×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Will 2011 Be the Year of Mobile Malware?

CmdrTaco posted more than 3 years ago | from the predictions-makes-me-yawn dept.

Security 111

alphadogg writes "Perhaps one of the most common predictions of the last six years has been that mobile malicious software will suddenly proliferate, driven by widespread adoption of smartphones with advanced OSes. None of those prognostications has really come to fruition, but it's likely that the coming year will bring a host of new malicious applications. Users — while generally aware of threats aimed at their desktop computers and laptops — have a good chance of being caught flat-footed with their mobile phones. In the third quarter of this year, up to 80 million smartphones were sold around the world, which accounted for about 20 percent of the total number of mobile phones sold, according to statistics published last month by analyst firm Gartner. Experts say the threats against those devices are going to come in several categories, including rogue applications. In September, researchers from security vendor Fortinet discovered a mobile component for Zeus, a notorious piece of banking malware that steals account credentials. The mobile component, which targeted Symbian Series 60 devices or BlackBerrys, intercepted one-time passcodes used to verify transactions."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

111 comments

Nope (0)

Orome1 (1901578) | more than 3 years ago | (#34641574)

No, it won't.

Re:Nope (1)

BobMcD (601576) | more than 3 years ago | (#34641648)

No, it won't.

This. Anytime you spot the formula "Will 'x' be the Year of 'y'" - particularly on slashdot - the answer is ALWAYS no. I think it has to do with that particular phrasing. Nobody ever seems to ask 'Will 2011 be the Year of 365 days' or something similar. It's always outlandish...

Re:Nope (0)

Anonymous Coward | more than 3 years ago | (#34641704)

Anytime you spot the formula "Will 'x' be the Year of 'y'" - particularly on slashdot - the answer is ALWAYS no

Will 2011 be the year of not Linux on the desktop? </wishful thinking>

Re:Nope (1)

Ponder Stibions (962426) | more than 3 years ago | (#34644620)

Will 2011 be the year Windows kills off OSX and Linux and Microsoft takes control of the mobile market? Oh, the 2nd prompts the original suggestion: year of mobile malware.....

Re:Nope (0)

Anonymous Coward | more than 3 years ago | (#34642318)

By this logic, we can avoid mobile malware by simply asking this question every year. Fail-proof anti-virus, nice.

Re:Nope (3, Insightful)

characterZer0 (138196) | more than 3 years ago | (#34642472)

Will X be the year of Y?

No, but X will be the year of poorly written and poorly researched trade magazine articles about Y.

Re:Nope (1)

mlts (1038732) | more than 3 years ago | (#34643638)

With bad things, a year of the "foo" can happen, such as (IIRC) 2000 when the E-mail based worms slammed Windows networks, or 1994 when USENET was hit by the spam heard around the world. Those are times when the first salvo is fired starting the conflict in earnest (1994 when the spammers and cancelbots started, and 2000 when malware went from "just" the pirate scene to being able to wind up on anybody's desktop anywhere.)

Right now, malware is relatively rare on phones. However, there are things which are easy money if malware does get a foothold. Dialers for instance -- the old scourge of people who used the Internet before broadband. There is easy money to be made if malware gets a device to spam a SMS service for $10.00 per message.

There is one double-edged sword which both cuts at the freedom of the end user of cellphones and the malware writers -- hardware can change easily between iterations of a phone, while the PC architecture has to remain compatible back to the early 80s and MS-DOS applications. For example, outside of where the iOS apps have their jails, iOS can essentially do anything it wants to, and the apps don't/can't care. Same with Android and the /system directory.

So, the same precautions that can keep malware from accessing the machine can also keep a machine locked down.

Re:Nope (1)

icebike (68054) | more than 3 years ago | (#34643768)

This. Anytime you spot the formula "Will 'x' be the Year of 'y'" - particularly on slashdot - the answer is ALWAYS no. I think it has to do with that particular phrasing. Nobody ever seems to ask 'Will 2011 be the Year of 365 days' or something similar. It's always outlandish...

Another tell is any time you spot reference to Gartner, you can pretty much stop reading.

Its a race between Gartner and JD Power and Asshats to see who can provide the best cooked analysis and micro-category awards that money can buy.

Re:Nope (1)

Quirkz (1206400) | more than 3 years ago | (#34644870)

Will 2011 be the Year of the Rabbit according to the Chinese zodiac? Yes, yes it will! Having been born in the year of the rabbit some multiple of 12 years ago, I expect 2011 to be particularly auspicious.

Re:Nope (1)

Anonymous Coward | more than 3 years ago | (#34641662)

... because it will be the Year of the Linux Desktop (tm)(r)(c)!

In first (1)

mark72005 (1233572) | more than 3 years ago | (#34641888)

<snoot>It's been on MY desktop since 199x! </snoot>

Re:In first (1)

perpenso (1613749) | more than 3 years ago | (#34643828)

<snoot>It's been on MY desktop since 199x! </snoot>

I don't think dual booting counts in the "year of" context. And I say this as a Linux user since 1994, I even have the Yddrasil plug-and-play CD to prove it. ;-)

Re:Nope (1)

mysidia (191772) | more than 3 years ago | (#34643734)

... because it will be the Year of the Linux Desktop (tm)(r)(c)!

Not only that, but 2012 will be the Year of the Linux Desktop also. And that is not a contradiction

It is the year of the Linux desktop.

It has always been the year of the Linux desktop.

Yes it will. (2)

goombah99 (560566) | more than 3 years ago | (#34642900)

But not for the reasons given. If you go to light in a box and browse all the android 2.1 pads for sale, all of them warn you not to attempt to re-install or change the OS. this warning is not given for some propriatary reason but simply because there is no assure path to a perfectly safe re-install of the android software and drivers.

Thus there are going to ba a gazillion android pads walking around that cannot be patched. It's a safe bet there are security holes to be discovered in this. Once that happens it's going to be like windows has been with the sea of mobile zombies.

The iphones are different. You are constantly offered updates. (which brings up the problem with jailbreaking-- you can't update easily for fear of busting the jailbreak.)

Now phones may be a different matter. If the phone companies are able to push updates it may be a lot safer.

Re:Yes it will. (1)

icebike (68054) | more than 3 years ago | (#34643814)

Wrong.

The warning about re-install has nothing to do with an "assured path to perfectly re-install".

It has everything to do with carrier lock downs, and to a lesser extent with manufacturer locked downs.

As for their inability to be patched, that too is FUD. They can and do receive OTA or wifi system upgrades and patches as needed.

Check your zipper. Your Apple Fanboy is showing.

Re:Yes it will. (1)

mlts (1038732) | more than 3 years ago | (#34644188)

He does have a point though -- Some Android device makers tend to be lazy when making updates available for their platform, so compared to advertising a device that hasn't shipped, fixing holes on already sold equipment is quite low on their priority list.

The ironic thing -- Android's update mechanism is standalone. When the updates do arrive, they are either already pushed to the device, or easily downloaded via OTA. Contrast this to iOS devices which must be updated via iTunes.

Backing down from an update is also a different story. With tools like ROM Manager and others, it is easy to back up, install a new/updated ROM, and if it doesn't work, roll back. A restore from an iOS device can take a long time, especially if one has a lot of transcoded music files. To boot, unless you use TinyUmbrella and save your SHSH files, you can't go back to an older firmware level.

Who cares? (-1)

Anonymous Coward | more than 3 years ago | (#34641594)

Unless the smart phones somehow damage the network to the extent that my dumb-phone can't make calls. A phone crashing is not like a computer crashing- you're not going to lose any actual work, like a half-finished novel, just pictures and contacts and maybe angry-birds high scores.

Re:Who cares? (0)

cream wobbly (1102689) | more than 3 years ago | (#34641690)

...and passwords for your bank, online stores, Google (Docs (where you're writing your half-finished novel))...

Re:Who cares? (2, Insightful)

Anonymous Coward | more than 3 years ago | (#34641944)

if you don't know your banking password or have it stored on your phone, you're doing it wrong. google docs auto-saves frequently and is "cloud" based so you'll lose very little. online store passwords are easily recoverable. you haven't really negated the original post's points.

Re:Who cares? (1)

icebike (68054) | more than 3 years ago | (#34643840)

Its not about losing work to a systems crash or phone splash down in the toilet bowl.

Its about content being stolen by malware.

Re:Who cares? (2)

couchslug (175151) | more than 3 years ago | (#34642096)

"...and passwords for your bank, online stores, Google (Docs (where you're writing your half-finished novel))..."

That sort of fuckup could be regarded as "LARTing by events". I don't leave passwords or important work on my phone. Ever.

Re:Who cares? (1)

icebike (68054) | more than 3 years ago | (#34643906)

I don't leave passwords or important work on my phone. Ever.

Well you will. So get used to it.

Probably they will be in an encrypted password vault, dozens of which are available for Android or iPhone.

Your credit cards will be moving to the phone. Tap to pay terminals are springing up everywhere. Near Field Communication chips are being introduced into cell phones. They are already HUGE in Japan.

You will still need to password enable payment, but you won't be carrying a wallet full of risky credit cards in the future.

And those digital car keys? The rush to push button ignition is just to prep you for that being triggered by the presence of your phone as well.

Its all going into the phone, my friend, so get use to it.

The Amish won't use Electricity. Don't be that guy.

Re:Who cares? (1)

couchslug (175151) | more than 3 years ago | (#34644812)

"Well you will. So get used to it."

Asserted conclusions /= proof.

"Probably they will be in an encrypted password vault, dozens of which are available for Android or iPhone."

Mine will be unused.

"Your credit cards will be moving to the phone. Tap to pay terminals are springing up everywhere. Near Field Communication chips are being introduced into cell phones. They are already HUGE in Japan."

I give a shit what is HUGE in Japan?

"You will still need to password enable payment, but you won't be carrying a wallet full of risky credit cards in the future."

I don't carry a wallet full of risky credit cards NOW. One card, that's it. No debit cards, which I will not have.

"And those digital car keys? The rush to push button ignition is just to prep you for that being triggered by the presence of your phone as well."

I'm a mechanic. If my old PATS system annoys me the PCM will be flashed with a "PATS delete", No problem

"Its all going into the phone, my friend, so get use to it."

I welcome other folks getting used to it. I spent my life learning how to make most of the tech I use serve me and see no reason to stop.

"The Amish won't use Electricity. Don't be that guy."

Blind technophilia /= "Amish".

One may choose from a wide variety of tech in ones personal life, Amish tech or computing tech any anything in-between.

It's all about "serving me". MY convenience, MY wants, not the wants of marketroids. OTHER people exist for them to fuck, which is fine with me.

Re:Who cares? (1)

shadowrat (1069614) | more than 3 years ago | (#34641892)

and as smart phones become more powerful more people use them for actual work. I have worked on many mobile apps that are used for on site surveys, audits, and other data collection. My own opinion of the value of that data isn't really very high, but i know my clients would freak out if their iphones crashed and the data was lost. In that event, i would say, "well I tell you to upload the data on a regular basis and it should be in your most recent backup, you do back up your phone, right?"

I know sales people who's contact list IS their life. I've become reliant on the iphone app 1Password to store my passwords. I have a number of drawings in audodesk sketchbook i wouldn't want to lose. Now, i back my shit up. Anything that brings down my phone is likely only a minor inconvenience, but there are plenty of people who could be seriously affected. The real question should be is 2011 the year when smart phones become so important that malware is a real threat?

DIE (4, Funny)

mark72005 (1233572) | more than 3 years ago | (#34641918)

do you know how hard I worked on my Angry Birds scores?

Re:DIE (1)

Pootie Tang (414915) | more than 3 years ago | (#34643812)

Yes, in fact we do. We also know how hard everyone else in your contact list worked on their Angry Birds scores. And we're selling it for big money soon.

Just kidding here, but that's my real concern with this.

None have come to fruition? (1)

Monkeedude1212 (1560403) | more than 3 years ago | (#34641614)

Oh I can think of a couple [tomshardware.com]

Albeit, Jailbroken iPhones are less Secure than... umm... whats the term for that? Non-jailbroken? Jailfixed? StillJailed? Anyways.

Point is that some people have started writing malicious software for phones, its becoming glaringly obvious.

What we don't have is people focused on finding, removing, and spouting a product yet like Norton/McAffee/AVG/whatever.

Who is to say a lot of phones are infected but no one yet knows. I bet most users, if their email was compromised, would assume they were hacked via a computer, not tracked via their phone, which could easily be the case.

Re:None have come to fruition? (2)

BobMcD (601576) | more than 3 years ago | (#34641680)

What we don't have is people focused on finding, removing, and spouting a product yet like Norton/McAffee/AVG/whatever.

Go wash your mouth out with soap, right now!

Can you imagine how god-awful slow people's phones will become after installing Norton Mobile 2011? And I bet the 'uninstall' process involves reflashing the device, too.

Please no, for the love of all smartphones everywhere, please DO NOT speak this 'solution' out loud where others might hear it. If you speak it's name you give it power, after all...

Re:None have come to fruition? (1)

mark72005 (1233572) | more than 3 years ago | (#34641936)

I don't see how BloatwareSecuritySuitExtreme 2011 would ever be necessary.

When I sync the phone, my contacts and apps, etc. - get backed up. Worst case scenario, I do a reset-to-factory, then retrieve the backup of my contacts and emails, the apps get downloaded and installed again.

(of course this assumes the user knows they have malware in the first place)

Re:None have come to fruition? (2)

causality (777677) | more than 3 years ago | (#34642208)

I don't see how BloatwareSecuritySuitExtreme 2011 would ever be necessary.

Since when did marketers ever care about whether you actually need whatever product they're hawking?

Windows has already trained most of the public to perceive virus scanners as essential system tools.

Re:None have come to fruition? (1)

AltairDusk (1757788) | more than 3 years ago | (#34642660)

And I bet the 'uninstall' process involves reflashing the device, too.

I applaud your optimism but I suspect the uninstall process may require a good-sized hammer.

Re:None have come to fruition? (5, Informative)

jeffmeden (135043) | more than 3 years ago | (#34641900)

What we don't have is people focused on finding, removing, and spouting a product yet like Norton/McAffee/AVG/whatever.

Oh we [f-secure.com] don't [smobilesystems.com] , do [avg.com] we [norton.com] ?

Re:None have come to fruition? (1)

VortexCortex (1117377) | more than 3 years ago | (#34643894)

What we don't have is people focused on finding, removing, and spouting a product yet like Norton/McAffee/AVG/whatever.

Oh we [f-secure.com] don't [smobilesystems.com] , do [avg.com] we [norton.com] ?

If Viruses did not exist, it would be necessary for AV companies to create them.

The Joker exists because of Bat Man. Bat Man exists because of the crime in Gotham. Both Bat Man and The Joker can use their resources to fight or cause crime.
Darth Vader exists because of the Jedi, the Jedi Order exists because of crime in the Universe. The Force can be used for good and evil.

It's a Yen & Yang sort of thing. Good and Evil are relative terms, subject to interpretation.

Crackers exist because of Hackers. AV exists because of malware in CyberSpace. The Source can be used for good or evil.

Hackers hack on the hardware / environments that they have available. Hackers can turn bad, and become Crackers, and use their but first they must have a genuine interest and exposure to a platform in order to exploit it.

Some platforms cater more to the Hackers, and they are less frustrated with the platform; Thus, less become Crackers for such platforms. Other platforms shun the Hacker, frustration fuels the desire to become a Cracker, and more malware is released which exploits such platforms...

Re:None have come to fruition? (-1, Flamebait)

Abcd1234 (188840) | more than 3 years ago | (#34642362)

Albeit, Jailbroken iPhones are less Secure than... umm... whats the term for that? Non-jailbroken? Jailfixed? StillJailed? Anyways.

What??? I thought Apple's "Jail" was universally bad! That there was absolutely no benefit to it! That's it's evil evil evil!

Are you saying the Slashbots could be *wrong*??

Re:None have come to fruition? (2)

AltairDusk (1757788) | more than 3 years ago | (#34642802)

All sarcasm aside if GP is referring to the incident I'm thinking of that was only because people never changed the root password after jailbreaking. More recently with the iOS PDF exploit tools to help users protect themselves were available to jailbroken users [ithinkdiff.com] 3 days after it was widely known (release of Jailbreakme.com which used the exploit). "Jailed" devices had to wait for a fix from Apple which came 10 days after. This is still a good response time and should not be taken as a bash on Apple, it does illustrate that assuming jailbroken automatically means less secure is wrong.

I'm in trouble (0)

joe2tiger (1883232) | more than 3 years ago | (#34641638)

I just installed Hero of Sparta, non-market place game for free. I swear, that's the last non-market place app I'll install on my phone. For those that are interested, url = http://www.gameloft.com/android-hd-games/?adid=147865 [gameloft.com]

Re:I'm in trouble (0)

Anonymous Coward | more than 3 years ago | (#34641698)

Uh, could you elaborate? Was it malware, or just so good that you don't think you can quit playing?

Re:I'm in trouble (1)

mark72005 (1233572) | more than 3 years ago | (#34641940)

My brief foray in android led me to believe those non-marketplace apps often had memory leaks and slowed my phone down considerably.

Re:I'm in trouble (0)

Anonymous Coward | more than 3 years ago | (#34643496)

Slowed your phone down? Likely. Memory leaks, probably not. For anyone that has programmed in the Java-esque Android environment, they know that dealing with memory is simple and leaks don't ever happen!

Re:I'm in trouble (1)

mark72005 (1233572) | more than 3 years ago | (#34643556)

Thought slowdown and increased battery consumption were the cost of using non-market applications.

Re:I'm in trouble (1)

Anonymous Coward | more than 3 years ago | (#34642634)

I just installed Hero of Sparta, non-market place game for free. I swear, that's the last non-market place app I'll install on my phone.

Why, did it change your restaurant finding apps to only show "Hell" as an option for dining? ;)

Maybe it might could (3, Insightful)

Hijacked Public (999535) | more than 3 years ago | (#34641640)

It is possible that 2011 might be a year in which there could be some unspecified increase in what could loosely be termed malware that might be targeted in whole or in part to infect certain devices that might be considered mobile devices under certain definitions of mobile or device.

If you feel you have to lead off with a statement that your prediction is essentially the same one you've been making for the past six years and it has yet come true, maybe you should leave off setting a deadline for the thing.

Re:Maybe it might could (1, Funny)

goldspider (445116) | more than 3 years ago | (#34641958)

"If you feel you have to lead off with a statement that your prediction is essentially the same one you've been making for the past six years and it has yet come true, maybe you should leave off setting a deadline for the thing."

2011 is going to be the Year of the Linux Desktop.

Re:Maybe it might could (1)

grcumb (781340) | more than 3 years ago | (#34646010)

It is possible that 2011 might be a year in which there could be some unspecified increase in what could loosely be termed malware that might be targeted in whole or in part to infect certain devices that might be considered mobile devices under certain definitions of mobile or device.

Also: TERRORISTS!

... er, ooga booga.

Not really (3, Insightful)

Artem Tashkinov (764309) | more than 3 years ago | (#34641654)

I haven't read the article but the summary seems to be somewhat exaggerated:
  • Mobile phones (OS) don't have any form of autorun
  • You cannot run .exe/.cmd/.com/.lnk attachment from e-mail
  • A lot of users still ... don't ever install a single extra app, and use their smartphone only as a contact list manager, calender and alarm clock
  • Unless Apple/Google becomes careless it's hard to believe that malware authors can (frequently) penetrate their app stores
  • There is still some variety: iPhoneOS/Android/RIM/W7 so malware writers can hardly target all platforms at once - so outbreaks are hardly possible

Re:Not really (2)

Monkeedude1212 (1560403) | more than 3 years ago | (#34641692)

The first two are irrelevant.

The remaining points can all be made irrelevant by the website that will jailbreak your iPhone using a PDF, all you have to do is swipe.

Clearly there are some exploits you can hide to open up someone's Phone.

Re:Not really (1)

TheRaven64 (641858) | more than 3 years ago | (#34642428)

Most interestingly, it's relatively easy to make money with mobile phone malware. Just make the phone call a premium rate number and you've got free money. If you don't get greedy, you can probably make it just make a one-minute call and then delete itself. Get a few hundred thousand phones infected, and that's serious money...

Re:Not really (1)

Locutus (9039) | more than 3 years ago | (#34642806)

I read the first two points as meaning that their standard tools won't work and they'll have to find other vectors to exploit. As I mentioned elsewhere, there is lots more to be had on the Windows PC side so if anything, attack attempts should start off slowly as long as the NFC doesn't pick up and leave CC's #s wide open. IMO

LoB

Re:Not really (-1)

Anonymous Coward | more than 3 years ago | (#34641774)

I haven't read the article but

Then shut up, please. No offense but too many wrong posts begin this way.

Re:Not really (1)

Lazareth (1756336) | more than 3 years ago | (#34641984)

The rest begin like yours. Zing!

Re:Not really (0)

Anonymous Coward | more than 3 years ago | (#34644334)

His post actually begins exactly like the ones he's criticizing, with "I haven't read the article but".

You're not exactly the sharpest pencil in the box, are you?

Re:Not really (4, Interesting)

Abcd1234 (188840) | more than 3 years ago | (#34642460)

Mobile phones (OS) don't have any form of autorun

So?

You cannot run .exe/.cmd/.com/.lnk attachment from e-mail

Correct. On the iPhone, you just had to visit a *website*, ffs.

Seriously, this statement is beyond short-sighted. It's one zero-day vulnerability from being completely false.

A lot of users still ... don't ever install a single extra app

Again, who cares? All you need is a hole in one of the stock apps, and voila, users are hosed. Moreover, given how slow mobile phone operators are in updating the OSes on their network (the Android situation being the most obvious), a vulnerability like that could be a) near universal, and b) very slow to close.

Unless Apple/Google becomes careless it's hard to believe that malware authors can (frequently) penetrate their app stores

See above. This point is, well, pointless.

There is still some variety: iPhoneOS/Android/RIM/W7 so malware writers can hardly target all platforms at once - so outbreaks are hardly possible

Please... you need only target one of those platforms to hit millions and millions of people. That's by far lucrative enough to make it worthwhile.

Frankly, I think the only reason you haven't seen this yet is because most malware is directed at turning a machine into a zombie, something for which a mobile device isn't that useful. But the minute someone can, for example, break an iOS device or Android device and start snarfing passwords, it'll become a far more interesting target.

Re:Not really (1)

Pootie Tang (414915) | more than 3 years ago | (#34643752)

you haven't seen this yet is because most malware is directed at turning a machine into a zombie

I admit to not reading the article, but this is my concern here. Is mobile malware the same definition?

I have an android phone. Permissions are such I can tell if an app wants "unneeded" permissions in some cases. An (offline, single player) game that needs no permissions, or maybe wants to have "disk access" (save a little game state) sounds safe.

On the other hand, certain apps (gmail, you name it) need lots of permissions for "legitimate" purposes. The problem is, just because an app might have good use for camera or GPS permissions, doesn't mean I can trust it to only read/store/send those values as I expect.

I'm concerned about all the "free" apps that may collect information. I don't (yet anyway) have a good way to know whether they are behaving or not. I just have to trust that they do. And certain things, like my phone number, I can't necessarily just put in fake data for.

There are lots of reports (many exaggerated) that talk about this already happening. I'm not sure to what extent, but I wouldn't doubt I've been "victimized" and just don't know it. If 2011 is the year I find out the hard way, I'm can't say it will be all that surprising.

But yeah, I don't see "regular" (desktop) malware getting substantially worse on mobile in a short time frame.

I'm not sure there's an easy fix for this either. Java applets allowed much more fine grained permissions, and it sucked ("Yes to all"). I think android is better, but I still want a way to override and (to the extent I trust the OS) have the OS enforce it.

Re:Not really (1)

trollertron3000 (1940942) | more than 3 years ago | (#34644954)

I think we have seen it but people aren't picking up the evidence. These apps focus on data collection, not botnet strength. They post links on facebook, they send out emails to friends, etc. I've had friends post spam links on FB after they've installed applications. They're out there.

Yea (1)

mrsteveman1 (1010381) | more than 3 years ago | (#34641666)

I doubt this is going to be a repeat of Windows, where a combination of massive marketshare and blatant negligence on the part of Microsoft led to an epidemic of worms.

But, there's also a very real threat, even on systems like iOS where users and even Apple assume that they have control of the platform, hackers prove them wrong constantly.

For instance a month or 2 back, jailbreakers were able to just visit a website through mobile safari and execute one exploit after another to compromise the entire system and install unapproved software like Cydia. That's a rare alignment of exploits, but who can really say it won't happen again via a malicious attacker?

Re:Yea (1)

AltairDusk (1757788) | more than 3 years ago | (#34642896)

For instance a month or 2 back, jailbreakers were able to just visit a website through mobile safari and execute one exploit after another to compromise the entire system and install unapproved software like Cydia. That's a rare alignment of exploits, but who can really say it won't happen again via a malicious attacker?

The most amusing part of that was walking through the local Apple store and noticing Cydia on one of the iphones. Checked the rest of them and realized someone had gone around and jailbroken every iphone in the store, I got a good laugh out of that.

Isnt that now? (1)

pablo_max (626328) | more than 3 years ago | (#34641668)

I seem to recall a similar prognoses at the end of last year. Seems not to have happened. I suspect the trend will continue.

Got rid of my BB. (0)

Ismellpoop (1949100) | more than 3 years ago | (#34641670)

To much money on phone bills.
5 minutes for it to start.
Random crashes for no reason (particularly media player).
The actual telephone part of it had so many quirks it was only semi usable as a phone.
Internet was dodgy at best and I live next (2 miles) to a new tower .
I got a new phone like my old one from 4-5 years ago couldn't be happier but now I have a BB Storm that's basically an mp3 player and did I mention media player crashes a lot requiring a 5 min reboot

Re:Got rid of my BB. (1)

jeffmeden (135043) | more than 3 years ago | (#34641924)

Quit doing it wrong. I had a storm for a year and a half and aside from the time it took to perform routine software updates it was hassle-free as a phone, media player, and everything else.

Re:Got rid of my BB. (0)

Anonymous Coward | more than 3 years ago | (#34644308)

To fix this -

1) Back up phone

2) Factory reset phone

My girlfriend's old BB used to have similar problems, and resetting it would cure it. Until it started doing it again in a couple months, then just repeat when necesary.

Are you suggesting that... (3, Funny)

Fibe-Piper (1879824) | more than 3 years ago | (#34641708)

the Windows Mobile aka WinPhone will really take off in 2011

Glad my phone is dumb (1)

cpu6502 (1960974) | more than 3 years ago | (#34641730)

Nokia 2115i. It makes calls and sends texts. That's it. Not even internet access or a camera. (Though it does have a flashlight.) No need to fear viruses or spyware.

Re:Glad my phone is dumb (1)

Lazareth (1756336) | more than 3 years ago | (#34642008)

Your phone sends and receives data which it to some extent manipulates. While unlikely that you'll ever have any problem, don't think yourself safe ;)

Re:Glad my phone is dumb (0)

Anonymous Coward | more than 3 years ago | (#34642084)

Go use a typewriter and pocket calculator instead of a computer then. It's surely dumber but you have no need to fear viruses or spyware will damage the ink tape or the 8 digit LCD display.

2011 will be the year of.... (1)

eepok (545733) | more than 3 years ago | (#34641738)

... rampant blogosphere speculation about everything. Just like the year before it.

year of...

Year Of...

YEAR OF!!!!

Holy crap, get over it! Stuff will happen next year. Some of that stuff will be expected. Of that expected stuff, some will live live up to expectations while the other will not. And there will be surprises!

Symbians (1)

Himring (646324) | more than 3 years ago | (#34641856)

"The mobile component, which targeted Symbian Series 60 devices or BlackBerrys, intercepted one-time passcodes used to verify transactions."

So that thing can be used for banking too? Huh, I'll tell my wife....

That's not really a problem (1)

Yvan256 (722131) | more than 3 years ago | (#34641950)

The mobile component, which targeted Symbian Series 60 devices or BlackBerrys, intercepted one-time passcodes used to verify transactions.

It doesn't really matter since passwords are already the weakest link in online security [slashdot.org] .

It's about 2-factor authentication... (3, Interesting)

js_sebastian (946118) | more than 3 years ago | (#34642530)

The mobile component, which targeted Symbian Series 60 devices or BlackBerrys, intercepted one-time passcodes used to verify transactions.

It doesn't really matter since passwords are already the weakest link in online security [slashdot.org] .

It's not that type of password. You are already logged in to your banking site using username and password. Then you decide to send money to someone, and one of the ways of doing 2-factor authentication available to you is to have the bank send you a 1-time password by SMS, which you then type into the computer. The one-time password is bound to the specific transaction you were requesting, and the sms contains some information about the transaction (like the destination account number and amount), so if the account number or amount is not what you wanted you know something is wrong.

So unless the bad guys have malware on your phone AND on your pc, they can't steal your money.

Of course, this is in europe. In the US two-factor authentication means password+"what is your mother's maiden name". And no, this is not a random anti-american rant. Most US banks still do not have 2-factor authentication, while all that I know of in europe do, in some form or another. Also, a security guy from a US bank I spoke to at a conference told me they don't do two factor authentication because users don't want to remember more passwords (thus proving he does not understand what is 2-factor authentication). Also, he said that when you want to do something "suspicious" like sending money to a new destination, they start to ask you security questions (like "what is your mother's maiden name").

Re:It's about 2-factor authentication... (0)

Anonymous Coward | more than 3 years ago | (#34645118)

FWIW, I have accounts with 4 US banks. Every one has a two-factor authentication system identical to the one you described.

Re:It's about 2-factor authentication... (1)

IchBinEinPenguin (589252) | more than 3 years ago | (#34645686)

So unless the bad guys have malware on your phone AND on your pc, they can't steal your money.

Unless you're doing your banking from your Internet-enabled smart-phone...

Of course not. (1)

Haedrian (1676506) | more than 3 years ago | (#34642006)

2011 is the year of Linux on netbooks. Or was that desktops. Anyway, I'm sure its a year of something linux related...

Re:Of course not. (0)

Anonymous Coward | more than 3 years ago | (#34642182)

2011 is the year of Linux on netbooks. Or was that desktops. Anyway, I'm sure its a year of something linux related...

Yes, you are correct - 2011 will be the "year that desktop users not only continue to ignore Linux, but tell those annoying twits that keep trying to get them to switch to Linux to get the hell out of their basement".

With android... (0)

Anonymous Coward | more than 3 years ago | (#34642422)

2011 will be the year of viruses on linux!

new in the drug market... (0)

Anonymous Coward | more than 3 years ago | (#34642030)

tylenol's new pill for textually transmitted diseases.

So the big question is (1)

Dee Ann_1 (1731324) | more than 3 years ago | (#34642384)

How can I install a firewall and AV software on my iPhone 3gs ?

I've unlocked and jailbroken it so I can customize it MY way and use it on the carrier of MY choice but I really want more than just a wink and a promise from Apple that I'm safe.

will Windows Phone 7 be _that_ popular in 2011 (1)

Locutus (9039) | more than 3 years ago | (#34642430)

http://blogs.mcafee.com/mcafee-labs/windows-mobile-trojan-sends-unauthorized-information-and-leaves-device-vulnerable

it is possible but it is not like the market of Windows PCs has shrunken significantly so there's plenty to continue feeding on there as opposed to trying to attack low resource embedded devices like phones.

LoB

Re:will Windows Phone 7 be _that_ popular in 2011 (0)

Anonymous Coward | more than 3 years ago | (#34642724)

Really? Your best jibe at Windows Phone 7 is a link to a three year old trojan? Heck, that was back when Microsoft was still trying to convince people that Vista wasn't really all that bad...

Re:will Windows Phone 7 be _that_ popular in 2011 (1)

Locutus (9039) | more than 3 years ago | (#34644192)

That was the last time Windows had enough market share on mobile devices to care. The increase in mobile device market share and numbers is the basis of the OP. Besides, it shows this is not new.

regarding the Vista comment, FYI, Microsoft is always trying to convince people that their products aren't really all that bad.

LoB

Not without a monoculture. (1)

Zaphod-AVA (471116) | more than 3 years ago | (#34642432)

Malware is profitable when it can infect a huge number of systems. Without a monoculture of mobile operating systems malware isn't profitable enough to develop.

Re:Not without a monoculture. (1)

AltairDusk (1757788) | more than 3 years ago | (#34642924)

I suspect the amount of people with iPhones or Android devices is high enough that it would still be profitable to get malware on either one of those platforms. iPhone would probably get you the most in a short time but Android may work better long term as some of the carriers are horrible about issuing updates.

I think Intel hopes so (1)

MikeURL (890801) | more than 3 years ago | (#34642788)

One of the reasons that Intel bought McAfee is to help develop integrated anti-vir support for mobile processors. In fact, if you troll around McAfee's website you'll see they already have anti-vir products for multiple mobile platforms.

The first successful big worm will probably get people thinking more about security on smartphones, ipads, etc. I have no doubt there are groups hard at work trying to develop smartphone botnets. In fact that target grows more attractive every year.

Mobile Malware? (0)

Anonymous Coward | more than 3 years ago | (#34643186)

I thought 2011 was going to be the year of the Linux Desktop

Users != aware (0)

Anonymous Coward | more than 3 years ago | (#34643524)

Users — while generally aware of threats aimed at their desktop computers and laptops — have a good chance of being caught flat-footed with their mobile phones

BWAHAHAHAHAHAHAHA! I stopped reading after this sentance.

Driven by smartphones with not-advanced OS' (1)

gig (78408) | more than 3 years ago | (#34643892)

Advanced operating systems are maintained in such a way that they don't run malware, for example, they are updated automatically so regularly that there is a disincentive to create malware, same as you get rid of graffiti with a regimen of immediately painting it over. Mac OS and iOS, for example. It's the not-advanced operating systems which are easy targets, graffiti magnets.

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...