Hey guys and gals,
I work in tech security, and we get a lot of people coming in asking about anti-virus on their phone. A lot are people that jailbroke their iPhones, an email or two will go missing, and they start to freak out and run my way. So - I decided to throw together a little thread based off my professional opinion on what if any anti-virus is needed on your Evo.
Ok, so I rooted my phone, wiped it, reset it to a null gmail account, and went to work seeing what mess I could manually transfer over and see what apps were able to stop what. Unrooted, and tried again.
The two most popular anti-virus apps that can be found in the marketplace are what I tested. Here are their results:
Anti-Virus Free:
Light Malware/Virus: It caught some, and let others pass
Medium: It caught 1, and let most pass
Strong*: Caught 1 major, and let SEVERAL rootkits pass. Once it did, I was actually able to manipulate the phone via the app.
Verdict: Do not use this app.
Lookout Mobile Security, FREE:
Light: Caught about 60%
Medium: Caught about 70%
Strong*: Caught about 25%
Verdict: If you're absolutely paranoid about viruses, go ahead and grab this. I wasn't able to do as much with this app as I was with the other. This seems a little better built. But please read on...
Conclusion:
So are anti-virus programs actually needed? I would say at this current time (6/9/2010); No. You do not need anti-virus, as there are very few programs out there that will harm your device. However, don't let that fool you into thinking every app is safe. Follow some of these tips to stay safe, and keep your device running smooth.
1) The best anti-virus out there right now is you. We're all pretty smart and have common sense, just check the app before you download it and try and stick to main-stream apps.
2) Some of the really out there "cool" apps that have very few rating and very few downloads are always kinda fishy to me. If the app says it can launch the Space Shuttle, that's pretty sweet and all, but I would stay clear.
3) DO NOT EVER CONNECT TO OPEN WI-FI HOTSPOTS! Starbucks has some good overpriced coffee, and some BAD internet. It goes in this order of do not connect... Open->WEP->WPA->WPA2. Do not EVER connect to an open wifi hotspot, as I could easily start filtering packets like crazy and just read everything your sending and receiving. It's just a rule, ok? Don't do it...please.
4) Our OS is built off a Linux platform, and as of right now, there are very few viruses out there for Linux (in comparison). So don't lose any sleep over it.
5) Know the Devs you download from. Google has a system in place to block or filter malicious code, but they can't catch 100%. If you think the code is malicious, report the dev.
6) I know our phones are super high powered, and can rule the world and all, but the more stuff you dump on them, the slower they'll get. Yes Android has a great memory allocation, but its still not perfectly efficient (not starting, and please do not start an ATK debate here), so try not to overload too much on apps.
6.5) If you have an app that you NEVER use, delete it! It's not worth having on your device if you're not gonna use it.
7) Root at your own will. Yes rooting opens a bunch a doors and can give you permissions to your phone that otherwise wouldn't be available -- but at the same time it allows those doors to stay open. If you know what you're doing, cool, have at it. But if you're new to root, I would read up on it a bit, and see if you really NEED to root your phone. Personally, I never wireless tether, so there's no real reason. But, that's just me.
8) Check for and install all updates sent out by Sprint/HTC. Root users will yell and scream at you not to, but what most people don't realize is, you gain root access through an exploit. The patch will fix that exploit in the code, and will often times lock out the root users. So, if you're all about rooting, do your thing. If you don't care too much, apply the patches.
I think that's about it, I'll add some more if you guys think of anything fancy. As I said above, this is all opinion, please don't come in here and post you know more than I do (everyone on the Internet does) and say I'm wrong. If you disagree, great, move on to the next thread. This is merely a suggestion for those who aren't sure.
Happy surfing and EVOlution to you guys and gals!
Cheers!
Side Note: There have been discussions by others in the past saying these anti-virus people just steal your data and sell to marketers. Now as for that, I cannot comment. But just so your aware, those allegations have been made. Truth or not, I can't say.
*Testing Note: All tests performed were FAR more extensive than your phone would ever endure. You could almost count the "Strong" section out, as it would be hard to add a blatant, obvious rootkit to the phone, but I left in there for a simple comparison.
I work in tech security, and we get a lot of people coming in asking about anti-virus on their phone. A lot are people that jailbroke their iPhones, an email or two will go missing, and they start to freak out and run my way. So - I decided to throw together a little thread based off my professional opinion on what if any anti-virus is needed on your Evo.
Ok, so I rooted my phone, wiped it, reset it to a null gmail account, and went to work seeing what mess I could manually transfer over and see what apps were able to stop what. Unrooted, and tried again.
The two most popular anti-virus apps that can be found in the marketplace are what I tested. Here are their results:
Anti-Virus Free:
Light Malware/Virus: It caught some, and let others pass
Medium: It caught 1, and let most pass
Strong*: Caught 1 major, and let SEVERAL rootkits pass. Once it did, I was actually able to manipulate the phone via the app.
Verdict: Do not use this app.
Lookout Mobile Security, FREE:
Light: Caught about 60%
Medium: Caught about 70%
Strong*: Caught about 25%
Verdict: If you're absolutely paranoid about viruses, go ahead and grab this. I wasn't able to do as much with this app as I was with the other. This seems a little better built. But please read on...
Conclusion:
So are anti-virus programs actually needed? I would say at this current time (6/9/2010); No. You do not need anti-virus, as there are very few programs out there that will harm your device. However, don't let that fool you into thinking every app is safe. Follow some of these tips to stay safe, and keep your device running smooth.
1) The best anti-virus out there right now is you. We're all pretty smart and have common sense, just check the app before you download it and try and stick to main-stream apps.
2) Some of the really out there "cool" apps that have very few rating and very few downloads are always kinda fishy to me. If the app says it can launch the Space Shuttle, that's pretty sweet and all, but I would stay clear.
3) DO NOT EVER CONNECT TO OPEN WI-FI HOTSPOTS! Starbucks has some good overpriced coffee, and some BAD internet. It goes in this order of do not connect... Open->WEP->WPA->WPA2. Do not EVER connect to an open wifi hotspot, as I could easily start filtering packets like crazy and just read everything your sending and receiving. It's just a rule, ok? Don't do it...please.
4) Our OS is built off a Linux platform, and as of right now, there are very few viruses out there for Linux (in comparison). So don't lose any sleep over it.
5) Know the Devs you download from. Google has a system in place to block or filter malicious code, but they can't catch 100%. If you think the code is malicious, report the dev.
6) I know our phones are super high powered, and can rule the world and all, but the more stuff you dump on them, the slower they'll get. Yes Android has a great memory allocation, but its still not perfectly efficient (not starting, and please do not start an ATK debate here), so try not to overload too much on apps.
6.5) If you have an app that you NEVER use, delete it! It's not worth having on your device if you're not gonna use it.
7) Root at your own will. Yes rooting opens a bunch a doors and can give you permissions to your phone that otherwise wouldn't be available -- but at the same time it allows those doors to stay open. If you know what you're doing, cool, have at it. But if you're new to root, I would read up on it a bit, and see if you really NEED to root your phone. Personally, I never wireless tether, so there's no real reason. But, that's just me.
8) Check for and install all updates sent out by Sprint/HTC. Root users will yell and scream at you not to, but what most people don't realize is, you gain root access through an exploit. The patch will fix that exploit in the code, and will often times lock out the root users. So, if you're all about rooting, do your thing. If you don't care too much, apply the patches.
I think that's about it, I'll add some more if you guys think of anything fancy. As I said above, this is all opinion, please don't come in here and post you know more than I do (everyone on the Internet does) and say I'm wrong. If you disagree, great, move on to the next thread. This is merely a suggestion for those who aren't sure.
Happy surfing and EVOlution to you guys and gals!
Cheers!
Side Note: There have been discussions by others in the past saying these anti-virus people just steal your data and sell to marketers. Now as for that, I cannot comment. But just so your aware, those allegations have been made. Truth or not, I can't say.
*Testing Note: All tests performed were FAR more extensive than your phone would ever endure. You could almost count the "Strong" section out, as it would be hard to add a blatant, obvious rootkit to the phone, but I left in there for a simple comparison.
So read away. But can people access things like my contacts or my SD card from an open wireless network?
