How to protect from spyware ?

[slash92]

Hello,

there are more and more spyware that can be installed easily on an android phone:

For example:
retinax mobilespy
ikeyguard.com
mobile-spy.com
spytic.fr

I want to know how to protect my android phone and prevent such software to spy without my knowledge?

Can i use an antivirus in this case?
From what I read about antivirus, they do not prevent the implementation of these applications because it is like standard applications ....

thanks

 

[wayrad]

Your best bet is to

a) not allow anyone else to have physical access to your phone,

b) follow the advice in this thread: http://androidforums.com/android-ap...ps-avoid-viruses-guide-those-new-android.html

 

[aysiu]

Security is great.

Antivirus is not security.

 

[AngryHatter]

Don't install any?

 

[jerofld]

You're best defense against spyware is knowledge. Read the thread linked by Wayrad. It shows you how to spot suspicious apps in the market to avoid spyware and other malware. Anti-malware apps are not necessary to prevent attacks on Android.

Plus be aware of the physical security of your phone. Obviously don't let strangers mess with your phone. I'd recommend setting a trace lock on it. Also, don't connect to public wifi (Starbucks, McD's, etc). Hackers can get personal info easily if you are connected to the same wifi router as them. Even people with iPhones. Identity theft is on the upswing. Make sure to protect yourself.

 

[Petrah]

You're best defense against spyware is knowledge.

Quoted for truth!

You know what they say; knowledge is power.

 

[dylo22]

Antivirus is not security.

Have to disagree with this statement.

Antivirus IS one layer of security. It just not the end all and be all of security.

 

[AngryHatter]

Have to disagree with this statement.

Antivirus IS one layer of security. It just not the end all and be all of security.

Name one instance in which malware was found by an AV app before Google or the community at large.
Never happened.
AV is a waste of space, resources and time.

 

[dylo22]

Name one instance in which malware was found by an AV app before Google or the community at large.
Never happened.
AV is a waste of space, resources and time.

Why does everyone always use this argument against AVs? AVs does scans based on definitions of KNOWN malwares stored in their database. They do not magically find new malwares that pops up in the market. The malware scare we had a couple of months ago were all new and never been seen malware on the android platform. Did you really expect any AV app to detect those before google or the community? It's impossible. The purpose of AV is to help protect you from past threats. So that in case when you slip up and forget to check permissions, the AV will identify the known malware and alert you about it. This is what I mean by layer security.

On the matter of AVs effectiveness, that's another story all together. I can't prove to you that a particular AV works anymore than you can prove to me that an AV doesn't work. Unless we have an malicious app available to test against, it's all talk. Although, I did find a couple test virus in the market that you can download to test against AVs. I don't know how valid they are, but in the comments, people say a few of the AVs (like lookout or avg) detected it. So I think it's fair to say those AV apps are doing something.

 

[itsallgood]

Why does everyone always use this argument against AVs? AVs does scans based on definitions of KNOWN malwares stored in their database. They do not magically find new malwares that pops up in the market. The malware scare we had a couple of months ago were all new and never been seen malware on the android platform. Did you really expect any AV app to detect those before google or the community? It's impossible. The purpose of AV is to help protect you from past threats. So that in case when you slip up and forget to check permission, the AV will identify the known malware and alert you about it. This is what I mean by layer security.

On the matter of AVs effectiveness, that's another story all together. I can't prove you that a particular AV works anymore than you can prove to me that an AV doesn't work. Unless we have an malicious app available to test against, it's all talk. Although, I did find a couple test virus in the market that you can download to test against AVs. I don't know how valid they are, but in the comments, people say a few of the AVs (like lookout or avg) detected it. So I think it's fair to say those AV apps are doing something.

Great response.

 

[AngryHatter]

So it means they do nothing.
Have you ever seen an "infected" linux based phone? Neither have I.
The sandbox is in place for a reason. The OS itself is far more robust and able to deal with malicious apps than any AV.

Why do you think an AV suite for a windows based PC finds an anomaly and sends the information to the devs. That's how malware is found.
Based on known definitions it extrapolates and if something suspiciously close appears the alarm is sounded.
It's not a room full of nerds at kapersky looking for bad code.

 

[dylo22]

So it means they do nothing.
Have you ever seen an "infected" linux based phone? Neither have I.
The sandbox is in place for a reason. The OS itself is far more robust and able to deal with malicious apps than any AV.

I agree with you that android is a more robust operating system than others, but that doesn't mean it's impenetrable. Remember those 50 apps in the market that contained the exploits "exploid" and "rageagainstthecage" that breaks away from android sandbox to gain root access. Remember google had to do a remote wipe of those apps from infected phones. They didn't do it for sh1ts and giggles. Google did a remote wipe because they knew it was serious threat...well at least once they found out. Fortunately, all this is patched with gingerbread. But those those of us still on 2.2 are still susceptible.

Why do you think an AV suite for a windows based PC finds an anomaly and sends the information to the devs. That's how malware is found.
Based on known definitions it extrapolates and if something suspiciously close appears the alarm is sounded.
It's not a room full of nerds at kapersky looking for bad code.

I suppose it's possible android AVs can determine new malwares based on known malwares. Some desktop AVs do heuristic analysis to determine new threats. It's not very reliable and it adds a lot false positives to scans. In addition it only applies to malwares that have a very similar signature than ones they already known. This is doesn't account for new exploits or malwares with different signatures.

Heuristic analysis - Wikipedia, the free encyclopedia

 

[AngryHatter]

I agree with you that android is a more robust operating system than others, but that doesn't mean it's impenetrable. Remember those 50 apps in the market that contained the exploits "exploid" and "rageagainstthecage" that breaks away from android sandbox to gain root access. Remember google had to do a remote wipe of those apps from infected phones. They didn't do it for sh1ts and giggles. Google did a remote wipe because they knew it was serious threat...well at least once they found out. Fortunately, all this is patched with gingerbread. But those those of us still on 2.2 are still susceptible.




I suppose it's possible android AVs can determine new malwares based on known malwares. Some desktop AVs do heuristic analysis to determine new threats. It's not very reliable and it adds a lot false positives to scans. In addition it only applies to malwares that have a very similar signature than ones they already known. This is doesn't account for new exploits or malwares with different signatures.

Heuristic analysis - Wikipedia, the free encyclopedia

So in both cases what would your AV do for you?
Nothing?
Google removes the apps, not some AV suite.

Here's a nice analogy - it's like wearing a condom 24/7 - it is not that a condom is not useful, but you utilize one when you need it.
As of today, there is no need.

 

[dylo22]

So in both cases what would your AV do for you?
Nothing?
Google removes the apps, not some AV suite.

Here's a nice analogy - it's like wearing a condom 24/7 - it is not that a condom is not useful, but you utilize one when you need it.
As of today, there is no need.

Well, if you're on android 2.2, it will protect you from those exploits. The vulnerability still exist. It didn't just disappear. There's nothing stopping from another guy repacking other apps with those same exploits and uploading onto the market. There's also other trojans and keyloggers that the AVs are capable of detecting. The purpose of AV is to help protect you from the past threats that hackers and script kiddies might still be using.

I didn't say you NEED it. You can go without it. Hey, I don't have an AV installed on my phone. But, just because you don't need it, doesn't mean "AV is not security". It's just ONE layer of security which you could choose to use or not.

eh...that analogy is a little off. You can have a condom with you without using it and wearing it on your dick 24/7. Similarly, you can have an AV installed on your phone and not having it being used 24/7. It's only during times you can be infected (like installing an app or in your analogy, having sex) that you want it use it for protection.

 

[zizinzizazizo]

yes it looks like spytic was a distributor of copy9 product.
oh copy9 has many feature such as Ambient Voice Record, Yahoo Messenger Chat, Whatpsapp, Key Logger, Voice Memos, Notes, Photo Camera Roll (Pictures)... with lower price compared with spytic. Oh my god