<div class='os_post_top_link'><a href='http://www.geekzone.co.nz/content.asp?ContentId=6637' target='_blank'>http://www.geekzone.co.nz/content.a...?ContentId=6637</a><br /><br /></div><i>"McAfee, Inc. has released McAfee VirusScan Mobile and McAfee VirusScan Mobile Enterprise Edition for the Windows Mobile 5.0 platform. The company says this new version helps protect users of Windows Mobile 5.0 against the latest malware and attacks, including what the company calls SMiShing attacks, or phishing scams via SMS. McAfee VirusScan Mobile and McAfee VirusScan Mobile Enterprise Edition protect Windows Mobile 5.0 user devices from attacks via SMS, MMS, Bluetooth and other entry points. The software protects against the threats by automatically detecting and cleaning infected files before they can infect the device."</i><br /><br />I really don't get this. There's been nary a blip in terms of spyware/malware/trojans/viruses that target Windows Mobile but McAfee thinks we should fork out $29.99 a year to protect our devices from a virtually non-existent threat. The pandemic of spyware et. al. is pretty serious as far as our desktops are concerned, but that's on a different platform. Just because it says Windows on the front doesn't mean that what works or is a problem on WinXP, will be a problem with Windows Mobile - they're two very different OSs. <!><br /><br />Let's take it through and see what we get - many spyware/malware programs run off ActiveX controls or VBScript that target Outlook or your web browser, not exactly a problem in Windows Mobile when VB support isn't even included any more. Phishing/SMiShing? Requires user input, and a bit of common sense can tell you not to give out your usernames/passwords. Trojans/Viruses? Win32 executables, 'nuff said. Rootkits? On Windows Mobile? Come'on! So where does that leave us? Symbian viruses?;)<br /><br />Just for kicks I ran a search through the McAfee threat library for 'mobile' and got 31 hits, which broke down as follows:<br /><br />16 Symbian viruses<br />5 Win32 worms<br />4 mobile phone hoaxes<br />2 VBS worms<br />2 malicious Win 32 programs<br /><br />None of these work on Windows Mobile. The two remaining threats were <i><a href="http://vil.nai.com/vil/content/v_138726.htm">RedBrowser.a</a></i> (a J2ME trojan) and <i><a href="http://vil.nai.com/vil/content/v_126794.htm">Duts.1520</a></i> (WinCE virus). So it sounds like there <i>is</i> a potential threat right? The J2ME trojan would not run on most Windows Mobile PDAs, except those equiped with a JVM, but some of the HTC phones <i>do</i> have them. The WinCE virus would obviously run on any Windows Mobile device. Here's the kicker - <i>they're both proof of concept</i>. So we are invited to subscribe to an antivirus/malware solution (a firewall is on the way, too), which purports to protect our devices from an external threat that consists of proofs of concept! Somebody's cynically banking on peoples indentification of Windows with Windows Mobile here. Color me sceptical.<br /><br />Do security threats exist? Yes. Will real, out-in-the-wild viruses, spyware, malware, trojans etc targeting WM eventually appear? With WM-driven phones becoming increasingly mainstream, that seems inevitable. Should you run out and get an antivirus solution <i><b>right now</b></i>? Sounds premature to me - what do you think?

The J2ME trojan would not run on most Windows Mobile PDAs, except those equiped with a JVM, but some of the HTC phones do have them.

J2ME-based viruses/virii won't start unless you actively import and start them, requiring a lot of dialog screens and Yes answers. That is, I wouldn't call it a threat either.

Should you run out and get an antivirus solution right now?

I'd say NO. This stuff is over-diemensioned by the antivirus developers - as with Symbian. Remember the Symbian F-Secure case (http://www.pocketpcmag.com/blogs/index.php?blog=3&amp;p=1061&amp;more=1&amp;c=1&amp;tb=1&amp;pb=1)?

I'd say no too. Not only does the inherent nature of PDA's make it hard to infect them, there's also the publicity factor. Since virus makers want maximum publicity, they will also want maximum damage. Just like with Macs and Linux, PDA's just aren't worth a hacker's time since there are so few of them compared to Windows PC's.

Maybe some day, AV will be needed with future PDA's. But now, no.

No. Maybe in a few years...but I really doubt that too.

A cash grab really..

Maybe there's mandates that some Corporate's are required to have some sort of AntiVirus on their mobile devices.. they are the ones that pay big $$ to these vendors that keep the product afloat...

for Joe Average.. It doesnt matter.

B

Those AV company bloodsuckers! :)

Here is a fairly recent article on WM malware:
http://www.informit.com/articles/article.asp?p=458169&amp;seqNum=2&amp;rl=1

I'd agree that the average user does not need AV/spyware software on her handheld.

One issue to consider: many organizations mandate AV software before they do a corporate rollout. That is especially true in the medical, financial and military sector. And when they hear there is no good antivirus option for Windows Mobile, guess what happens? That's right, they drop their WM rollout plans and go with Symbian (or another OS) instead. We've seen it happen over and over.

We do AV exclusively for WM. The problem is that the "big 3" antivirus companies don't seem to think that WM developers are competent to do AV software. They seem to look down on eMVPs, established Pocket PC developers, and the Windows Mobile community in general. And they tell that to as many customers and contacts as they can.

That is wrong, because there are a lot of smart people in the WM security world. Good people like Janak (and others who post here) do security for a living. It is a shame that the big AV companies belittle the WM security community. But without "little" developers to give them some competition, they have no incentive to make good software. And so corporations drop their WM rollouts.

Thank you.

Take care,

Brad

Pocket devices (PIE) don't have support for VBScript only JS, so that's two more you can cross out. Unless that has changed on WM5. (it would be kind of cool if it has, as I code faster on VB, does anybody know?)

Brad - thanks for the link, and the different perspective. I hadn't considered the corporate angle, but that does explain the McAfee move (even if it doesn't explain it).

Feo - native VB support throughout the OS was dropped in WM2003, though you can still get VBS to run if you install the necessary runtimes.

well what about files that u sync with your desktop, what if one of the files has a virus and u transfer it to another pc... it could stop u from spreading a virus over networks...noo...wait a sec... both pc's should have virus scanners installed... ppc dont get virus attacks but i guess they could carry them... looks like a waste of money.

well what about files that u sync with your desktop, what if one of the files has a virus and u transfer it to another pc... it could stop u from spreading a virus over networks...noo...wait a sec... both pc's should have virus scanners installed... ppc dont get virus attacks but i guess they could carry them... looks like a waste of money.

The problem is that your desktop scanner would detect that right away, and I doubt the PocketPC scanner would be able to detect it at all, as it's a threat that a) doesn't affect it, and b) if you updated a PocketPC's database to include ALL the Win32 viruses out there, you'd be talking about a database in the dozens if not hundreds of megs... and most PDAs just don't have the capacity for it.

Now, the CORPORATE demand for AV software for the OS before deployment makes more sense, although there are few enough programs at the moment which target Windows Mobile.

I work for the government. With the security measures they use on our desktops, they will eat this up. Not too many yet using WM devices in conjunction with the government networks, but the number is increasing. I am sure they will make it worth McAfee's time.

There's a sucker born every minute. And McAfee figures it can get $30 a head from them.

There's a sucker born every minute. And McAfee figures it can get $30 a head from them.

Yes. Those suckers are called "managers", "insurance companies" and "legal boilerplate writers". Still, eventually someone WILL target that segment of the market with real virii, which is when AirScanner, McAfee, and other companies will be expected to earn their pay.

For awhile, the last 2 weeks or so I have been running my PC with no antivirus. I did the kaspersky trail about 3 times and it ran out and then I tried to put AVG in and it wouldn't work right, and Kaspersky kept bugging me and I couldn't get it out cause I couldnt turn it off...
so on so forth.
So after I did my system RECOVERY and I am in the process of re-installing software, I got Kaspersky back into my machine, and it immediately finds about 8 malwares and 2 viruses and a couple of Trojans in the back up folder. I did a non destructive recovery.

Now for my PPC.
I got flexmail, (which seems to not work with all of the online email services) set up and tried to link it to my outlook 2003. A day or 2 later my outlook 2003 seems to stop working. Then My PPC a hp 4705 seems to turn on, you press contacts and it wont open contacts. Flexmail wont work, and no onboard email will work. I can go on the web and read my hotmail, but i cant look at through MSM mobile or pocket outlook or whatever they call it. I try reset and that changes nothing.
So I do a non destructive recover on the desktop, crash the PPC and start re-installing everything, Calligrapher isnt working, but I put it in the File store this time and maybe it dosent like that.

Do you think I had a virus?

Now for my PPC.
I got flexmail, (which seems to not work with all of the online email services) set up and tried to link it to my outlook 2003. A day or 2 later my outlook 2003 seems to stop working. Then My PPC a hp 4705 seems to turn on, you press contacts and it wont open contacts. Flexmail wont work, and no onboard email will work. I can go on the web and read my hotmail, but i cant look at through MSM mobile or pocket outlook or whatever they call it. I try reset and that changes nothing.

So I do a non destructive recover on the desktop, crash the PPC and start re-installing everything, Calligrapher isnt working, but I put it in the File store this time and maybe it dosent like that.

Do you think I had a virus?

Nope...if your PC was infected with a virus that affected your Outlook data files, that would explain the problems you had with contacts and email. You haven't mentioned if you're running WM2003SE or WM5.0 with your iPaq.

I appologize.... I'm cross-posting this from another topic, so please forgive the redundancy, but I think it's directly relevant.

-----------------------------------------------------------------

I think part of the problem of data security on mobile devices is that today's "portable" device security vendors, who focus on Laptop and Desktop enterprises don't fully understand what "mobile" security really means.

Case in point: None of these products address Over The Air (OTA) threats. All of them are signature based. All of them have a HUGE footprint, making them both unfriendly and unwieldy for mobile devices. Some security products do not do "interactive" scanning, meaning a scan task must be scheduled through the operating system.

Another point: Many "mobile security" vendors think that universal support means running in Java. This means you are only as secure as your Java (J2ME/MIDP) stack.

This is a paradigm that's 15 years old in the PC world, and would be considered totally unacceptable.

As a final consideration, note that laptop ("portable") security is now being considered as a function of hardware, but neither Windows Mobile nor the hardware on which it runs has any such hooks yet.

One-eyed man,

That's pretty rare insight, even among security experts. I seems to me like you've been studying mobile security in depth for quite a while :)

If you are into that stuff you might look at joining MARA at http://mobileav.org/ (membership is free).

Take care,

Brad