMon
Upvote 0
OH so Droidwall is actually a program that works with the integrated firewall feature in the phone? Does it add anything? Is there any other way to access this feature or do you need the third party app?

If you know Linux sufficiently, you can use adb and manage your iptables by hand.

With Droid Wall, you don't have to know how to do that - just fill in the form, it's way simple.

Droid Wall is to your iptables as ROM Manager is to Clockwork Mod Recovery - you _can_ do it by hand - but why bother?

Droid Wall is not the firewall - it's just a handy firewall (iptables) configuration editor that _anybody_ can use, no Linux-monkey skills needed.

Freely post here or PM me any post-links I missed from anywhere around the Ascend forum that you'd like to have moved here.
 
Upvote 0
I have a new question. does anyone know if virus protection would be unneeded if ruining on icarus? I ask this because with computers, viruses have to be written to work in a particular operating system, likewith windows. Since windows is the most popular, most all viruses are written for that. But if you use linux, you can't really get viruses because not many are written for it. Would this be the same concept with icarus? I have the Lookout virus and malware protection on my phone.
I am actually curious about this too because Icarus was based on 2.1. So does that mean it's only got slight adaptations to the original OS? If so, That means when it comes to the basics, Icarus and 2.1 are the same right? Hmm...
 
Upvote 0
Unlike Windows, Linix machines (read: Android) can have various things shuffled around under the hood and new creations result.

With desktop Linux, we call that a distribution - with Android we call it a rom.

Just like you can have mandolin duck with more rice or with more noodles it's still mandolin duck with rice and noodles -

- so - ICARUS still basic Android. If it's based on 2.1, then it IS 2.1.
 
  • Like
Reactions: septembersrain
Upvote 0
Unlike Windows, Linix machines (read: Android) can have various things shuffled around under the hood and new creations result.

With desktop Linux, we call that a distribution - with Android we call it a rom.

Just like you can have mandolin duck with more rice or with more noodles it's still mandolin duck with rice and noodles -

- so - ICARUS still basic Android. If it's based on 2.1, then it IS 2.1.
So then basically all the security you'd set up on the stock 2.1, Should be repeated on Icarus. Thanks!
 
  • Like
Reactions: EarlyMon
Upvote 0
In my opinion you do need Virus Protection. Google has just pulled 58 malicious apps that were in the Offial Android Market. Some of them were just legit like apps such a stop watch and timer. I'm sorry Google but thats just sad that they were in your Market. Its a disgrace. I hope Android doesn't become the next Windows. Google saw what happened to Microsoft and now this happens. Absolutely unacceptable.
 
  • Like
Reactions: EarlyMon
Upvote 0
I'm not expert on Windows security.

Seems if that community were doing things right they're be a lot fewer viruses and issues in the first place.

As for brands - better to look for someone with the right Linux experience in the first place, and AVG is one of those. I personally like ClamAV but maybe it's just the name. :)

Here's a few to know about already getting it for Linux - The 4 Best Free Linux Anti-Virus Programs

To be honest, I often wonder if half of the viruses out there didn't come from the anti-virus companies in the first place. Yeah - I get flamed for that.

Meanwhile - Symantec Employee Caught Astroturfing GAS
 
Upvote 0
I'm not expert on Windows security.

Seems if that community were doing things right they're be a lot fewer viruses and issues in the first place.

As for brands - better to look for someone with the right Linux experience in the first place, and AVG is one of those. I personally like ClamAV but maybe it's just the name. :)

Here's a few to know about already getting it for Linux - The 4 Best Free Linux Anti-Virus Programs

To be honest, I often wonder if half of the viruses out there didn't come from the anti-virus companies in the first place. Yeah - I get flamed for that.

Meanwhile - Symantec Employee Caught Astroturfing GAS
I remove malware/viruses from Windows computers (Freelance until I'm done with college). I really think that no matter how much security you put on something, There will always be people willing and able to hack through them. You've got that news story of a hacker who was able to get into Wallstreet. It's crazy but, With technology there is no level of "Safe". People will always try to find ways to override what should be the "Rules".

Also, I believe it to be true what you said about some companies creating viruses. Did you know that it's rumored over half of the malware created and made behind a fake company is in fact funded by a legitimate one? I once looked into a script that had been saved of a "Antivirus 2010" malware log. It literally had a website domain address of a commonly known company by the name of Norton. Of course that's not exactly proof, But it's awful weird considering that the domain address was where the malware had been originally SENT from. Wish I had still had this, The computer it was on finally died. It was 5 years old and and I knew it was coming. It had smart failure predicted for like almost a year and half! XD

P.S I like the name ClamAv too. *Laughs*
 
  • Like
Reactions: EarlyMon
Upvote 0
I would like to give an extra thanks to EarlyMon for sharing all this great information. Who knew we had one of the godfathers of linux right here? I have installed the 3 apps you have recommended here, and my phone has been running smoother. I know these are not exactly performance apps, but maybe without all of my apps fighting over my network connection, it is freeing up some processing power. Also, web pages load faster without so many ads. I'm sure a lot of people in the android community look down at our little phones as kind of a joke, but you have been really cool about sharing your knowledge with us mostly first time android owners. Thanks again!
 
Upvote 0

BEST TECH IN 2023

We've been tracking upcoming products and ranking the best tech since 2007. Thanks for trusting our opinion: we get rewarded through affiliate links that earn us a commission and we invite you to learn more about us.

Smartphones