07-17-2004, 07:15 PM
|
|
Editor Emeritus
Join Date: Aug 2006
Posts: 15,171
|
|
First Proof-Of-Concept CE Virus Released
It was only a matter of time before this was going to happen -- an EXE on Windows CE that is capable of infecting other EXE files on the same unit. It's called "WinCE4.Dust", and it's clear it's proof-of-concept, as it prompts the user before actually infecting other executables:
In any case, it's worth pointing out several things: first, it's not at all surprising this is possible -- CE is a general-purpose OS, and as such can run any programs, including those that modify others. Second, it (or even newer viruses) are unlikely to spread very far, because people don't frequently exchange data or executables between Pocket PCs and because Pocket PCs don't have the market penetration that desktops do. Macro viruses are less likely to occur, thanks to the fact that Pocket Word doesn't have any macro support. 
That said, you will eventually have to become more careful as to installing programs on your device. I don't plan to install antivirus protection any time in the future, but I do plan to be careful as to my sources of CE programs. 
|
| |
|
|
|
07-17-2004, 08:04 PM
|
|
Intellectual
Join Date: Oct 2002
Posts: 116
|
|
Another important step toward handhelds being a complete replacement for desktop machines!
:splat:
|
| |
|
|
|
07-17-2004, 08:12 PM
|
|
Pupil
Join Date: May 2003
Posts: 38
|
|
What does it do?
I am unclear as to what exactly this virus does. What does the infection do? What undesired operations does it cause?
|
| |
|
|
|
07-17-2004, 08:22 PM
|
|
Editor Emeritus
Join Date: Aug 2006
Posts: 15,171
|
|
Re: What does it do?
Quote:
|
Originally Posted by EnsignRam
I am unclear as to what exactly this virus does. What does the infection do? What undesired operations does it cause?
|
I think it's only goal is to prove that it can "infect" other EXE files. Theoretically, a virus writer could use such an infection vector to cause a virus to spread to infect all EXEs on a system. That said, since EXEs are not spread frequently between Pocket PCs, it's unclear what benefit it would have beyond that one machine. For a change, the fact that most Pocket PC apps are not beamable is a big plus.
--janak
|
| |
|
|
|
07-17-2004, 08:27 PM
|
|
Mystic
Join Date: Aug 2006
Posts: 1,734
|
|
Some-one else has commented on the incestuous relationship between virus writers and the anti-virus people. Here we are on a new platform, and the first place a new virus shows up is with an anti-virus company.
If these people really had our interest at heart they would develop a security layer for win CE that prevents the modification of executables and allows one to give permissions to programs. Instead they go down the whole signatures and eternal annual subscriptions route.
They dont want to help us, only to make money. They are now publicising this proof of concept virus to teach others how to make better ones and spread fear.
Shame on them.
Surur
|
| |
|
|
|
07-17-2004, 09:20 PM
|
|
Ponderer
Join Date: Feb 2003
Posts: 98
|
|
If only all virii popped up a pleasant message asking for permission to multiply...
|
| |
|
|
|
07-17-2004, 11:59 PM
|
|
Ponderer
Join Date: Dec 2004
Posts: 97
|
|
I disagree
"That said, you will eventually have to become more careful as to installing programs on your device. I don't plan to install antivirus protection any time in the future, but I do plan to be careful as to my sources of CE programs"
I totally disagree with this mentality. we should not be forced to limit our sources because of this threat. Just like on the PC, we install virus protection and so we should on our PPC as well if installing via other methods than activesync.
|
| |
|
|
|
07-18-2004, 12:17 AM
|
|
Sage
Join Date: Aug 2006
Posts: 740
|
|
Well, THIS really blows...
I won't be installing AV software any time soon either... its too easy to hard reset and rebuild my device... I've got things synchronized and backed up my whaaa-zoo, too...
__________________
Kind Regards,
Christopher Spera
Gear Diary Review Team
|
| |
|
|
|
07-18-2004, 12:47 AM
|
|
Swami
Join Date: Feb 2004
Posts: 4,303
|
|
Re: I disagree
Quote:
|
Originally Posted by acollet
we should not be forced to limit our sources because of this threat. Just like on the PC, we install virus protection and so we should on our PPC as well if installing via other methods than activesync.
|
Well, surely it pays to be safe? I won't be installing any AV software on my PPC either - I have more useful things to do with the clock cycles.
|
| |
|
|
|
07-18-2004, 12:57 AM
|
|
Editor Emeritus
Join Date: Aug 2006
Posts: 15,171
|
|
Re: I disagree
Quote:
|
Originally Posted by acollet
I totally disagree with this mentality. we should not be forced to limit our sources because of this threat. Just like on the PC, we install virus protection and so we should on our PPC as well if installing via other methods than activesync.
|
Well, you're free to pick a strategy you prefer. Given the relative rarity of viruses on Pocket PCs, and the lack of their utility, I don't think they're a sufficient problem to merit installing an AV tool which will almost certainly slow down the Pocket PC. Compare that to PCs, where things like macro viruses force my hand even if I'm picky about the EXEs I run.
I generally am picky about my software sources, anyway. I've installed buggy software that's made my Pocket PC unstable... so I'm basically following the same strategy I've always done, just a bit more carefully.
--janak
|
| |
|
|
|
|
|
Linear Mode
