Discussion in 'Android Apps & Games' started by Sperkowitz, Mar 6, 2011.
Is there currently a need for an Android virus protection app?
Not unless you're installing apps that are stealing your data.
No,not if you are halfway careful about what you install.
Third party sites - risky.
If wallpaper is asking for contacts, phone, internet, gps and hardware state a red flag should go up.
I have noticed the more forthright devs will tell you specifically why they need the permissions they ask for.
If you're concerned about mobile security I recommend checking out Lookout. It will scan apps as you download them for anything malicious.
No, and there probably never will be.
The only kind of malware you'll ever get is the kind you have chosen to install off the Android Market. It won't be from visiting a webpage or just magically contracting it without any user intervention.
If you're worried, stick with the popular apps produced by actual corporations (Rovio, Google, Dropbox, etc.). Don't just install some random app that has only 5000 downloads and three reviews produced by some random developer.
Well as per now not strongly recommended but you can go with "Antivirus Free" on market which is simple and good... Takes less memory....!!
+1 for Lookout. Last year I lost my phone in the snow and damned if lookout wasn't able to locate it for me. Plus Google Contacts fudged up and started deleting everything. Lookout had a full backup saved for me. The Antivirus is just frosting on the cake.
Thanks everyone. I am new to the Android platform, and it is my limited understanding that the format is more open sourced. I am not sure how the Android Marketplace is overseen compared to, say, the iTunes Store. I just happened across some virus scanning apps and I was curious about that.
I will be performing downloads like I would with my PC...carefully and with informed decisions. I have a cousin that was playing around with his new phone downloading apps, and "magically" he ended up with a problem with his phone where he couldn't see what he was typing as a text message in landscape mode. A phone reset corrected the problem but made him worried about installing apps again (which would be a sad waste of a smart-phone). I don't think it was a virus. Just a fluke.
I'm just gonna accidentally drop this link right here:
Great post! People reading that will have far safer Android installations than those who think so-called "antivirus" will protect them.
That could happen though. A malicious website exploiting some vulnerability in the Android browser. Although at the moment just about all malicious websites target Windows. But that could always change as Android devices become more popular.
After all it was a website(jailbreakme.com) which enabled one touch jailbreaking, rooting and installing of non-approved software into the Apple iPhone and iPad. This worked through a vulnerability in the Safari browser. Safari is based on Webkit, and so is the Android browser.
Norton has one out too. So does AVG.
Dream on! The point of a virus is that you can't see it, nor can you see it's effect on your device (unless your device grinds to a halt, and then it's obviously too late). A virus does not need to be clicked on to install itself on your device. Simply visiting a doctored (which is invisible) website is enough. As opposed to 'Trojan Horses', which do need to be clicked on/installed (but are, obviously, not always easily recognizable as malware).
On Windows PCs, 80% of the funny, amazing, beautiful, and interesting PDFs that everybody forwards to everybody else for viewing contain viruses. Opening them infects the PC. Not Macs! But when Macs forward the PDF they also forward the viruses therein!
Like mikedt said:
I don't bother. I use droidwall and I block more programs from using the internet anyway. The only ones I allow are the ones I trust, like stock messaging app, market, stock browser, go sms,etc.
Thanks for this link. Going to give it a good read before I download anymore apps.
Ah, but the point of a linux sandbox is an app can't just install itself.
It has to ask for permission as well as reveal what it wants to use on your phone.
Comparing your phone to a desktop computer is a misnomer.
They are not the same, by a very long shot.
I wouldn't say impossible. This came out yesterday. It goes to show, there are ways to get around sandboxing. Hackers are clever people.
Android Market XSS Bug Allowed Code Execution on Mobile Devices | threatpost
XSS Security Hole Just Another of the Android Market’s Problems | Android Phone Fans
I give props to the guy who found it. Instead of using it to enter a contest he tipped google about the security hole. It's good to know there are good responsible hackers out there.
Fine, you worry about it, I'm going back to sleep.
Exactly. This morning I've seen what looks like soft pr0n wallpaper apps appear in the Games > Racing(maybe that should be 'Racey') section of the Market. Perms are phone-calls, messaging, location, full internet access, read and write phone memory, phone status. hmmmmm.
Yes if one does go installing every POS in the Market, then one might need an AV.
But if one is careful and use a bit of common sense, one will be OK.
I've emailed and asked devs why they need certain things and most are good enough to explain it in excruciating detail.
Also think about this - if the app only needs 1.60 or earlier they may be somewhat funky. 2.2.1 is far more difficult to circumvent with hidden agendas.
Trojans are the only real threat to Android right now. That was my point.
FYI - just because the program is in the Market, doesn't mean it's safe.
Android hit by rogue app viruses | Mail Online