[OFFICIAL] Huawei Ascend Security ThreadTips

Last Updated:

  1. Reposiric

    Reposiric Member

    I have a new question. does anyone know if virus protection would be unneeded if ruining on icarus? I ask this because with computers, viruses have to be written to work in a particular operating system, likewith windows. Since windows is the most popular, most all viruses are written for that. But if you use linux, you can't really get viruses because not many are written for it. Would this be the same concept with icarus? I have the Lookout virus and malware protection on my phone.

  2. EarlyMon

    EarlyMon The PearlyMon Moderator

    At this point the main thing with Android is malware and Trojans and Lookout (as you installed) or ES Security Manager should be sufficient for those.

    Here's my personal advice on the matter -

    As for Linux viruses - see Frisco's Most Informative Post here - http://androidforums.com/android-lounge/279174-can-android-get-viruses.html#post2290548

    Apps run one of two ways in Android:

    - Java (this is the normal way) - so everything like that gets contained within the Dalvik engine

    - Native C++ (this is new) - very few apps are in this category, and those would be potential virus vectors. Things like this include mainstream browsers at this point, so I'm not sweating this class of apps just yet.

    (sorry for the wall of text, but staff typically finds that security and user protection is never too far off-topic in update or app discussions)
    reddogkgb, xblabberx, Scur and 6 others like this.
  3. KOLIO

    KOLIO Guides Guide

    You may want to GOOGLE the recent malware/spyware called DROID DREAM & read a few articles to make an informed decision.LOOKOUT'S website www.mylookout.com has an article on the DROID DREAM malware as well,as does XDA DEVELOPERS.All of the mentioned above have a system cleaner available to detect malware associated w/DROID DREAM.

    *Thank you EARLY MON for the wealth of info you provided on the subject,you brought up a lot of practices that we all pretty much know that we should be following,but,in reality,we could use a friendly reminder from time to time.Going to install the DROID WALL as soon as I'm done posting here.Putting your recommendations in the 'STICKY' @ the front of this forum would be welcome by most everyone here.HINT,HINT,JAZZIETTE, WHERE ARE YOU?! ;):)
    septembersrain, Gmash and EarlyMon like this.
  4. EarlyMon

    EarlyMon The PearlyMon Moderator

    KOLIO likes this.
  5. EarlyMon

    EarlyMon The PearlyMon Moderator

    KOLIO likes this.
  6. septembersrain

    septembersrain 句_句 Smurfing Awesome VIP Member

    EarlyMon and KOLIO like this.
  7. EarlyMon

    EarlyMon The PearlyMon Moderator

    Warning - geek alert - get the popcorn and your comfy shoes...

    Part 1 - scans

    I use ES Security Manager and I do a manual scan after every app update or download, and then just when I'm bored waiting for the TV or whatever, and scan a) just to see if all is still well, and b) because I can.

    I still don't think virus protection per se is anything more than a growth industry for Android - so I don't waste my battery running that.

    I've nothing against Lookout, but I've not used it - I have used ES products (check out their file browser - I prefer it to Astro in many ways) and know and like them.

    Part 2 - Droid Wall

    OK - I use Droid Wall to keep things from chatting on the net where I see they have no need - this includes my soundwalls, beepers, coin flippers and other fun time-wasters, for example.

    Here's the deal with Droid Wall - in the incarnation of Linux that Android is based on, everything - meaning everything - going thru network ops goes through what we call the iptables.

    And those iptables can be neatly clamped and controlled. So - this doesn't really add anything to speak of in the way of overhead, and it's not a bolt-on that changes the OS behavior. So, that's why Droid Wall just gets it and you might want it.

    Part 3 - AdFree

    Same deal on AdFree - https://market.android.com/details?id=com.bigtincan.android.adfree

    That one is terribly clever. Probably you've all heard of DNS - domain name services - that the thing that lets your phone or computer just point at one computer that magically seems to know how to decode names into addresses. That came from Berkeley unix. Once upon a time, we kept manual tables of known host names for our unix networks and the table mapping IP address-to-name was stored in a plain text file called /etc/hosts - and that started on the predecessor of the Internet - (D)ARPANET. And it was a pain to add a new machine to a network of 80~150 computers because each one needed its /etc/hosts file updated (and yes, we really did used to do that). So the Berkeley Internet Name Domain (BIND) software was born - and that's still the #1 DNS lookup software today.

    SO - what's my freaking point? :D

    Point is - on a Linux machine, before it goes elsewhere to look up any network name, it first runs home to Momma and asks what's in /etc/hosts because Momma knows best and let's trust look-ups in /etc/hosts - it's a game of Mother May I? - and that all plays well because that was the original Berkeley design, before Linux was ever conceived.

    And AdFree creates entries in your phone's /etc/hosts for all the bad ad sites - and when a request for one of them occurs, the system sends back Mother said you may not.

    And while not all ad sites are malware sites - many malware sites end up in that AdFree database.

    So - all AdFree really does is give you an updated /etc/hosts file and a mechanism via the Market to keep that file automagically updated.

    And like Droid Walls - it's exploiting existing known processes inside your phone, and isn't some kind of battery-sucking add-on.

    Part 4 - Anti-virus

    When an actual Android virus really hits, you'll see it on Phandroid.com - we care about that sort of thing around here.

    Everyone should do as they feel best - but for my part, I'm not going to add on a virus checker unless and until it's established that it's a real threat for us.


    FWIW - I helped edit the second edition of the first Linux security guide, had the testbed where all of the security scripts were validated (by me) and used (by my business) as that book was written by a friend of mine. And I've done kernel dev for Mach, Berkeley and Linux and have written a little bit of network code in my time.

    So - I'd submit that at least more than half of what I'm saying is pretty much The Truth. ;)

    Hope this helps and clarifies.

    (Let me know if you guys want to start a security thread and have it added as a reference to the sticky - does anyone want such a thing? I can never tell...)
    reddogkgb, Rhonda1964, Scur and 3 others like this.
  8. cast71

    cast71 Active Member

    I would think you need both, because they do different things. The droidwall uses iptables which is good;0) Lookout scans apps.

    Earlymon, I would like a security thread;0)
    EarlyMon likes this.
  9. septembersrain

    septembersrain 句_句 Smurfing Awesome VIP Member

    A Virus scanner and the Security Manager scan? What is the difference in it's function? My Virus scanner comes up after all new downloads and updates as well. From what I'd read the ES Security Manager is semi-functional as a sort of Virus/Malware protection. Isn't that similar to a Virus/Malware app? Sorry, I'm just curious. ^^.
  10. Naresh maharaj

    Naresh maharaj New Member

    android have built-in Firewall? like alls windows operating system have built-in firewall.
    EarlyMon likes this.
  11. EarlyMon

    EarlyMon The PearlyMon Moderator

    So far as I know ES Security Manager doesn't scan for viruses but is apparently claiming effectiveness at scanning for other malware.

    The security software gang ping-pongs users into confusion but I say security awareness is your friend and your #1 line of defense.

    So -

    • The word for ache in French is mal, so bad software that makes you ache is malware.
    • A virus is malware that grows and self-replicates - just like a real-world, biological virus.
      • Sometimes growth alone is the whole idea, spawning copies until your machine and your friends' machines are all bogged down. In this case, the goal is to fail your machine.
      • Sometimes that growth is a smokescreen to install a nastier payload - just like a biological virus, a computer virus can weaken a system so secondary infections are possible. In this case, the goal is to weaken your machine and compromise your data.
    • A Trojan is malware that claims to be one thing, but it's goal - like the soldiers in the Trojan Horse - is to secretly sneak in with your apparent permission and wreck havoc. The goal is to typically compromise your data.
    • A worm is can be part of a Trojan or part of a virus payload - it's goal is to fail your machine by eating through pieces of critical operations, much like a worm eats out an apple.
    • Spyware is malware specifically targeted to compromise your data. Like a worm, this can be part of the payload for a virus or a Trojan.

    So - popular virus scanners for PCs have grown up to include scanning and protection for all of these various threat classes.

    But - in the mobile world, the app makers seem to be using the narrow definitions of these terms - so in my opinion - it's important to know these classes so you know what your software is capable of scanning for.

    It's ok to think of it this way - viruses are most the most aggressive, so virus scanners have to be the most aggressive.

    Some of them in the Android world are only protecting against really simple threats - like the ability for something to send SMS messages behind your back. And some of them that claim to be security blockers do nothing more than the Mickey Mouse of just blocking unwanted or unknown phone numbers from ringing or texting you (by itself, that's ok, but let's not call that malware protection like they claim to do).

    Did I make sense there? Too simple or too obtuse? Some days I can't honestly tell, and this is one of them. :p
    Rhonda1964, Reposiric, Gmash and 3 others like this.
  12. EarlyMon

    EarlyMon The PearlyMon Moderator

    Yes, Android, being Linux, does indeed have a built-in firewall.

    And just like with Windows - you need Adminstrator privileges to turn it on and configure it.

    To get Administrator privileges in Android, you need to root your phone. We call it root because that is the name of the admin user account under Android (Linux/unix).

    Once you are rooted (have root access) then you install the free Droid Wall app from the Market so you can turn the firewall on and configure it.
  13. septembersrain

    septembersrain 句_句 Smurfing Awesome VIP Member

    I thought so myself. That's why I tended to opt for a Virus scanner. I know that that most higher security programs include a lot of lower features like malware scanning, Etc. Though I did not know if this applied to the Android world. As you'd said, Most PC Virus scanning programs have grown to include many other tools. I suppose I'd kind of taken that knowledge with me to the Android world but, Wasn't quite sure if that was a good idea.

    I know generally what and how each category works, What I was so completely unsure of is how that applies to the Android world. I have never used Linux, Therefore don't know it's vulnerabilities. I have really only worked with Windows based electronics.
    I suppose I need to look into the Virus program I have on here and really find out what it actually includes. I am going to also look into the droidwall as you'd said. Thank you very much!

    OH so Droidwall is actually a program that works with the integrated firewall feature in the phone? Does it add anything? Is there any other way to access this feature or do you need the third party app?
    EarlyMon likes this.
  14. EarlyMon

    EarlyMon The PearlyMon Moderator

    If you know Linux sufficiently, you can use adb and manage your iptables by hand.

    With Droid Wall, you don't have to know how to do that - just fill in the form, it's way simple.

    Droid Wall is to your iptables as ROM Manager is to Clockwork Mod Recovery - you _can_ do it by hand - but why bother?

    Droid Wall is not the firewall - it's just a handy firewall (iptables) configuration editor that _anybody_ can use, no Linux-monkey skills needed.

    Freely post here or PM me any post-links I missed from anywhere around the Ascend forum that you'd like to have moved here.
    Gmash and septembersrain like this.
  15. septembersrain

    septembersrain 句_句 Smurfing Awesome VIP Member

    I am actually curious about this too because Icarus was based on 2.1. So does that mean it's only got slight adaptations to the original OS? If so, That means when it comes to the basics, Icarus and 2.1 are the same right? Hmm...
  16. EarlyMon

    EarlyMon The PearlyMon Moderator

    Unlike Windows, Linix machines (read: Android) can have various things shuffled around under the hood and new creations result.

    With desktop Linux, we call that a distribution - with Android we call it a rom.

    Just like you can have mandolin duck with more rice or with more noodles it's still mandolin duck with rice and noodles -

    - so - ICARUS still basic Android. If it's based on 2.1, then it IS 2.1.
    septembersrain likes this.
  17. septembersrain

    septembersrain 句_句 Smurfing Awesome VIP Member

    So then basically all the security you'd set up on the stock 2.1, Should be repeated on Icarus. Thanks!
    EarlyMon likes this.
  18. UOFLcards

    UOFLcards Well-Known Member

    I thought you didnt need any kind of anti-virus or security on the Ascend? :eek:
  19. EarlyMon

    EarlyMon The PearlyMon Moderator

    There have been no viruses to date.

    Trojans have occurred.

    In my opinion, if something can go on the net, it needs security; others feel differently.
    cast71 likes this.
  20. Lennatron

    Lennatron Well-Known Member

    In my opinion you do need Virus Protection. Google has just pulled 58 malicious apps that were in the Offial Android Market. Some of them were just legit like apps such a stop watch and timer. I'm sorry Google but thats just sad that they were in your Market. Its a disgrace. I hope Android doesn't become the next Windows. Google saw what happened to Microsoft and now this happens. Absolutely unacceptable.
    EarlyMon likes this.
  21. EarlyMon

    EarlyMon The PearlyMon Moderator

    Difference being that Google did something about it and has a Market - but otherwise, your point stands.

    And fwiw - note carefully if the anti-virus app you'll choose is sufficient for the types of threats that are real, not just being sold.
    Lennatron and septembersrain like this.
  22. septembersrain

    septembersrain 句_句 Smurfing Awesome VIP Member

    Would you suggest to stick with a brand name that is known through Windows? Such as AVG, Etc? Would those companies make a feasible transition from Windows to Linux? Also, What suggestions do you make in terms of Virus apps? Any that you find stand out?
  23. EarlyMon

    EarlyMon The PearlyMon Moderator

    I'm not expert on Windows security.

    Seems if that community were doing things right they're be a lot fewer viruses and issues in the first place.

    As for brands - better to look for someone with the right Linux experience in the first place, and AVG is one of those. I personally like ClamAV but maybe it's just the name. :)

    Here's a few to know about already getting it for Linux - The 4 Best Free Linux Anti-Virus Programs

    To be honest, I often wonder if half of the viruses out there didn't come from the anti-virus companies in the first place. Yeah - I get flamed for that.

    Meanwhile - Symantec Employee Caught Astroturfing GAS
  24. septembersrain

    septembersrain 句_句 Smurfing Awesome VIP Member

    I remove malware/viruses from Windows computers (Freelance until I'm done with college). I really think that no matter how much security you put on something, There will always be people willing and able to hack through them. You've got that news story of a hacker who was able to get into Wallstreet. It's crazy but, With technology there is no level of "Safe". People will always try to find ways to override what should be the "Rules".

    Also, I believe it to be true what you said about some companies creating viruses. Did you know that it's rumored over half of the malware created and made behind a fake company is in fact funded by a legitimate one? I once looked into a script that had been saved of a "Antivirus 2010" malware log. It literally had a website domain address of a commonly known company by the name of Norton. Of course that's not exactly proof, But it's awful weird considering that the domain address was where the malware had been originally SENT from. Wish I had still had this, The computer it was on finally died. It was 5 years old and and I knew it was coming. It had smart failure predicted for like almost a year and half! XD

    P.S I like the name ClamAv too. *Laughs*
    EarlyMon likes this.
  25. Gmash

    Gmash Well-Known Member

    I would like to give an extra thanks to EarlyMon for sharing all this great information. Who knew we had one of the godfathers of linux right here? I have installed the 3 apps you have recommended here, and my phone has been running smoother. I know these are not exactly performance apps, but maybe without all of my apps fighting over my network connection, it is freeing up some processing power. Also, web pages load faster without so many ads. I'm sure a lot of people in the android community look down at our little phones as kind of a joke, but you have been really cool about sharing your knowledge with us mostly first time android owners. Thanks again!
    septembersrain and EarlyMon like this.

Share This Page