Antivirus app necessary?

[adamajah]

So, I see some anti-virus apps in the Market. Really??? I have to worry about that on my phone?

How would my phone get a virus?

Has anyone here gotten a virus on their android phone?

Thanks.

 

[Merago]

There have been a couple of reported instances of malware, one quite recently where there was a dodgy bank app that phished for your bank details. There have also been a few exploitable sections of Android that have been announced, so the risk is there, and the more Android grows, the greater that risk will be. However, I'm not convinced by the anti-virus apps out there at the moment. Among other things, AV apps use definitions which look for common viral behaviour or files. If there are hardly any known Android targetting viruses, then what are those definitions going to contain? To be fair, there are other methods of protection provided by AV software, such as heuristic detection and other pro-active monitoring, so known threat detection isn't the be all and end all.
I also wonder how trustworthy these AV apps actually are? They could be doing nothing at all, and it's not like there are many sample viral codes anyone could throw at the software to test it. For me, I'll not shell out for AV protection for Android just yet. At least not until I know for certain there's a trustworthy and reliable AV app.
There's a good article here about malware on mobile devices.

 

[snorge]

I don't really think it is possible yet. I haven't read of anyone getting a virus yet and for the short time I did try one of the popular apps it kept falsely detecting one of my apps text alerts of being something malicious.

 

[LDDR]

Hello, the web master has asked me to introduce myself and to stay a while. My name is Sean. Now, I don't know to much about all these new phones, but I CAN say is that I've had the HTC Eris by Verizon for abooooout a month now, and I've had 1 possible and 1 definite occurance already. I agree that everyone should read what apps have access to before you download them. The first issue was with a new unlock manager. I was getting kind of annoyed with the unlock pattern option, and wanted something different. My phone changed to what looked to be some other kind of "desktop" the way things were set up, notification tool-bar, etc. It had mentioned something to me about "never picking this setting we are warning you" or something along those lines. I never picked it (and I wouldn't either if I were you. If something tells you not to do it, you probably shouldn't do it... lol ) I figured a way out to make it use the "HTC home by default", I deleted the lock app, and my phone went back to normal. I honestly don't think that was a virus, it may have just messed with my settings and I"m a little R-tarted. BUT, just the other day, I had downloaded a Joker soundboard (WhY sooOOO seeeriOUS!?!?) 2 of the sounds wouldn't play and they didn't even SOUND like they were from the movie "You got knocked the f**k out 1", and "You got knocked the f**k out 2", were the names of the "clips" My lock screen changed to the music player, it wouldn't allow me to keep it as a picture, and all of my shortcuts and clock widgets etc. were off my "desktop". I ran a Anti-virus app I had previously gotten off the Marketplace, and it said it picked up on something that was potentially malware. (It's never picked up on ANY thing before... EVER) I confirmed that it should "fix", as they put it, the issue. I uninstalled the Joker app. I had to manually add EVERYTHING back to the "scene", as it was. Nothing I downloaded was deleted. Phone numbers still in tact. Everything's lookin' A-O.K. now. I don't know if viruses are snaking their way around this different world, and if their not yet, they WILL be soon, they'll find a way. They always do, right? Catching a digital STD would suck. Wear a static free condom I suppose?

 

[KlaymenDK]

Hello, the web master has asked me to introduce myself and to stay a while.

I'm sorry, but that's unlikely.

Introductions should go into the Introductions forum. As for the rest of your post, it seems more about "fud" than reasonable debate. No references, for one thing.

That said, yes one should certainly pay attention to the accesses requested when installing new apps, and of course any software is bound to have some holes in it. Mind you, anti-virus apps can't rally do much of anything unless they themselves have rather high system access -- making it very inviting to disguise malware as anti-virus apps.

 

[grainysand]

Going to be a while for people to start targeting viruses/malware at Android, I imagine. Right now the only mobile OS that suffers from significant attacks is... the iPhone due to its market share.

 

[adamajah]

I was going to download Maths Workout Lite from the Market but saw that it accesses:

"<!> Phone calls
Read phone state and identity"

Uh, why would a math game need to do this? Sorry. That's a fail.

 

[Stretch2m]

I was going to download Maths Workout Lite from the Market but saw that it accesses:

"<!> Phone calls
Read phone state and identity"

Uh, why would a math game need to do this? Sorry. That's a fail.

I know it's been a while since you posted this, but I just found this thread during a search for something else.

I think many apps want to know when you're receiving a phone call (phone state), so that they can save their state (where you are in the game, e.g.) as soon as the call app becomes foreground. Once an application gets put in the background (i.e., behind your phone call) it is vulnerable to being killed off by Android if resources are needed. By saving their state when a phone call is received, they are then more likely able to restore that state if the game then has to be restarted. As for "identity" I think that's just because it's part of the same access policy as "phone state". I wouldn't be too concerned about games that ask for this permission.

 

[tmzbeme]

is 'antivirus free' spyware?

why does it need permssions to read my contact data?

and it always wants to erase all my sms if i let it.

it also erases any encrypted file on my sd card if i let it.

 

[TheBiles]

Hello, the web master has asked me to introduce myself and to stay a while. My name is Sean. Now, I don't know to much about all these new phones, but I CAN say is that I've had the HTC Eris by Verizon for abooooout a month now

So the owner of an Android website has asked personally asked someone with only a month of experience with Android to stay and post horribly formatted walls of text that no one can read? Gotcha.

 

[twiztid907]

So the owner of an Android website has asked personally asked someone with only a month of experience with Android to stay and post horribly formatted walls of text that no one can read? Gotcha.

^^This

 

[honzyboy]

I'm using an antivirus on my nexus s and its great. No false positives or any problems so far. I think its better to be prepared. I researched and could find no bad reviews on the one I'm using. Its called net Q in or something like that.

 

[AngryHatter]

And it does nothing.
Name an AV app that has caught a malicious app?
You can't, although people have found malware, not one AV suite has caught anything.

 

[sarimanokftw]

i got xperia x8. after installing some programs from my pc. my sophos antivirus detected a malware in my phone. so i tried to unplug the data cable then connect it again, same thing happens, my pc antivirus detects a malware. so what i did was, i installed "lookout" then run a full scan, and there it was, virus was detected and cleaned. so i must say, malware do exist in android phones.

 

[AngryHatter]

i got xperia x8. after installing some programs from my pc. my sophos antivirus detected a malware in my phone. so i tried to unplug the data cable then connect it again, same thing happens, my pc antivirus detects a malware. so what i did was, i installed "lookout" then run a full scan, and there it was, virus was detected and cleaned. so i must say, malware do exist in android phones.

Either you are mistaken or worse.
Lookout themselves have said they have not to date caught any malware first or at all.

 

[hogmansden]

Either you are mistaken or worse.
Lookout themselves have said they have not to date caught any malware first or at all.

Sorry to dig this up again but I find the above comment extremely difficult to comprehend.

Malware is often used to generate funds. Now if an App can be installed onto a phone, that lets say, sends texts to premium rate numbers without the users consent or knowledge. Or sniffs WiFi connections for encryption keys and maps them based on GPS that then allows a map to be drawn up thus allowing hackers to compromise networks. Then these apps are indeed described as Malware.

The idea that a device that runs software that can be written by any individual is not vulnerable to malicious software is beyond belief. Surely any self respecting "Geek, Nerd or IT Worker" would be open to the idea that a phone could be compromised in ways described above?

So I would suggest this; if you are using your phone for anything other than making calls, sending texts and you value your privacy then an Anti-Virus package on Android may actually be a good idea. Lets not forget that Android is based on Java (and we know how safe and secure that is right?) it also runs flash (again, we know how safe and secure that is right?) so it may be prudent to accept whatever protection is available.

Paul

An IT Working Nerd of a Geek.

 

[hogmansden]

Well I have been using a PC and the Internet for YEARS, and never got a virus, Thats probably cos I don't got to porn sites, I don't download dodgy software or game cracks and I don't use any P2P software. I don't use a browser that allows ActiveX, I do not have Java installed and I use flash in a sandbox. All my software is legit, I run Sophos anti-virus I use Adblock plus and OpenDNS with web filtering enabled.

But that does not mean that there are no virus's out there now does it? So I think the argument about Anti-Virus on a phone is as legit as the argument for flash.

 

[hogmansden]

To help people to decide:

"
The number of apps on mobile marketplaces contaminated with malware grew from 80 to 400 during the first half of 2011, according to a study by Lookout Mobile Security.
Android users are particularly at risk of downloading contaminated apps from markets and download sites. Two of the most commonplace threats, DroidDream and GGTracker, were regularly hidden into repackaged gaming apps or utilities and uploaded to Android app marketplaces.
Because of this surge in malicious apps, users are 2.5 times more likely to encounter malware today than at the start of the year, according to Lookout."


More can be found:Here

 

[alostpacket]

Every month or so Lookout posts a "new" report on how things are much worse that they were before. And every month or so we get these types of posts asking if the sky is falling.

Dont worry, no sky is falling.

Since this is the third or fourth thread about this lookout report, I am just going to copy and paste my post from the other threads.
=============

First, for those of you who are new here, welcome to AF!

Have a look here:
How to be safe, find trusted apps, & avoid viruses - A guide for those new to Android

Life with the little green robot is not as scary as you think.


Lookout are very smart guys and they know a lot about security. However, they work in an industry that makes profits off of the fear (founded or unfounded) of the user.

They publish this nonsense at least once a month on their blog. Usually it's just a rehash of some old malware, or something they downloaded from a grey market "warez" site or something. They have been doing this for many years since the WinMo days as far as I know. All the anti-virus companies release PR reports like this. And they release them often.

The media also likes to pick this up because their business is advertising based. Sensationalism is the name of the game. If they can freak you out into reading the article, then they make money. "If it bleeds, it leads."

There have been a few well publicized cases of true malware in the Android Market. But the apps that contained the malware were so incredibly stupid I couldn't even believe anyone downloaded them. They had names like "Super Duper Awesome Best Guitar App" developed by "The Super Duper Awesome Best Guitar App Team"

So yeah. Some of the scare-mongering gets to epic proportions. Be smart, be diligent, read permissions, and understand the context of the permission, and you'll be OK. If you want to use AV software, go ahead. But don't let that be a crutch or substitute from acting responsibly and taking the time to educate yourself on good safety habits

As a side note, personally, I'd advise against reading some of the popular tech sites like Engadget/Tech Crunch/InfoWorld (and it's network) and Gizmodo.

Stick to places like ArsTechnica, Slashdot, AnandTech, HardOCP, Bittech and of course Phandroid

Those sites care about their users and have good articles -- but even they fall prey to sensationalism. It's the very nature of "news" -- not just tech news, but all news.

 

[podagee]

android is linux and thats what i run on my computer.have never ran into issues of any type of virus.therefore i dont believe antivirus is really necessary

 

[hogmansden]

BBC News - Smartphone scams: Owners warned over malware apps - And for those of you posting that Linux does not have a problem with viruses, you are either trolling for reaction or are living in a fantasy world.

All of these companies offering warnings and you still sit there with your tin foil hat?

These programs ARE out there, kids WILL unlock their phones, kids WILL install dodgy software. ADULTS will still install "Cracked" APPS. These are REAL risks and should NOT be ignored.

Look at the bugs that Google have admitted to, data mining etc, by LEGIT programs. Now imagine what a piece of Malware could do. All these 3g/4g connections, turn a few thousand phones into a bot net and its quite easy to see where problems with DDOS & SPAM could evolve.

Take this matter seriously.

 

[hogmansden]

android is linux and thats what i run on my computer.have never ran into issues of any type of virus.therefore i dont believe antivirus is really necessary

I have never fell from an air craft, but I would still prefer to wear a parachute while skydiving.

I have never gone through my windscreen whilst driving my car, but I would still prefer to wear my seatbelt.

I have never been smashed in the face with a bottle, but I still prefer to stay out of bar fights.

It is all about percieved threat and prevention. Not reaction.

 

[aysiu]

Here's the problem: you're not making a fair comparison.

Parachutes actually help you land safely.
Seatbelts actually protect you in a car accident.
Smashed bottles do damage your face upon impact.

"Antivirus," however, doesn't actually protect you from malware on Android.

 

[Crashdamage]

@hogmansden: I'll say it again - malicious apps and viruses are not the same thing. Do some reading.

 

[hogmansden]

Ok so it looks like a few people on here have not moved with the times. MALWARE: Covers Viruses, Trojans, Worms, & Malicious Software. Most people still refer to their protective software as "AntiVirus", however most new generation software is actually Anti-Malware, hence the relevance.

Please do not state that there is not any MALWARE on Android.

Unless you are so familiar with ALL the code on your android device, the code for ALL the apps installed, then you can not say that there are not Malicious Apps out there.

Any code that does something that it is not identified, IE, a program that allows me to use my camera as a spy cam, but also sends my contact list to a spam server. Would be fairly construed as MALWARE.

Can we please agree on that?

So if such programs to exist, which has been proven, then surely it makes sense for users to protect themselves with Anti-Malware software.