office politics
It's all just 1s and 0s
- Messages
- 6,555
- Location
- in the lab
The Evolution of Mobile Viruses - A little education goes a long way
by Cyrus Peikari, author of Security Warrior from OÂ’Reilly
As of this writing (November 2005), airborne viruses are getting more sophisticated at a spectacular pace. For example, the complex first Pocket PC virus to appear (Dust) achieved a technological breakthrough equivalent to the Win32 Chernobyl virus, which was the first PC-based virus to break into the protected “Ring 0” of the Windows operating system.
Moreover, less than a year after Dust, we have already seen many “blended” threats. For example, virus writers have developed anti-antivirus Trojans, and even combined these with the Bluetooth spreading capability of the Caribe (Cabir) virus. So in the space of one year, we have seen a viral evolution equivalent to what took 20 years on desktop PCs.
One problem with this rapid evolution of threats is that mobile devices can’t support sophisticated antivirus software on current platforms. For instance, embedded operating systems don’t use “interrupts” (system calls to the kernel), so a heuristic virus scanner on the PDA or Smartphone can’t hook a specific interrupt that it might otherwise suspect is a virus.
Another problem is the seeming weariness of a crumbling and outdated antivirus industry. The old guard antivirus industry often operates under the antiquated principle of “security through obscurity.” Some try to keep knowledge of vulnerabilities secret within a closed priesthood of a few selected people. Meanwhile, hackers, identity thieves and virus writers may have access to the same information, while the larger security community stays in the dark. This can become a problem in the new world of the rapidly evolving field of mobile threats, where millions of unprotected wireless devices now share data promiscuously “any time, anywhere.”
*follow the link for more txt*
by Cyrus Peikari, author of Security Warrior from OÂ’Reilly
As of this writing (November 2005), airborne viruses are getting more sophisticated at a spectacular pace. For example, the complex first Pocket PC virus to appear (Dust) achieved a technological breakthrough equivalent to the Win32 Chernobyl virus, which was the first PC-based virus to break into the protected “Ring 0” of the Windows operating system.
Moreover, less than a year after Dust, we have already seen many “blended” threats. For example, virus writers have developed anti-antivirus Trojans, and even combined these with the Bluetooth spreading capability of the Caribe (Cabir) virus. So in the space of one year, we have seen a viral evolution equivalent to what took 20 years on desktop PCs.
One problem with this rapid evolution of threats is that mobile devices can’t support sophisticated antivirus software on current platforms. For instance, embedded operating systems don’t use “interrupts” (system calls to the kernel), so a heuristic virus scanner on the PDA or Smartphone can’t hook a specific interrupt that it might otherwise suspect is a virus.
Another problem is the seeming weariness of a crumbling and outdated antivirus industry. The old guard antivirus industry often operates under the antiquated principle of “security through obscurity.” Some try to keep knowledge of vulnerabilities secret within a closed priesthood of a few selected people. Meanwhile, hackers, identity thieves and virus writers may have access to the same information, while the larger security community stays in the dark. This can become a problem in the new world of the rapidly evolving field of mobile threats, where millions of unprotected wireless devices now share data promiscuously “any time, anywhere.”
*follow the link for more txt*
