Related
"New mobile virus goes 'old school'
"A new virus is relying on some old tricks to infect Windows Mobile users. The so-called 'companion virus' attack uses a method of assuming the identity of an existing file and moving the old file to a different location.
The virus then runs itself when the original file is called, often loading the displaced file after the virus code has been executed.
Advertisement
When researchers at McAfee first examined the virus, they were surprised to find that such an infection technique was still in use.
"This was a bit odd since companion viruses used to be more popular in the days of DOS and we haven't seen too many on newer platforms," wrote McAfee researcher Jimmy Shah in a blog posting.
Other elements of the virus are quite modern. The code itself is encrypted and polymorphic, allowing the virus to rewrite its own code to avoid detection by security software."
More info: http://www.vnunet.com/vnunet/news/2230514/mobile-virus-goes-old-school
Maybe it's about time to load an antivirus app just to be on the safe side??? I've not bothered with one because I'm afraid it'll slow down my device but if I can have one that can have the realtime scanner disabled when I want it would be great.
Are there any WinMo AV's out there? I have yet to see one...
As long as you do not surf untrusted websites like porn, your device is almost impossible to be infected.
I wonder what the "payload" of the virus is?
Hi Guys,
Is this sort of protection necessary? Have you or anyone you know that uses Windows Mobile had problems with a virus on their device? It seems that this product is aimed more at the corporate user who carries sensitive information on their device.
I have been using mobile platforms since Windows 2003 SE and never encountered any issues with viruses, however i have now a HTC Touch HD with WM6.1 and since it's getting more advancd everyday, I'm kind of worried if there is anyvirus which can damage my device. I'm not worried for data loss, because I sync with MS Outlook and both verison (Outlook and Mobile device) are syncronized on a daily basis, so I have a backup. I'm also trying the beta version on microsoft "My Phone".
For the vast majority of people, compeletely unnecessary. At this point there are very few viruses written for mobile platforms. I think you can count the total (all platforms, not just WinMo) on one hand. You'd just be taking up valuable resources on your device. I suppose if you do all your banking, have alot of critical / private info stored on your device, and install anything / everything you come across... then maybe.
aldana said:
Hi Guys,
Is this sort of protection necessary? Have you or anyone you know that uses Windows Mobile had problems with a virus on their device? It seems that this product is aimed more at the corporate user who carries sensitive information on their device.
I have been using mobile platforms since Windows 2003 SE and never encountered any issues with viruses, however i have now a HTC Touch HD with WM6.1 and since it's getting more advancd everyday, I'm kind of worried if there is anyvirus which can damage my device. I'm not worried for data loss, because I sync with MS Outlook and both verison (Outlook and Mobile device) are syncronized on a daily basis, so I have a backup. I'm also trying the beta version on microsoft "My Phone".
Click to expand...
Click to collapse
If you would use search button you would find this: http://forum.xda-developers.com/showthread.php?t=386490 and this http://forum.xda-developers.com/showthread.php?t=317441&highlight=antivirus, and probably more threads!
Cheers
Absolutely not. I'm pretty paranoid, so I bought a one year license for Norton Smartphone Security, and after almost 8 months of use, I realized that the only thing it had done to my device was slow it down. One feature of NSS is the ability to see every virus definition it had in its database. You want to know how many viruses there were in its definitions? About 12, maybe a couple more by now.
And after reading up about each one on Symantec's site, I learned that most of them affected Symbian phones, and the viruses were from obscure sites you shouldn't go to anyway. So unless you go to every site in the Internet, run every file you find you can download, and then somehow disable hard resetting in the event you get a virus, there is no reason you would need any mobile Anti-Virus.
Dave
PFW
I agree that today there's no much risk at all...but i use it mostly because of the personal firewall...i think today there are more chances to be hacked when you are connected to a network than being affected by a virus....so i use it with real-time scan disable and personal firewall enabled....
as virus's don't port
nobody bother sending
virus's for mobile to random
mail addys hoping they happened to
be opened on a wm device
the market is still too small
same deal with infecting sites with viral
so wm users get it also most people here
don't use Pie because it's a rather poor browser
I personally see the few wm virus's as more like
proof of concept then anything else
a few weeks ago when they had their security
thingy and they hacked all the browsers pretty fast
nobody did managed to hack the mobile devices
why?
because they're just soo much more secure then desktops?
or
because they're still too few for them to bother doing the work to find
the holes?
I think the later
some day it will be impotent but not yet
If your a member to this site chances are that you are flashing, ehem flashing often, so if this is the case you needn't fear. If the a virus where to be inseminated into your little device---Simply hardreset and start anew. My 2 cents. Even if i had a virus scanner and a virus was indeed detected and disposed of, I would still hard reset. Therefore pocket virus scanners are superfluous in the pocket oc world. Just hardreset it and forget it!
With all the MMS I get forwarded, it's cheap insurance. Symantec can't even support WM6.1, so I haven't bothered trying with 6.5. There are others, however, that seem to be quite stable with both WM versions, and take up little resources.
i have a touch hd and i was stupid enough to get a virus by downloading games and themes by torrents (thats my punishment for doing somthing illegally) anyway symptoms include: changing dates and times on the clock which means all my messages and calls where all mixed up, intermittently blanking my phone book (but the numbers were not wiped off the sim) i just couldn't see them, the storage card wouldn't show up, the battery would go flat in 3hours with absolutely nothing going and the phone was freakin slow took 5min to get into my photos. it turnes out there was a hidden file installed on the phone as autorun.inf you delete it then the phone works but it comes back to terrorize you.
avg pop up as soon as i connected the phone to the pc.
that sounds more like your phone was screwed.
A virus written for a phone will not run on a PC as its a "diferent language" and api's etc. It would be very suprising of AVG desktop to detect a windows mobile virus on a phone....
In my attempt to get the most out of my WM powered device (HD2) i could not help realizing that windows mobile is not among the targets of big software names like Yahoo, Skype, Fring, Google and what's more intereseting not even by Microsoft...
Take for exemple Google... it has it's Android... and the thing that it is best at is integrating anything google related into android phones: mail, calendar, contacts, photos, maps... you name it.... and they do this out of the box... and with the best user experience keeping the looks of the web based counterparts...
Yahoo and Skype... they both have IM clients for Android, Iphone, Symbian, Blackberry... but NOT windows mobile... WHY?...
Fring is perfect with anything but WM
Iphone and Android are so new on the market yet everybody supports it asap.
As for Microsoft you would've expected at least to integrate their own apps into windows phones... but they don't... They have the live app wich integrates messenger, contacts and mail... but not in the best way... I would've liked to see something to directly make a space entry from your phone's interface, to directly publish a photo or to send a file to skydrive... to have calendar synced at its full web potential... i know you have the exchange emulation like google but what about alternate calendars...
Bing is another thing... we have to install it your self instead of beeing fully integrated into your windows phone....
So the question is how come WM lost terrain being that it is the oldest on the market and has such a computing power in support of it (I guess we all agree that MS is a giant)?....
WM was designed for business, hence why it has excellent integration with exchange email/calendar/contacts/etc. It also has the PDA version of office built in.
Skype works on WM6.5, there's a thread on it in the HD2 section.
You can set up your yahoo/google/hotmail accounts in seconds on it.
MS were slow (and looking at WP7 they're going backwards) on the mobile market, back when they started the market was for pocket PCs, people wanted a version of their desktop computer which could be carried in their hand, so making the interface similar was what people were after.
They didn't consider the consumer market really and got complacent. WM did the job it was designed for, which most of their customers wanted, so why change?
Then the mobile market took off, other manufacturers such as HTC took advantage of the business design of WM and created user interfaces such as TF3D/Sense. SPB have also created an excellent interface called Mobile Shell 3.5, I recommend installing the trial version and giving it a go.
MS didn't have much in the way of a development team behind WM, there was no perceived need, and it has no "cool" image to go with it, so there's a small market share, hence the lack of "Times Online" type apps for it while the iPhone is supported.
Why on earth would you want to install Bing though?
xaccers said:
WM was designed for business, hence why it has excellent integration with exchange email/calendar/contacts/etc. It also has the PDA version of office built in.
Skype works on WM6.5, there's a thread on it in the HD2 section.
You can set up your yahoo/google/hotmail accounts in seconds on it.
MS were slow (and looking at WP7 they're going backwards) on the mobile market, back when they started the market was for pocket PCs, people wanted a version of their desktop computer which could be carried in their hand, so making the interface similar was what people were after.
They didn't consider the consumer market really and got complacent. WM did the job it was designed for, which most of their customers wanted, so why change?
Then the mobile market took off, other manufacturers such as HTC took advantage of the business design of WM and created user interfaces such as TF3D/Sense. SPB have also created an excellent interface called Mobile Shell 3.5, I recommend installing the trial version and giving it a go.
MS didn't have much in the way of a development team behind WM, there was no perceived need, and it has no "cool" image to go with it, so there's a small market share, hence the lack of "Times Online" type apps for it while the iPhone is supported.
Why on earth would you want to install Bing though?
Click to expand...
Click to collapse
This is exactly why Microsoft has utterly failed in the mobile space. People DO NOT want their desktop PC in their pocket. They just want a subset of their desktop, plus all the advantages that a mobile device offers. Apps, location awareness, always-on connectivity, etc. Nobody cares if you can edit a spreadsheet on your phone. Why would you want to do this in the first place?
Microsoft has failed to deliver anything "new" to the mobile space, and watched Google and Apple completely dominate the smartphone market. And Windows Phone 7? Another doomed failure from Redmond. It took them 4 years to copy Apple. Even RIM has better developer support than Microsoft...
Speaking of RIM, I think it's safe to say that Windows Mobile as a business platform has been a failure since the monochrome Blackberry days. RIM has been dominating there for quite a while.
So where is it that Windows Mobile fits in? Another me-too iPhone wanna be, or maybe the #2 or #3 business-oriented smart-phone OS? Meh...
xaccers said:
Why on earth would you want to install Bing though?
Click to expand...
Click to collapse
I don't! but it was a clear example of not integrating even their own software out of the box...
as for the rest... one of the sides of the question was why the others are not considering WM as a viable platform to deliver their products?... all WM just have to find third party apps or "workarrounds" for them to work...
ccezar2004 said:
one of the sides of the question was why the others are not considering WM as a viable platform to deliver their products?... all WM just have to find third party apps or "workarrounds" for them to work...
Click to expand...
Click to collapse
Here's the funny part:
Microsoft tried to BRIBE iPhone developers to port their apps for Windows Mobile. The result? Most said "go screw, your platform sucks."
That pretty much sums it up... They can't even get people working on Windows Mobile by paying them. .NET is a decent foundation, but development for a mobile device requires the right tools for the job. Plus, being 4 years behind the curve, it's going to be hard for M$ to get critical mass at this point.
The shocking thing is, they already have a successful product with a healthy developer community: The X-Box. Why they didn't look to that team for inspiration is beyond me...
Honestly, they should just give up. Most former WM people I know switched to Android long ago. I don't see any reviewers or users tripping over themselves to get the next Microsoft phone like they do for the next iPhone, Blackberry, Android, etc. Same goes for Zune and numerous other Microsoft train wrecks.
Windows Phone 7 will turn out to be just as lackluster as 6.5 - which is a good thing, because Android could use a few more users
HamNCheese said:
This is exactly why Microsoft has utterly failed in the mobile space. People DO NOT want their desktop PC in their pocket. They just want a subset of their desktop, plus all the advantages that a mobile device offers. Apps, location awareness, always-on connectivity, etc. Nobody cares if you can edit a spreadsheet on your phone. Why would you want to do this in the first place?
Click to expand...
Click to collapse
I said "wanted" although many, including myself, still do.
It's the reason why WM is being renamed WMC rather than being dropped, because there are so many users out there who require a hand held versatile computer and WM does that job exceptionally well.
White collar business users need something well established which can edit office documents, seamlessly and reliably sync with their email system. They also want something flashy with an impressive screen. WM answers these needs perfectly.
The great unwashed want just the things you mentioned, in a handset which wows their friends and gains them kudos. WM can wow people, but it will never have the "coolness" of an iPhone, nor will android.
Will we see another WM phone? There's talk of a business version of WP7 which may be close but most likely not as good. Perhaps if when WP7 goes the way of Kin they'll sack the whole team and go back to WM.
RIM have a headstart on office phones because they answered a need which MS ignored, as they were too into letting manufacturers decide what the devices should be. Like the iPhone, most people/businesses go with RIM not because it's the most suitable for their needs, but because other people use it. Blackberrys are clunky, unreliable, awkward to use and a PITA to support.
xaccers said:
I said "wanted" although many, including myself, still do.
It's the reason why WM is being renamed WMC rather than being dropped, because there are so many users out there who require a hand held versatile computer and WM does that job exceptionally well.
White collar business users need something well established which can edit office documents, seamlessly and reliably sync with their email system. They also want something flashy with an impressive screen. WM answers these needs perfectly.
The great unwashed want just the things you mentioned, in a handset which wows their friends and gains them kudos. WM can wow people, but it will never have the "coolness" of an iPhone, nor will android.
Will we see another WM phone? There's talk of a business version of WP7 which may be close but most likely not as good. Perhaps if when WP7 goes the way of Kin they'll sack the whole team and go back to WM.
RIM have a headstart on office phones because they answered a need which MS ignored, as they were too into letting manufacturers decide what the devices should be. Like the iPhone, most people/businesses go with RIM not because it's the most suitable for their needs, but because other people use it. Blackberrys are clunky, unreliable, awkward to use and a PITA to support.
Click to expand...
Click to collapse
So let me get this straight... Android, which is out-selling the iPhone at the moment, has failed to "wow" users? And Windows Phone 7 will "wow' who?
If RIM is beating them on Business applications, and the iPhone is killing them on "coolness" - how does Windows Mobile stand a chance?
Frankly, Roz Ho (and that whole team) should be fired. The whole Project Pink / Kin debacle shows exactly how little they understand the mobile market. The acquisition of Danger was one of the worst moves in the long run - all it did was bring pain and suffering to the employees and users.
HamNCheese said:
So let me get this straight... Android, which is out-selling the iPhone at the moment, has failed to "wow" users? And Windows Phone 7 will "wow' who?
If RIM is beating them on Business applications, and the iPhone is killing them on "coolness" - how does Windows Mobile stand a chance?
Frankly, Roz Ho (and that whole team) should be fired. The whole Project Pink / Kin debacle shows exactly how little they understand the mobile market. The acquisition of Danger was one of the worst moves in the long run - all it did was bring pain and suffering to the employees and users.
Click to expand...
Click to collapse
I didn't say android didn't "wow" users, I said it won't have the "coolness" of an iPhone. iPhone is more a fashion item than a smartphone for most people, Apple have spent an absolute fortune building that "cool" image of their products. We know they suck, and android/WM is more customisable/better features/functions, but the great unwashed don't care about that, they just want to be able to show they're "cool" (lame) because they have an iPhone. Someone's already posted elsewhere that his aunt assumed his phone wasn't very good because it wasn't an iPhone.
Android, being an OS and in a similar way to WM, isn't the phone. The combination of the OS and the hardware makes a great phone, such as WM6.5 and the HD2, or the android equivalent. Put the OS on a crappy phone and it's not going to wow anyone. Android have been successful because they have the apps/games that non-sheep want, and its available on cheap phones. I hope they continue to eat away at Apple's share of the market, and continue to improve rather than end up taking a backwards step and following Apple/WP7. Of course, history is littered with the remains of better products which just haven't sold enough (betamax, hydropnumatic suspension, HD-DVD, Amy Studt albums).
RIM are only beating WM through their business model. Once a company has started using BES it's pretty much trapped, it doesn't make financial sense to change, they've paid for the hardware and the licences so they might as well keep using them even if there's a more reliable, functional and cheaper alternative.
In companies, in the UK at least, most people responsible for IT expenditure turn to external companies for advice or decide because they've read something in a magazine that their competitor is using.
External IT companies will have their own preferences for what they suggest; profitability, previous experience, acceptability to business.
Take one of the companies I support who've had years of trouble with blackberrys, they've recently changed network because they were fed up with the handset problems. They've got 40 handsets, that's a lot of money invested in something which often doesn't work. They're still having problems, ironically with the senior managers' handsets which isn't going down well. The users with their own WM handsets set up to sync with the exchange server have never had a problem. Until I arrived on the scene they had no idea there were alternatives.
MS have not pushed the abilities of WM, that's been their biggest failing. They've never acted like they take their handheld OSs seriously. Instead they concentrated on the more lucrative desktop and server business.
At the moment all my bile is being saved for Ray Ozzie (especially after finding out he's the asshat behind Lotus Notes) so I can't spare any for Roz (besides, she's kinda cute).
W7 seems to wow no one of any worth. It looks like it was designed by a new parent after buying their kid duplo bricks
I suppose it could be argued that some of us a "wowed" as to how bad it is.
This thread is degenerating into something else... Therefore I'm closing it.
Message to the OP... Chiar trebuie sa intrebi de ce ? Nu e clar ca Iphone si Android domnia marketu' deacum ? Noi, aici la xda, ne tinem cu dintzii de o epava care se scufunda, dar.. asta e...
Hey mates.
Im looking for a wm 7 alternative to the quite nice app protector android app called Smart App Protector.
What i need is the functionality to restrict my wm7 devices so the users cant enter IE, Settings and other functions than those i want them to.
When a user tries to open the browser on a android device with the smart app protector installed, they get prompted for a password, which is exactly what im looking for.
If there isnt an app that does what im looking for, does anyone know a way to restrict at least internet trafic in IE, i still need data connections, but the users wont be allowed to use data except for 1 app.
My first impression of the wm7 - 7.5 is that its very restricted compared to Android devices :S
Thanks a lot for your help.
A quick for-the-record: No such thing as WM7. Windows Mobile is dead. Although some of the underlying code got re-used in WP7, the upper part of the Windows Phone stack is completely new, and the low-level stuff has changed considerably as well. What you're asking for would probably have been quite easy on WinMo.
On WP7, it's a lot harder. There are three ways I can think of. The first and simplest would be a well-modified custom ROM. Another is to modify the policy system to prevent launching iexplore, settings3, and similar programs, but have an app that (once the password is provided) allows changing those policies. Note that we don't yet have full control over the policy system (as a community; Heathcliff74 knows quite a bit but is busy with his Root Tools project). The third would be to try modifying the registry entries for certain operations. The effectiveness of this depends on whether apps are launched directly (by executable) or indirectly (by GUIDs in the registry). If it's the latter, the launch request could be routed through an authorization app first.
Bear in mind, the only one of these changes that is permanent is a custom ROM. Otherwise, the user could hard-reset the phone (losing all data on it but bringing it back to factory default configuration). It's possible to hard-reset just using the buttons; you don't even need to use the touchscreen.
Thanks for the correction, WP7 ofc
Im rather impressed by the performance of the OS so far, but it has many unforseen restrictions for my needs.
Since i only had the windows phone 7 for 1 day so far, i dont have much knowledge about changing what you are suggesting.
I know what you mean, but no idea how to do on WP7.
A custom ROM would be great indeed, but i dont have any experience in that field. Would be great to get a nice configuration tool with a gui to make the needed changes and then a tool to upload the new ROM to the phone...in that simple order
Im also looking for a solution to install software that was supported by windows mobile. Im checking out cheronwp7 at the moment to see if that can do the trick.
It seems a lot like WP7 is 99% consumer minded than business minded compared to old WM, a bit shame imo.
Hello everybody,
I am currently using an android phone and consider to switch to WP8 after it has been release due to better hardware concepts etc.
I already read that WP7 apps are executed in a sandbox and therefore the whole process aint to be more "secure". Anyhow, Iam not concerned about a virus or malware.
My biggest aim is to keep my data private and to secure my privacy.
Regarding WP7 I could not find any hint about that topic. I cannot imagine that nobody cares about this topic around this OS !?
What I want is the following:
Set for each app what it is able to access (e.g. Access to contacts, location etc.)
Control internet access for each app
Maybe it already exists and therefore nobody talks about it, maybe it is technically not possible.... Just want to know
Thank you in advance for your help.
Regards.
WP7 (and presumably WP8) apps use a "Declared Capabilities" model for controlling access to resources like you mention. That is, if an app wants to access the network, it must declare ID_CAP_NETWORKING in its manifest. If it wants to access your contacts, it must declare ID_CAP_CONTACTS... etc. When you view an app in the Marketplace, you can see what capabilities it includes.
However, there's not really any fine-grained control over such things. For example, if you install an app that wants access to your contacts and your appointments, you can't tell it "OK on Appointments, but no Contacts access" short of modifying the app prior to installing (and if you did that, there's a good chance the app would crash when you ran it). Similarly, there's no user-controllable firewall on the phone; an app that specifies ID_CAP_NETWORKING can access anything that is available on the network.
I believe this is similar to the behavior of stock Android ROMs. The advantage that WP7 (and presumably also WP8, but it's too early to tell) has over Android in this regard is that apps go through a much more extensive review process. If an app needs to access your contacts, for example, it better have a good reason for this access and and it will (well, should) be rejected if it sends them off to some advertising company or something.
GoodDayToDie said:
WP7 (and presumably WP8) apps use a "Declared Capabilities" model for controlling access to resources like you mention. That is, if an app wants to access the network, it must declare ID_CAP_NETWORKING in its manifest. If it wants to access your contacts, it must declare ID_CAP_CONTACTS... etc. When you view an app in the Marketplace, you can see what capabilities it includes.
However, there's not really any fine-grained control over such things. For example, if you install an app that wants access to your contacts and your appointments, you can't tell it "OK on Appointments, but no Contacts access" short of modifying the app prior to installing (and if you did that, there's a good chance the app would crash when you ran it). Similarly, there's no user-controllable firewall on the phone; an app that specifies ID_CAP_NETWORKING can access anything that is available on the network.
I believe this is similar to the behavior of stock Android ROMs. The advantage that WP7 (and presumably also WP8, but it's too early to tell) has over Android in this regard is that apps go through a much more extensive review process. If an app needs to access your contacts, for example, it better have a good reason for this access and and it will (well, should) be rejected if it sends them off to some advertising company or something.
Click to expand...
Click to collapse
I see. So basically this means, that I could edit the manifest file of any application myself and set the level of access I want it to have, but the application will probably not work anymore.
For instance, I have an navigation app that wants access to my contacts to offer me a direct navigation option to my friends place as well as internet access for current traffic information. Do I need to trust microsoft, that they reviewed this app so well that it does not send my contact list to the software company ?!
Moreover, this way I cannot prevent microsoft for example to collect whatever they want from my phone, right ?
It is correct, that stock Android does not offer this function, too. However there is the possibility to root it and have apps installed that control all traffic, even those of the OS itself.
ntech3333 said:
I see. So basically this means, that I could edit the manifest file of any application myself and set the level of access I want it to have, but the application will probably not work anymore.
Click to expand...
Click to collapse
Yes. Applications are expecting to see all CAPs they request, as this is an all-or-nothing thing in WP. If you'd edit their manifest, the application could behave arbitrarily, and it would likely crash because an essential assumption it made - that being either it has the CAPs it requires or isn't installed - isn't applicable anymore.
Moreover, this would require at least a developer unlock, for some applications (for instance Skype) an interop unlock and for some applications (all XBL ones at least I think) a custom ROM.
ntech3333 said:
For instance, I have an navigation app that wants access to my contacts to offer me a direct navigation option to my friends place as well as internet access for current traffic information. Do I need to trust microsoft, that they reviewed this app so well that it does not send my contact list to the software company ?!
Click to expand...
Click to collapse
Yes. There is no way to partially grant permissions.
ntech3333 said:
Moreover, this way I cannot prevent microsoft for example to collect whatever they want from my phone, right ?
Click to expand...
Click to collapse
Microsoft makes the system. If they wanted to hide something in kernel mode, and wanted to hide it from all user accessible APIs, this would be easily done. Simply spoken, if you question Microsoft's commitment to their EULA, WP is the wrong OS for you.
ntech3333 said:
It is correct, that stock Android does not offer this function, too. However there is the possibility to root it and have apps installed that control all traffic, even those of the OS itself.
Click to expand...
Click to collapse
Without a kernel built from trusted sources, hiding data streams from all APIs is always possible for an OS maker.
ZetaZynK said:
Yes. Applications are expecting to see all CAPs they request, as this is an all-or-nothing thing in WP. If you'd edit their manifest, the application could behave arbitrarily, and it would likely crash because an essential assumption it made - that being either it has the CAPs it requires or isn't installed - isn't applicable anymore.
Moreover, this would require at least a developer unlock, for some applications (for instance Skype) an interop unlock and for some applications (all XBL ones at least I think) a custom ROM.
Yes. There is no way to partially grant permissions.
Click to expand...
Click to collapse
A custom rom, unlocking etc. is not an obstacle as long as it is possible and serves the purpose
In general I would assume, that any application should be able to run without an internet connection, since it could be possible that you are just not connected to the internet for some reason ?? Therefore, removing the CAP for internet access by editing the manifest file should not lead to any unwanted behavior. Or is it more like that, that all apps check their CAPs they requested on startup and not only when they want to access some ressource ?
This way it would be possible to remove internet access for any application I do not want to send data somewhere without blocking others and without the necessity to remove other CAPs.
Microsoft makes the system. If they wanted to hide something in kernel mode, and wanted to hide it from all user accessible APIs, this would be easily done. Simply spoken, if you question Microsoft's commitment to their EULA, WP is the wrong OS for you.
Without a kernel built from trusted sources, hiding data streams from all APIs is always possible for an OS maker.
Click to expand...
Click to collapse
Generally spoken, I trust nones commitment to any EULA or something. Microsoft, Apple, Google, they all have such documents and every few weeks something comes out that they are tracking you, (anonymously ) etc. Everytime the answer is something like "oh, what a mistake, of course it was not intended to be..."
Of course I do want have the comfort of a smartphone, a tablet pc or a computer, but I want to perserve and control my privacy to such an extend that I am satisfyed with it.
Even on a Windows computer I have got the possibility to control network traffic, to limit access for certain software etc., even to limit access for the OS. So why the heck nobody is interested to have that on a smartphone, why an smartphone must be an free bazar of private information everybody can have and do what they want with it ?
What I want and hope is, that with WP8 (since it will be the same kernel than the PC version) something like that will be possible. Just like on a Andriod phone, too where you can grant internet access for everything, even for system components individually.
Removing ID_CAP_NETWORKING will result in an exception (access denied, essentially) when the app tries to call a networking API. Since the app is probably not expecting that particular exception, it will probably crash. Some apps may have very broad exception handling on their network code and simply assume that they don't have access, though.
You don't really have any control like you describe on a Windows computer. You can set the firewall, sure, but then you're trusting Microsoft to not have some leak or backdoor in the firewall. You can write your own drivers to hook it at the kernel level, but then you're trusting Microsoft not to have a direct access to the HAL that bypasses the network driver stack. You can re-write the HAL (OK, not practically, but let's say "you could install another OS" instead) but even then you're still trusting the manufacturers of your motherboard, your CPU, your network interface hardware, your router, your modem...
At some point, you have to trust somebody. A big, publicly-held corporation with many users, a clear privacy statement, and a lot to lose if they screw up fits the bill is your best bet in most cases. Microsoft fits that bill just fine.
GoodDayToDie said:
You don't really have any control like you describe on a Windows computer. You can set the firewall, sure, but then you're trusting Microsoft to not have some leak or backdoor in the firewall. You can write your own drivers to hook it at the kernel level, but then you're trusting Microsoft not to have a direct access to the HAL that bypasses the network driver stack. You can re-write the HAL (OK, not practically, but let's say "you could install another OS" instead) but even then you're still trusting the manufacturers of your motherboard, your CPU, your network interface hardware, your router, your modem...
At some point, you have to trust somebody. A big, publicly-held corporation with many users, a clear privacy statement, and a lot to lose if they screw up fits the bill is your best bet in most cases. Microsoft fits that bill just fine.
Click to expand...
Click to collapse
Ok, what should I answer ? If you use arguments like that you can extend it to what ever you want.
At some point you need to be realistic when looking at security and privacy. There always can be/is a way to bypass systems on a low level basis to do what you intend to. So what ? You cannot pervent this in any OS.
But when using a third party software firewall that comes with its own drivers, you can be sure to certain extend that you have your networktraffic under control.
This is actually not the point I wanted to make about WP7 and probably WP8.
I understand, that for example an navigation app wants to have access to your contacts to offer you the option to navigate to your friends place. I also see, that this app wants to access the internet to get traffic information. But I do not want this app to have neither access to my contacts nor to the internet since I cannot know what data will be transmitted to the software developer. I even to not want them to do some statistics with me gps positioning. NO. as simple as that. What I do with my information is what I decide.
So what I especially do not like is, that most people in the world do not care about such facts at all. They are running behind apple like lemmings, willingly giveing them all information they have and being happy that everything works so fine on their device !? What the... ?
Anyway, it does not matter, my questions got answered, I will have a closer look at WP8 when it is out and see if it possible to keep my stuff under my control or not.
First of all, EULAs are a binding contract for the first parties, which means that if such a thing were to come out, and it is not a very obvious (actual) bug in the software (Apple's local geolocation data retention bug and Microsoft's bug in WP7 that may have determined the location before you pressed "OK" in the dialog are definitely such - they give nothing of advantage to the two companies), they have a problem named "breach of contract": There will be legal action by activist in such a case.
Then, your argument is valid, a firewall would be effective if you trusted the hardware and software environment. However, I wouldn't hold my breath for it: Firewalls or capability removers are just not fitting in the image of a smartphone. On Android, you also require root for this (important point here: a 3rd party device unlock, it does not come built-in - and apps could also stop working if you withdraw rights from them, since the code might not be prepared for such a scenario either), on an iDevice and Windows Phone it's not possible. It's very much the contrary of how smartphone makers would like to market their devices, a scenario where you might possibly not trust your apps - this could even scare users away from smartphones.
Therefore it is unlikely that WP8 will come with such a capability built-in. Even though WP8 will be sharing the kernel with WinRT, it should be noted that both, WP8 and WinRT will require mandatory UEFI Secure Boot from OEMs. It's likely that this cannot be broken at all unless every a very significant hole can be found that permits to breach the chain of trust or the devices' firmware can be attacked. Hence, it isn't even said whether WP8 can be rooted. If WinRT does not come with Windows Filtering Platform (WFP), it would be the same situation as is on WP7.
You are right, of course the EULA is the first thing to mention But about what legal consequences are you talking ? They will be fined to pay some million dollar ?! Ok, nice, but they still have my data. In this case they bought the information, that's all.
Anyway, I do not want to be paranoid and of course also here at some point you need to stop
To have root access on a device that you own is natural for me. I bought it, it belongs to me, that's why I should be the master on my device. For sure, this does not fit in the global tendency of "not to care about your device, just make it run", too.
On a windows computer I can have administrator privilidges as well. Why they do not want to give me this on my smartphone that claims to be a computer somehow, too?
By the way, WFP is quite a useless piece of invention. I once experimented with WFP for some software project on a windows computer and found out, that the same way I can change every rule someone created for the firewall, everyone else can do. Means: I created a rule to pervent skype to access the internet. Guess what ? Right, Skype detected that and 2min later it deleted my rule and created an own one to grant access again. What use does such a system have ?
There's a rather simple reason, "root" is a badword for most mobile manufacturers: piracy. On Android, that's a different story because you typically can install side-loaded applications, but on the iPhone or Windows Phone you require unlocks to pirate. Typically, piracy is not a practical option on them until you have a root unlock. (If you take a look at WP7, you either require an interop unlock or a custom ROM to have more than 10 unsigned apps - if you wanted to pirate, that would impose a very tight limit on the extend you can do such. Students are even limited to 3 unsigned apps). Root is something that circumvents the control systems of the manufacturer - something that neither Microsoft nor Apple have interest in.
WP and iOS have - compared to Android - very low piracy rates, so this is paying off. (For that matter, WP is probably more locked down than iOS: It took 8 months to public availability of an unlock for my HTC Titan; iOS is usually broken much faster)
I think you're confusing Windows Firewall with WFP. The latter is just a programming interface in the network stack, which allows applications to inspect, filter and modify packets in the network stack. It does not have any rules you could set therefore. Windows Firewall comes with rules, and Skype will - if it has proper privileges to do so - attempt to automatically permit itself in the Firewall.
About the EULA, no. In literally any modern country, data found to have been obtained illegally will result in a sentence to delete the data, to pay a fine and likely to pay the victims damages.
You see, that is the point. The possibility to decide upon your own device is taken away from you due to fears and prejugdes of the manufacturer. Why it always must be connected with piracy ? It means that everybody who wants to have root access on his device is potentially criminal and therefore it is better not to ask for it. Nice.
If you buy a modern house with automatic controlled sun blinds, heating etc. Would you accept, that there is a control room in your cellar, where only the company that built your house has access to? You are only allowed to switch on and off the light in your house. Even the sun blinds open and close whenever they want and tell you when you are allowed to look out of the window and when not. Just because you have no "root" access to change that and you need to accept it.
Fur sure, it is nice to have such system where the user has not rights since most users are not experts and causing mostly only problems where in the other way the system runs smooth and stable...
About WFP, yes I just saw that with Win Vista and Win 7 they introduced such way of filtering platform. I really mixed it up with the windows firewall manager that is accessable via API.
I never saw in any case where data has been found somewhere that users got paid damages. Did Apple do when they tracked their users ? I think no. Did they delete the data ? No they did not, they excused and said something like "oh, what a pitty, we will change that in our next update" Quite safe, isn't it ?
What you fail to see is that android is riddled with issues due to its openness, it is suffering in exactly the same way WM did, you may laugh of WM but android owes its roots to WM. Apple and MS saw the issues, and did something about it.
Yes that restricts you, but you and those like you, are a tiny minority, simply put they have bigger things to worry about, and that is average jo an jane blogs. they do not need that level off access and giving it to them is one of the reasons 10,000s of computers out there are nothing but bots used for DDOS attacks
Remember, WM was slated for being buggy and slow, the reality was far from that, but the networks and OEMs had so much control over the OS they literally screwed it sideways and the magic effect was that they didn't even get the blame, MS did! (ring any bells with android!)
Why didn't WP take off as well as it could have? easy, because firstly it didn't have cool roots to an ipod, secondly because MS tightened up on the OS so much it pissed off the networks, im sorry to say, its little to do with apps and side loading, that's just the first thing people think of when they are talking about something they know nothing about.
Networks like to do things their way and I think you will see their influence in WP8 a lot more, and because of that more than anything else, the networks will like it more, if they like it they will sell it, then you will see a larger uptake in it and thus more apps
anyhow, that's off topic, fact is this, security will only get tighter and rightly so, as much a that is a pain in the arse for you an I, that is the reality, you may have perfectly legit reasons for full access, but I can promise that most who want it probably will use it for something dodgy, MS and Apple can not afford to have a time bomb on their hands in the shape of android.
I fully agree with you !
Just for the protocol: I liked WM very much and I never considered it as buggy and slow, but ok that's another topic.
The reason why Iam using android at the moment is quite simple. There was no satisfying hardware available for any other system. Iphones are useless, for WM almost nothing was there that could be used as a smartphone and WP was likely to be replaced by something else. I was waiting for years that some manufacturer releases a smartphone that has a 2.3" display like a normal mobile. I hate those laptops people try to use like phones with 4" display and what ever.
Since Iam quit unsatisfyed with the quality of my sony ericsson mobile, Iam looking forward to get a Nokia phone again. Moreover, Iam really no fan of open source software since compatiblity is quite bad and the functionality is mostly not really reliable. Iam a heavy MS Exchange user and I do appreciate nothing more than be completely synchronized with my phone laptop and everything. Only WP8 can provide that... So, Iam dealing with it.