1. Check out our app, Forums for Android! Download and leave feedback here!

Support Anti-Virus...Do I Need It?

Discussion in 'Android Devices' started by keatre, Jun 10, 2010.

  1. keatre

    keatre Well-Known Member
    Thread Starter
    68

    Hey guys and gals,

    I work in tech security, and we get a lot of people coming in asking about anti-virus on their phone. A lot are people that jailbroke their iPhones, an email or two will go missing, and they start to freak out and run my way. So - I decided to throw together a little thread based off my professional opinion on what if any anti-virus is needed on your Evo.

    Ok, so I rooted my phone, wiped it, reset it to a null gmail account, and went to work seeing what mess I could manually transfer over and see what apps were able to stop what. Unrooted, and tried again.

    The two most popular anti-virus apps that can be found in the marketplace are what I tested. Here are their results:

    Anti-Virus Free:

    Light Malware/Virus: It caught some, and let others pass
    Medium: It caught 1, and let most pass
    Strong*: Caught 1 major, and let SEVERAL rootkits pass. Once it did, I was actually able to manipulate the phone via the app.

    Verdict: Do not use this app.

    Lookout Mobile Security, FREE:


    Light: Caught about 60%
    Medium: Caught about 70%
    Strong*: Caught about 25%

    Verdict: If you're absolutely paranoid about viruses, go ahead and grab this. I wasn't able to do as much with this app as I was with the other. This seems a little better built. But please read on...

    Conclusion:

    So are anti-virus programs actually needed? I would say at this current time (6/9/2010); No. You do not need anti-virus, as there are very few programs out there that will harm your device. However, don't let that fool you into thinking every app is safe. Follow some of these tips to stay safe, and keep your device running smooth.

    1) The best anti-virus out there right now is you. We're all pretty smart and have common sense, just check the app before you download it and try and stick to main-stream apps.

    2) Some of the really out there "cool" apps that have very few rating and very few downloads are always kinda fishy to me. If the app says it can launch the Space Shuttle, that's pretty sweet and all, but I would stay clear.

    3) DO NOT EVER CONNECT TO OPEN WI-FI HOTSPOTS! Starbucks has some good overpriced coffee, and some BAD internet. It goes in this order of do not connect... Open->WEP->WPA->WPA2. Do not EVER connect to an open wifi hotspot, as I could easily start filtering packets like crazy and just read everything your sending and receiving. It's just a rule, ok? Don't do it...please.

    4) Our OS is built off a Linux platform, and as of right now, there are very few viruses out there for Linux (in comparison). So don't lose any sleep over it.

    5) Know the Devs you download from. Google has a system in place to block or filter malicious code, but they can't catch 100%. If you think the code is malicious, report the dev.

    6) I know our phones are super high powered, and can rule the world and all, but the more stuff you dump on them, the slower they'll get. Yes Android has a great memory allocation, but its still not perfectly efficient (not starting, and please do not start an ATK debate here), so try not to overload too much on apps.

    6.5) If you have an app that you NEVER use, delete it! It's not worth having on your device if you're not gonna use it.

    7) Root at your own will. Yes rooting opens a bunch a doors and can give you permissions to your phone that otherwise wouldn't be available -- but at the same time it allows those doors to stay open. If you know what you're doing, cool, have at it. But if you're new to root, I would read up on it a bit, and see if you really NEED to root your phone. Personally, I never wireless tether, so there's no real reason. But, that's just me.

    8) Check for and install all updates sent out by Sprint/HTC. Root users will yell and scream at you not to, but what most people don't realize is, you gain root access through an exploit. The patch will fix that exploit in the code, and will often times lock out the root users. So, if you're all about rooting, do your thing. If you don't care too much, apply the patches.

    I think that's about it, I'll add some more if you guys think of anything fancy. As I said above, this is all opinion, please don't come in here and post you know more than I do (everyone on the Internet does) and say I'm wrong. If you disagree, great, move on to the next thread. This is merely a suggestion for those who aren't sure.

    Happy surfing and EVOlution to you guys and gals!

    Cheers!

    Side Note: There have been discussions by others in the past saying these anti-virus people just steal your data and sell to marketers. Now as for that, I cannot comment. But just so your aware, those allegations have been made. Truth or not, I can't say.

    *Testing Note: All tests performed were FAR more extensive than your phone would ever endure. You could almost count the "Strong" section out, as it would be hard to add a blatant, obvious rootkit to the phone, but I left in there for a simple comparison.
     

    Advertisement

  2. lyons238

    lyons238 Well-Known Member
    38

    May 21, 2010
    255
    19
    38
    why does lookout need to be able to read your texts?
     
  3. keatre

    keatre Well-Known Member
    Thread Starter
    68

    I would assume they do it for MMS purposes, like the old days of sending a fake .jpg or .bmp and people clicking on it feverishly, just to install some malicious software...
     
  4. Thefoodman52

    Thefoodman52 Well-Known Member
    163

    Dec 1, 2009
    2,314
    329
    163
    Resource Consumer
    San Diego
    It's still overzealous I feel until Android becomes a major mobile phone OS like Windows mobile. Then people are gonna start making viruses for it just to say, "Heh heh, I'm that douchebag that ruined hundreds of phones. When I get caught and arrested (hopefully, lol), I won't ever be able to get a job I want.".
     
  5. neodorian

    neodorian Well-Known Member
    183

    Jan 5, 2010
    1,113
    276
    183
    Video Producer
    Baltimore, MD
  6. keatre

    keatre Well-Known Member
    Thread Starter
    68

    Overzealous? That depends on who you ask... But, it is true, as an OS platform grows, so does the malicious content. But that goes with everything, the bigger the city, the more crime.

    Yes...? Not sure who you're talking to, haha.
     
  7. baley101

    baley101 Member
    6

    May 25, 2010
    8
    1
    6
    Great write up, thank you.
     
  8. keatre

    keatre Well-Known Member
    Thread Starter
    68

    Thanks, if you have any questions, let me know.
     
    b18c195 likes this.
  9. Jordus

    Jordus Well-Known Member
    53

    May 5, 2010
    283
    70
    53
    I'd tend to agree with everything here. It's not hard to see that you work with this stuff daily and have a passion for it.

    But, my own opinion is that the honey pot just isnt as sweet as people think it is. Really, probably 98% of malware does nothing but annoy you, the majority of it doesnt actually steal any personal data thats of any real value. (more than that 98% could, but generally don't). Malware is generally blown out of proportion by media and people crying wolf.

    I work in IT, i'm on a computer nearly 16 hours a day, and i've only ever had one case of identity theft (knock on wood) which was the result of Visa getting hacked, nothing that I did or didnt do to prevent malware. This doesn't mean you should just let virii run rampant on your machine, but also don't really lose sleep over the subject, either.
     
  10. keatre

    keatre Well-Known Member
    Thread Starter
    68


    I completely agree with you, and that's what I mean by these anti-virus apps aren't really needed. Any true "threat" to your device is very very unlikely to happen, and the average user with common sense really need-not worry too much about it.

    I simply want people to remember that that 2% of an actual threat does exist, and not to just go insane (but I'm one of those people that is a security nut, soooo..hah).

    Thanks for your post, I appreciate it.
     
  11. v01rider

    v01rider Well-Known Member
    113

    what about a firewall?
     
  12. Scarlett920

    Scarlett920 Well-Known Member
    36

    May 20, 2010
    54
    4
    36
    Education Field
    New York City
    Thanks for this great thread. I wasn't sure if I needed an anti-virus app. I'm not overly downloading anything.
     
  13. stephenmg

    stephenmg Member
    16

    May 20, 2010
    14
    6
    16
    Seems pointless. traditionally, linux based OS don't open ports that don't need to be open.
     
  14. v01rider

    v01rider Well-Known Member
    113

    true that. i was just curious! :cool:
     
  15. keatre

    keatre Well-Known Member
    Thread Starter
    68

    Nail on the head. Besides, mobile exploits through ports are few and very far in between.
     
  16. AzteCypher

    AzteCypher Member
    46

    Jun 27, 2010
    14
    6
    46
    Male
    Clinical Application Specialist III
    Texas
    Thanks for the info! I was starting to wonder whether I needed an antivirus.
     
  17. Crodley

    Crodley Well-Known Member
    53

    Jun 10, 2010
    343
    67
    53
    What if I don't care if you read what I'm sending and receiving? As far as me texting, it's usually a "OK" or a "NO" :) So read away. But can people access things like my contacts or my SD card from an open wireless network?
     
  18. vgsantiago

    vgsantiago Well-Known Member
    38

    Nov 5, 2009
    196
    21
    38
    I simply use Lookout for it's missing device feature, and if happens to find a virus although so slight the chance of picking one to begin with, it's piece of mind.

    Lookout doesn't seem to kill my battery anymore than not having it.
     
  19. htc.EVOlution

    htc.EVOlution Well-Known Member
    163

    May 10, 2010
    929
    839
    163
    I have lookout running too.
     
  20. RiverOfIce

    313

    Mar 30, 2010
    1,715
    1,254
    313
    In exile
    Can you add one more?

    Security in numbers, if you download an app that is older then 1 month and has be downloaded hundreds if not thousands of times and has high reviews, it is probably safe. If someone thinks anything ruined their phone, they will complain.

    It is called the penguin approach and it is a really sound one. Do not be the first in the water. When you see everyone else swimming safely, then jump in. If it is just you and a other penguin, push him in, see what happens.

    Never been the first to download and use something, always wait. If it is a virus, chances are that they will find out first and complain.
     
    old.blue likes this.
  21. stephen866

    stephen866 Member
    18

    Nov 27, 2009
    23
    15
    18
    [FONT=Trebuchet MS, Arial, sans-serif]My weekly email from lookout says :


    [/FONT][FONT=Trebuchet MS, Arial, sans-serif]Lookout handled 2 security events[/FONT]
    [FONT=Trebuchet MS, Arial, sans-serif]Virus scan completed: Files scanned: 207. Infected files found: 0. Files quarantined:

    Security event ?
    Is there a log ?
    [/FONT][FONT=Trebuchet MS, Arial, sans-serif]Iv'e checked the settings and cant seem to find a log of any type .

    Oh and on the Lookout website also.


    [/FONT]
     
  22. novarider

    novarider Well-Known Member
    43

    Jun 29, 2010
    448
    30
    43
    What about super security? It has a lock feature so If you loose your phone you send it a text with a code and it locks your device so it can't be used. That's the only real reason I use it
     
  23. jennypatel

    jennypatel New Member
    5

    Aug 20, 2010
    3
    0
    5
    If you want the super security for your android phones then you must the paid anti virus. These anti virus software can help you out in preventing your phone from unwanted data, malicious software and the intruders.
     
  24. GiftedPlacebo

    GiftedPlacebo Well-Known Member
    73

    Apr 22, 2010
    179
    94
    73
    I'm an IT manager and agree wholeheartedly with what you're saying. In my experience, the biggest risk of personal data loss/theft is with physical loss of devices. To that end, I'm running Wave Secure which allows remote wipe/lock/tracking on your device.

    https://www.wavesecure.com/wavesecure/android.aspx

    [​IMG]
     
  25. najaboy

    najaboy Well-Known Member
    53

    May 3, 2010
    390
    68
    53
    And they can dick up your phone. As has been stated time and again, AV is not needed. As there are no virii "in the wild" for Android, such programs are nothing more than feelgood snake oil.
     
Tags:

Share This Page

Loading...