Thread: 2010 sees large scale increase in smartphone trojans
View Single Post
Wikiwide is online now Wikiwide
2011-01-23 , 10:42
Posts: 2,006 | Thanked: 3,351 times | Joined on Jun 2010 @ N900: Battery low. N950: torx 4 re-used once and fine; SIM port torn apart
#7
Originally Posted by n900faniam View Post
How long will it be before the norton, mcafee and avg's of the world start developing and selling anti virus and spyware programs tailored for the smartphone market?

As a small business owner running windows across 15 laptops and a server I can personally testify to the huge business cost of keeping our network safe. It's literally a couple of grand a year minimum.

The issue I see here is that I spend all that money keeping the office network safe but we could see data, confidential leaks and virus threats from our phones. I've issued all of my employees with smartphones (mostly blackberry). These phones are hooked up to our office network through laptops on a daily basis.

Will Norton on a laptop detect a virus or trojan on the smartphone or do I need a whole new security protocol running on our smartphones to have some gaurantee of security across every aspect of our network? And at what cost?
Disclaimer: I use one Maemo 5, one Windows (non-Aero interface), and sometimes have a look at Ubuntu. Not expert in any of these operating systems.

There are rumours that any Linux has firewall built in, and the only thing you need, is to set it up (everything blocked, except the white-listed sites, and you have to trust these sites). And of course, keep Linux and all programs on it up-to-date. Install programs only from official repositories. Read manual thoroughly. The well-known flavours of Linux are: Ubuntu, Debian, Fedora, and maybe, some others.

What kinds of leaks and threats on phones? Is it based on social engineering (don't laugh, that's how Google was attacked less than a year before and had large quantity of source code stolen) or on out-of-date software or on up-to-date-closed-source-software-holes-which-aren't-patched-by-software-creator?

And on Windows, use up-to-date Firefox with NoScript and AdBlockPlus. And keep Adobe Flash turned off most of the time. And run programs as limited user as long as you can.

Originally Posted by rich c View Post
Rumours? Nope. That's pretty much how I run my home network. Not sure what you're getting at on the white-list point though... Total cost of protecting my Linux machines? £0.
When saying "rumours", I mean, that I haven't actually tried it myself, and I haven't heard a research which would say that:
Linux with its default firewall set up properly
is more resilient against DOS, DDOS, virus, trojan, drive-by downloads and other threats than:
Windows with its default firewall set up properly;
and
Mac OS (X) with its default programs set up properly.

I know, Windows Firewall is a joke which can be bypassed and turned off by malware. But I yet to hear somebody announcing Linux the most protected OS officially. Though I would be willing to believe that.
http://www.securiteam.com/exploits/6A00J0UBGS.html

White-list point is: you cannot know everybody who attacks you, but you can know all your friends. So, instead of black-list use a white-list. It should be shorter and easier to maintain.

The cost of protecting Linux is learning to use it. And it will be difficult to get "guaranteed" support for money (like Apple Care) while relatively easy to find free no-guarantee support.
Last edited by Wikiwide; 2011-01-23 at 11:43.
 

The Following User Says Thank You to Wikiwide For This Useful Post: