I keep hearing about smartphone viruses; is it time for me to install security software on my smartphone?
This question was answered on March 17, 2011. Much of the information contained herein may have changed since posting.
In case you havent noticed, the smartphone is becoming one of the most popular electronic gadgets of all time and the adoption rate around the world is climbing quickly (currently estimated at over 20% of all cell phones, worldwide).
When you combine the popularity of smartphones with the fact that average usage is extremely high (because of their mobility), you can bet that the attempts to exploit users is going to continue to grow in 2011.
The biggest exposure point for smartphone users at this point is in the installation of apps (browser-based exploits are uncommon and easily blocked so far).
We have already seen several cases of smartphone apps laden with malware (malicious software) sneaking their way into both Apples App Store and Googles Android Marketplace.
The term virus really needs to be replaced with malware since the exploitation attempts that we are seeing dont have the ability to spread from smartphone-to-smartphone like a computer virus can.
Smartphone exploitation generally centers around getting at the private information that makes the smartphone a target rich environment for hackers (contacts, passwords, e-mail accounts, etc.).
There are significant differences between how iPhone and Android users access apps to install on their smartphones, but how and where you get your apps can greatly increase your chances of being exploited.
Apple only allows apps to be installed via iTunes and the App Store (unless you jailbreak or remove the controls) and they are very particular about what they will allow in the App Store
This controlled walled garden approach is one of the reasons that many techies prefer Googles Android platform, but it does provide a pretty significant level of security.
Android is a much more open platform that allows users to install apps from Googles Marketplace or from lots of other places, but this openness also exposes users to more risk.
Both Apples App Store and Googles Marketplace have had apps with hidden malware sneak past their review processes and make it onto users smartphones, but in general its rare.
Google recently removed over 50 apps from the Google Marketplace that were found to have malware hidden in them and then did something very interesting: they flipped on their remote kill-switch to delete the apps from the affected smartphones (Apple also has this ability).
The reality is, however, once an app gains access to your information, it can send it off to a remote server, which means even if the app is removed, the damage could already be done.
iPhone users that jailbreak their phones and install apps from third parties stand a much higher risk of installing a rogue app, because the review process by Apple is bypassed and there would be no remote removal if a rogue app is discovered.
Novice Android users should stick to getting their apps from the Marketplace and in general, avoid apps that are very new and have very few reviews (from any resource).
If you have an Android-based smartphone and love to experiment with apps, you may want to consider installing a free security program called Lookout ( http://goo.gl/3COld )
Not only will it warn you of potential spyware and malware, it offers backup, a lost phone locator and remote wiping features.
Mobile security experts also recommend that you get in the habit of clearing your smartphones browser history and cookies to minimize the exposure should you install an app with malware (also helps if you lose your phone or it gets stolen check in the Settings menu for your options)
The best way to protect your smartphone is to make sure to install updates as quickly as you can (the latest protection is usually a big part of an update) and avoid installing apps from sites that you dont know much about.
About the author
Posted by Ken Colburn of Data Doctors on March 17, 2011