Rabu, 29 Oktober 2008

Security and malware

Symbian OS has been subject to a variety of viruses, the best known of which is Cabir. Usually these send themselves from phone to phone by Bluetooth. So far, none have taken advantage of any flaws in Symbian OS – instead, they have all asked the user whether they would like to install the software, with somewhat prominent warnings that it can't be trusted.

However, with a view that the average mobile phone user shouldn't have to worry about security, Symbian OS 9.x has adopted a capability model. Installed software will theoretically be unable to do damaging things (such as costing the user money by sending network data) without being digitally signed – thus making it traceable. Commercial developers who can afford the cost can apply to have their software signed via the Symbian Signed program. Currently, developers also have the option of self-signing their programs. However, the set of available features is smaller, and certain operators have opted on fully disabling certificates other than the Symbian Signed certificates.

Some other hostile programs are listed below, but all of them still require the input of the user to run.

  • Drever. A is a malicious SIS file trojan that attempts to disable the automatic startup from Simworks and Kaspersky Symbian Anti-Virus applications.
  • Locknut. B is a malicious SIS file trojan that pretends to be patch for Symbian S60 mobile phones. When installed, it drops a binary that will crash a critical system service component. This will prevent any application from being launched in the phone.
  • Mabir. A is basically Cabir with added MMS functionality. The two are written by the same author, and the code shares many similarities. It spreads using Bluetooth via the same routine as early variants of Cabir. As Mabir. A activates it will search for the first phone it finds, and starts sending copies of itself to that phone.
  • Fontal. A is an SIS file trojan that installs a corrupted file which causes the phone to fail at reboot. If the user tries to reboot the infected phone, it will be permanently stick on the reboot, and cannot be used without disinfection – that is, the use of the reformat key combination which causes the phone to lose all data. Being a trojan, Frontal. A cannot spread by itself – the most likely way for the user to get infected would be to acquire the file from untrusted sources, and then install it to the phone, inadvertently or otherwise.http://en.wikipedia.org/wiki/Symbian_OS#Symbian_OS_v6.0_and_6.1
Posted by at

Tidak ada komentar:

Posting Komentar

Langganan: Posting Komentar (Atom)