Related
Hi everybody
Ive been around thousand of threads on xda-dev and couldn't find any official one for Anti-Virus. That's the main reason why I'm starting this new thread and also because Anti-Virus on Pocket PC are growing more and more. Actually we are not safe but we don't care until we get infected and that will be too late, with most of the time the only solution a hard reset.
Let's discuss and compare in this thread the different Anti-Virus SW available on the market today, and bring out positive/negative points based on our experience. It will be benifit for everybody ...
I know everyone hates Norton/Symantec but I was on the beta testing team for Norton Smartphone Security Premier Edition since day one and it is very friendly and easy to use.
http://www.symantec.com/home_homeoffice/beta/overview.jsp?pvid=nssp1beta
Actually I was using Symanter antivirus for handheld on my QTEK 2020i WM2003SE and that's true it is user friendly and worked fine, with virus definitions updates very ofently.
I was unable to install it on my HTC Athena WM6
Do you know is there is any version coming for WM6 Pumpiron?
I checked you link and it's different from what I used to have on my old device.
Ill download this beta and try it.
I'll let you know what I think about it, if it slow down the machine etc ...
It did not on mine and when I uninstalled it, it was gone...no traces..part of the beta testing. I did uninstall from my desktop, not my PPC
I am curios, how does this effect your device speed and performance?
What is the CPU and memory usage (in reality, not what stated on the site)?
I have Symantec on my XP PC and it sucks big time (does the job for the most part, but very slow and heavy).
eTrust came pre-installed on my Jamin, but that is an even bigger atrocity!
Another question - do they have a list for PPC viruses on their site like they do for PC ones?
The only PPC virus I heard of was a harmless proof of concept that could make files display a pop-up message and did not reproduce.
If real viruses for WM systems are already out there (I know its a only matter of time) I would be interested in reading up on them to know what I am facing.
Also, anyone actually caught a virus on a WM machine and can share the experience?
Here are my first impressions:
1 - The Startup time of my Athen after a soft reset has increased by around 20 sec, this because Symantec is loading on the startup.
2 - I didn't noticed a slow down during normal utilization of the device, but it's really early before concluding on that point because I need to try different applications.
3 - When I first connected to the Internet via WiFi, even the connection were established, could not load the pages having an error "page not found"
but after 15sec everything is back to normal and connections to Internet was not a problem at all.
4 - I just suffered a Freeze but not sure it is due to Symantec, because i've been suffering frequent daily freezes on my Athena since I upgraded to WM6.
But the freeze came this time while using the Antivirus SW
5 - The package is composed by an AntiVirus, a Firewall, a Norton Secure Folders utility and a Norton Tools utility.
6 - Also note that after finish installing it, it force you to set a pin code that you will have to enter everytime you soft reset your device. I tried to disable it but it won't let you do it
I'll give more details about the package in a different post after some testing
levenum said:
I am curios, how does this effect your device Another question - do they have a list for PPC viruses on their site like they do for PC ones?
Click to expand...
Click to collapse
You can check the list from the SW installed on the PPC
Just applied live update over WiFi and basically there are 5 in the list:
EICAR-TEST-FILE
WinCE.Duts.A
Backdoor.Brador.A
Trojan.Redbrowser.A!jar
MSIL.Cxover.A
Definitions : 04/06/07 ver 2.0
As promised, here is my feedback on the tools provided in the package:
1 - Norton Antivirus
Very friendly and easy to use, from the menu u can access the options for the Antivirus, the Scans, the AntiSpam, Updates and Proxy config. You can also access the quanrantined files, the activity log and the virus definitions list. Manual scan and automatic scan can be performed.
2 - Norton Firewall
I didn't really understood how we use the Firewall function. Basically when you start it you have a tab showing the security level. It is have different security levels for World (the highest), Office, Home and Open Sapce Networks (the lowest). Also you can not modify them at all. You can access a second tab called Events by severity in last and a third tab "Event list" which show in details all the events that happened on your device, like soft reset, login success .... very weird as we can not reset this list, also we can not change any parameter in the Norton Firewall, everything is set by default
3 - Norton Secure Folders
from what I guessed, this utility allow you to choose folders on your device and set them as secure. I don't know what it does exactly but I think it should encrypt the data inside the folder so it's protected in case you have been attacked by a trojan who collects your data and send it to the pirate.
You click on menu->Add->then you choose from the list Device, Mircrodrive or Storage Card if you have one. Then you type the name of the folder you want to secure.
I did a test, I choosed Device, and kept the folder name blank and clicked on ok. It added the "secure folder" under device. if you try to remove it you will have this warning "Removing the secure folder will destroy all data in the folder. do you really want to remove it?"
4 - Norton Tools
It contains 2 utilities, GetUUID and Lock
GetUUID will display on the screen 2 series of digites
the first one don't know what it is and second one is your IMEI
I guess this info is needed when the final version is released and
you need to register the SW
Lock utility display the following message when u click on it
Encryption may take several minutes. Pls wait for the device to power off.
If you need to soft reset, pls wait until encryption is completed and the
device powers itself off.
I clicked on yes, so the device start encrypting something .... then the screen turned off. I turned it on using the power button and it displayed to me the password screen which I entered. then it displayed the message decrypting for about 30 sec, then I had my normal today screen ...
Im wondering if it does not encrypt/decrypt the secure folders you
already chosen using the "Norton Secure Folders" utility.
Ive wrote to Symantec asking them for a manual or user guide, hopefully they will reply.
I have rated this SW 3/5 on their site, mainly because it is not clear what all utilities does and because Firewall is set by default and noting can be changed.
Hope my feedback will be usefull, and I hope other users will bring to us their experiences with the different Anti-Virus SW they have used on their Pocket PCs.
Just as I suspected, no real viruses just a nice proof of concept that asks you if you want to try it:
WinCE.Duts.A
A back door that needs to be run and does not spread:
Backdoor.Brador.A plus it would be useless if you are on GPRS/EDGE/UMTS or behind a NUT router.
This one seems like it could actually be trouble, if:
a) you leave in Russia
b) you are stupid enough to believe you can get WAP pages through SMS and that it would be cheaper than GPRS
c) you can get it to work on PPC.
Trojan.Redbrowser.A!jar
This one though, I have to admit is rather clever - using .NET to run both on PC and PPC amd is fairly destructive:
MSIL.Cxover.A
It is still unclear, however how its spreads from PC to PC (presumably you have to download and install / run it).
Of course given the fact that many people save their docs on SD and not the default My documents folder and that they do not disable security completely on their WM 5 and up devices (which are becoming majority these days) the effectiveness of this worm is more than questionable.
Well I still think it is too early to actually by this kind of apps. Also I think that as with many other programs the same "heavy" approach that works on PCs with many resources will not work well on PPC (not the way they are today). A different solution to virus protection needs to be found to be useful.
But hey - thats just my opinion...
So from what ive read its still to early to be using a resource draining av on the ppc? If this is the case, how about Spybot S&D? Is spyware more of a threat than viruses? are they really that much different? I find that spybot updates more regularly(when i connnect wifi).
as with virus's i believe that have to be made to support ppc's
in which case maybe due to spyware makers lack of innovation
that market have yet to take off
WingChan: whether to use the software or not is a personal decision - my belief is: given the list of threats it is too early. Also I believe that the method used to protect against viruses on PC is not suitable for PPC because of the resource requirement. Something more efficient needs to be invented, perhaps taking advantage of difference in architecture between WM and desktop - like the fact that system files can not be corrupted but only hidden.
Note that BigDede preformed the test on HTC Advantage which has a 600+ MHz processor if I am not mistaken. I doubt the app would be as unnoticeable on my 200MHz Prophet.
But it is only a matter of time before someone writes a real and damaging virus for this platform as it becomes more and more common. So if you really value the info you have on there you might want to get protection already - although a good and frequent backup would be much better.
I haven't heard of spyware for Windows Mobile, only major one for BB - any one got any news on this?
There is a major difference between spyware and viruses:
Viruses try to cause as much damage as possible and their effects always become visible sooner or later, in many cases almost immediately after infection.
Spyware on the other hand, needs to hide and tries not to interfere in device operation as much as possible and show no sign of activity.
levenum said:
WingChan:
There is a major difference between spyware and viruses:
Viruses try to cause as much damage as possible and their effects always become visible sooner or later, in many cases almost immediately after infection.
Spyware on the other hand, needs to hide and tries not to interfere in device operation as much as possible and show no sign of activity.
Click to expand...
Click to collapse
Very good explanation of the differences between Viruses and Spywares.
I agree also that it is too early today to really worry about having protection, but I prefer to be ready instead of regretting and wishing I had some protection.
Very good remark as well regarding the frequent backup ...
Need Help
Hello Everyone,
I'm not a developer, but I found your thread on this subject via Google and was hoping I could ask a question...
I'm able to download the Norton Smartphone Security Premier Edition Beta version, but when I try to install it (which I assume must be done first to my laptop, followed by sync'ing my laptop with my 8525) a "Self-Extracting Archive" window comes up that says: "Warning, one or more files skipped". This occurs when the installation process reaches "Extracting: SUPPORT\START.ICO 100%".
Does anyone know what I'm doing wrong?
Many thanks for your time!
A. J.
ajbt said:
Hello Everyone,
I'm not a developer, but I found your thread on this subject via Google and was hoping I could ask a question...
I'm able to download the Norton Smartphone Security Premier Edition Beta version, but when I try to install it (which I assume must be done first to my laptop, followed by sync'ing my laptop with my 8525) a "Self-Extracting Archive" window comes up that says: "Warning, one or more files skipped". This occurs when the installation process reaches "Extracting: SUPPORT\START.ICO 100%".
Does anyone know what I'm doing wrong?
Many thanks for your time!
A. J.
Click to expand...
Click to collapse
Hi
Maybe this warning is not a big deal, have you tried to install it by double clicking on the start.exe file ???
G.S./BigDede,
Thanks for the reply. I really appreciate it.
If I understand your recommendation, I don't think that gets me where I need to be. However, it could always be user error on my part.
When I try to "Setup" the file I downloaded (called "NSSPB.exe") from Symantec, a window comes up that contains a button that says "Install". However, after I click on it, it gets to a point in the installation process that shows "Extracting: SUPPORT\START.ICO 100%", and the process simply stops and a small window comes up that says: "Warning, one or more files skipped".
In essence, it appears I have recieved the entire 4.04 MB of program files I downloaded, but something goes askew when I try to extract/install them.
I'm stumped...
Thanks again, A.J.
I'll extract the files and will zip them for you.
Send me via PM your email adress so I can send you the zip file
Cheers
I switched to linux on all my computers to "avoid" viruses and have peace of mind. With my complete rom backups, do I need to have another memory hogging app (anti-virus) running in the background of my phone and tablet? I'm just really curious why it would be needed...
There are quite a few Anti Virus apps available, but I haven't heard of any Viruses!
Once there is confirmed news of a Virus attack on Android, I will install an app
No, anti-virus in not needed on Android. It is Linux-based and keeps apps running in their own sandbox. Just be careful about what apps you give superuser permissions (if you have your device rooted).
One possible area of concern may be when you do hook up your device with a Windows PC over USB, your SD card may get infected and in turn infect other PCs. But Windows viruses have no influence on your Android system itself.
You don't need an anti-virus application on Android. There are no viruses for Android (as of yet) that will infect your system without you explicitly giving it permission to do so. If you do not have a rooted device, the potential damage that can be caused by a malicious application is quite limited (but it could still run your phone bill up, for example). There have been some web scripts in the past that allowed access to your phone's SD card, but these security holes have been fixed in the latest builds of Android.
The best course of action is to be smart about what you install. Always look at the permissions that an application requests before you install it. There are also several permission managers available on the market. These applications require root access, and will block other applications in the system from being able to request certain intents (i.e. starting the camera, or phone)
workdowg said:
I switched to linux on all my computers to "avoid" viruses and have peace of mind. With my complete rom backups, do I need to have another memory hogging app (anti-virus) running in the background of my phone and tablet? I'm just really curious why it would be needed...
Click to expand...
Click to collapse
That topic comes up a lot, and is hotly debated. Here's one article that discusses the issue, and gives some advice:
Avoiding Malicious Apps
I have installed one..but never found a virus...so I think we don`t need it
definitely not needed.
yeah there is definitely no need for anti-virus.
but be cautious of some apps that install apps ads in your notification bar. it gets annoying.
Thanks all! I was certain that was going to be the consensus. In my "windows years", about 20, I never got anything more than some adware. Just need to be observant and wary. Some things that are "free" cost more in the end.
This is just some random thoughts as at the moment, I'm not for one or the other.
I like rooting and experimenting with different ROMs as much as the next guy, but when I read about Samsung Knox, I think I like it too.
With Knox, I can finally saved all my private data in a Knox container and never worry about it falls into the wrong hands.
I never used any password manager like Keepass on my phone so far, it was because I never knew if the app I just installed yesterday would sip out my passwords and quietly pass them to a remote server without my knowledge. How do I know after I unlock Keepass that another app wouldn't suck out all my passwords? I don't.
Same for other personal documents that I scanned and stored on my phone. Without Knox, I will never know if they stay only on my phone.
I wish we can have Knox and also can root with impunity
Did I understand it correctly?
Thanks for any inputs.
Keepass saves passwords in an aes256 encrypted file and runs with a localized secure enviroment (though I'm not sure on the details of this security). As an open source program this can easily be tested however. As a closed source program, Knox (or any number of other password managers) are much harder to test against exploits. I know exploits have obviously been found and fixed by the Keepass team, as with any security software. However I've never seen a good reason to mistrust Keepass over other password managers.
As for the details of Knox, I can't say. But from what I've read it seems like container based encryption. There are other container encryption apps but I don't know much of anything about them. I just use my laptop for that.
Remember, unless your whole device is encrypted, unlocking the encrypted container and viewing the files within will leave traces in the file system which can be pieced together by a competant snoop. Since mobiles are easily stolen compared to other computers, this needs to be kept in mind when working with secure documents.
E_Phather said:
Keepass saves passwords in an aes256 encrypted file and runs with a localized secure enviroment (though I'm not sure on the details of this security). As an open source program this can easily be tested however. As a closed source program, Knox (or any number of other password managers) are much harder to test against exploits. I know exploits have obviously been found and fixed by the Keepass team, as with any security software. However I've never seen a good reason to mistrust Keepass over other password managers.
As for the details of Knox, I can't say. But from what I've read it seems like container based encryption. There are other container encryption apps but I don't know much of anything about them. I just use my laptop for that.
Remember, unless your whole device is encrypted, unlocking the encrypted container and viewing the files within will leave traces in the file system which can be pieced together by a competant snoop. Since mobiles are easily stolen compared to other computers, this needs to be kept in mind when working with secure documents.
Click to expand...
Click to collapse
Thanks for the comment. When I tried Keepass on my PC, as soon as I enter the master password, all passwords are visible. So I just assumed that any malware running in the background can suck them all out and ship them 'home'. With knox, if I understand correctly, nothing can go out once it's in the container. Nothing can get into the container from outside the container either. I'm already using Android whole disk encryption, but that doesn't prevent data from being 'sucked' out without our knowledge when we are using the device. It's good only to prevent data from being accessed if we lost the device.
I use Truecrypt container on my PC, but once we unlock the container, everything is visible by the whole system. Unlike Knox container. So I think Knox does have its value.
some keyloggers can read the clipboard data of password managers (this is why a number of secure inputs dont allow the pasting of passkeys), and I suppose it is possible to intercept the video data and essentially send screenshot data. This is beyond the real strength of a password manager. The Knox idea of keeping it in the container yet reading it is interesting. Do you know of a desktop equivalent? I had previously thought unlocking the container would open it up for any malware present.
i share many of the same opinions with you, but as many other people are concerned, and very much turned off, if this is going to impose hardcore restrictions on rooting and installing custom ROMs, then i'm not sure what to think of knox. it IS there to secure stuff, so it's sort of a slippery slope deal. i guess for the non-experimental people who use vanilla TW and all that, it's a luxury.
this article, though a bit dated, was pretty helpful: http://blog.kaspersky.com/understanding-samsung-knox/
I'm sure everyone who uses OSX and an Android device knows that piece of software called "Android File Tranfer" which is more or less the only google given way to transfer files from or to your android device. But the tool gets supported and updated by google only as low as possible and also the usability is kinda bad including unstable transfers and so on.
Of course there are commercial solutions with tons of features bloating the whole stuff and of course always annoying background processes and updaters. In addition for exorbitant prices.
The last weeks i picked up an already older idea to start an open source project for an simple file manager but until its m first project concerning android i have no idea where to start.
Where can i find some infos how to transfer file to android, does it work with an mtp protocol?
Are there some headwords to orientate at?
.bastian said:
I'm sure everyone who uses OSX and an Android device knows that piece of software called "Android File Tranfer" which is more or less the only google given way to transfer files from or to your android device. But the tool gets supported and updated by google only as low as possible also the usability is kinda bad including unstable transfers and so on.
Of course there are commercial solutions with tons of features bloating the whole stuff and of couse always annoing background processes and updaters. In addition for exorbitant prices.
The last weeks i picked up an already older idea to start an open source project for an simple file manager but until its m first project concerning android i have no idea where to start.
Where can i find some infos how to transfer file to android, does it work with an mtp protocol?
Are there some headwords to orientate at?
Click to expand...
Click to collapse
Don't know how far you got with this, I have used adb to transfer files occasionally when AFT wouldn't recognize the device plugged in.
I would prefer a utility that would let the phone be mounted as an external drive and let us use finder to do things.
Hello guys,
I have been searching for answers to some of the tech stuff, but couldn't find them.
Here are some of those questions. Hope some of you would have answers to these. Thanks in advance!
ANDROID
1. How to share files between multi-users on Android 11?
Before Android 11, it was possible to save files inside the Android/ obb folder, and these files were visible for all users on the device. In Android 11, this is no longer working as the 'obb' folder appears to be exclusive to each user.
I know this is possible via USB OTG or a cloud service, but is there a solution without these?
2. How to copy/ backup game data for non-rooted devices?
Helium Backup doesn't seem to work. I have played a game for long on my Mediapad, and I would like to copy that game to my phone. Unfortunately, my Mediapad is not rooted and losing all that game progress has become a nightmare. I have written to the app developer to provide some sort of backup using either Google Play Games or social media integration like Facebook/ Twitter, but haven't received any response.
3. How to force apps (esp. file managers & gallery apps) to use in-app media viewer without changing system default.
For example, I may use the stock gallery app as default for viewing media. But if I am using another gallery app or a file manager that is capable of viewing media files using its own media viewer, I would rather want it use it than open the default app. Is there a way to do it?
4. Replace stock file manager (a system app) with another app from Google Play Store or other sources. Is this possible?
I am not asking how to convert a user app into system app. I know that part. I tried replacing the apk file of the stock file manager with a 3rd party apk, even renamed it, but it didn't work.
5. Extract a system app from one device and install it on another device without root. Is this possible?
I have tried it, but apk installation fails. For example, Samsung Gallery app on OnePlus phones.
iOS
1. How to install .ipa (iPhone app) on an iPhone (not jail-broken) without a laptop (iTunes)?
2. Is it possible to have SFTP server for iPhone?
All Operating Systems
1. How to provide LAN only access for non-rooted devices as well as in Windows & iOS?
For rooted devices, we have apps like AFWall+ that can do it. But is there a way to do it for devices without root, as well as for Windows and iOS?
For non-rooted devices, we have apps like Netguard that support 'Allow LAN access' whilst blocking internet access.
Are there any alternatives and solutions for other platforms?
2. How safe is it to enter login credentials in an app to allow it access to network drives?
I use several apps (on various platforms) to connect to my laptop over SMB. This requires me to provide the app with my Windows Login Credentials, which is a Microsoft account. Am I risking my account by providing this info to the app? Is it safe to enter login credentials of cloud services in file manager apps?
Just bumping this thread as it seems to have been lost/ unnoticed.
@Ultramanoid can you answer some of these?
Sridhar Ananthanarayanan said:
@Ultramanoid can you answer some of these?
Click to expand...
Click to collapse
Can't help much, sorry. As to Android, some notes :
1. Never have used an OEM / Google's version of Android, or anything other than rooted single-user systems.
2. In addition to the previous answer, I'm not a gamer.
3. I usually don't ever set defaults with some rare exceptions, so I am always given a choice of what I want to use to handle a file. It may vary depending on many things; I may want to edit an SVG file as text, or view it as an image, for instance. There are applications / services that will intercept intents to allow you to do this sort of thing as well, but I can't recommend a specific one, never use them myself.
4. Possible, but will break Android as by now the system requires it as a file picker in many instances without recognizing alternatives and developers of most applications do expect it as well and their services will not work without it. Don't do it. With recent Android storage changes, including the scoped storage debacle, this is not a viable option anymore.
5. Depends, but not likely as a general rule, specially for OEM garbage, which relies on their own proprietary modifications of Android, their libraries, frameworks, et al. You'd have to carry those over to the destination too, which may not even be possible. Use OEM-independent and not Google Services reliant applications. ( Edit : you'll find some of those applications built to install on all devices here on XDA by single developers, "SONY camera for all devices" and that sort of thing, not recommended anyway, not well supported or long-lived experiments. )
Ultramanoid said:
Can't help much, sorry. As to Android, some notes :
1. Never have used an OEM / Google's version of Android, or anything other than rooted single-user systems.
2. In addition to the previous answer, I'm not a gamer.
3. I usually don't ever set defaults with some rare exceptions, so I am always given a choice of what I want to use to handle a file. It may vary depending on many things; I may want to edit an SVG file as text, or view it as an image, for instance. There are applications / services that will intercept intents to allow you to do this sort of thing as well, but I can't recommend a specific one, never use them myself.
4. Possible, but will break Android as by now the system requires it as a file picker in many instances without recognizing alternatives and developers of most applications do expect it as well and their services will not work without it. Don't do it. With recent Android storage changes, including the scoped storage debacle, this is not a viable option anymore.
5. Depends, but not likely as a general rule, specially for OEM garbage, which relies on their own proprietary modifications of Android, their libraries, frameworks, et al. You'd have to carry those over to the destination too, which may not even be possible. Use OEM-independent and not Google Services reliant applications. ( Edit : you'll find some of those applications built to install on all devices here on XDA by single developers, "SONY camera for all devices" and that sort of thing, not recommended anyway, not well supported or long-lived experiments. )
Click to expand...
Click to collapse
Thanks very much. But I wish you answered the last 2 questions as well.
If time permits, would you be interested in telling us how you use your phone? I mean which device, which OS and what apps you use. I would like to give that a try (on a spare device) and see if it is possible for me to live without Google.
Sridhar Ananthanarayanan said:
Thanks very much. But I wish you answered the last 2 questions as well.
If time permits, would you be interested in telling us how you use your phone? I mean which device, which OS and what apps you use. I would like to give that a try (on a spare device) and see if it is possible for me to live without Google.
Click to expand...
Click to collapse
Didn't answer because it won't be helpful.
As to the 1st, I don't use LAN, and I don't keep data in any device or computer unless in use. External independent encrypted storage to be used wherever, whenever, independent of device, cables if needed.
As to the second, it's a matter of common sense, being informed of vulnerabilities and aware of reputation, and trust. Would you trust Chrome or Mozilla with data if you're online banking ? Seems reasonable -- but be aware of major vulnerabilities that may be going on. Would you trust an application released yesterday by a single developer for the same ? Probably not a good idea.
Finally, I doubt what I use and how I use it would be acceptable for you, or most people. In essence you could : Install latest firmware, wipe device, install latest security patched Lineage build for it, remove vendor / Lineage applications, get full root, remove anything you don't need or use which could have vulnerabilities; frameworks, libraries, binaries, etc ( Bluetooth, SMS, Android system-wide downloader, system-wide WebView, NFC, and on and on .. ), install your own binaries, fonts, hosts file, and applications where appropriate ( /bin /etc et al ), install Termux and all Linux packages required for your use, everything open source whenever possible, and stay away from any Google services / Play / applications with ANY trackers, analytics, data mining or even crash report capabilities; zero tolerance. Internet permission only for a secure web browser -- and terminal if / when needed. Half of what I do or use goes through terminal to be honest. In short, for me an Android device is a full Linux laptop replacement with added perks : Always on and on me, camera, GPS, pedometer, unlimited LTE data, and emergency calls for medics / police. ( Edit : And Japanese EEW alarm of course ! Only notification I use. We learned our lesson well in 2011. )
You can use ApkExport to extract any apk including system apks. I've transferred apks between other devices devices with it.
Never had need of doing that though with a system apk.