GCN LAB IMPRESSIONS
Testing smart-phone security apps on a Droid X
Cell phones could be the next big target, so the Lab tests a few free, or inexpensive, tools
- By John Breeden II
- Jan 28, 2011
Over a decade ago, while working on a GCN feature about the Navy, I interviewed a shipboard IT guy who told me how much the world had changed from the ships of old.
In the past, he said, sailors would get shore leave and their commanders would worry about what diseases they might bring back on board when they returned. But in the time of PDAs (this was a pre-smart phone world), which basically were enterprise clients, commanders worried more about what computer viruses they might bring back on board along with their electronics. And don’t forget, this was 10 years ago.
What is most surprising to me today is that cell phone viruses haven’t blown up the way computer worms and other malicious code have over the years. Back in 2004, Cabir.A was the first replicating cell phone virus, but it was done as a proof-of-concept project and did no harm. Since then, there hasn’t been a lot to worry about, for two reasons.
First, it’s much harder to replicate a virus from cell phone to cell phone, though going from a PC to a phone is much easier. If anyone ever figures out how to get a phone to automatically dial contacts and replicate a virus (and how to trick the phone on the receiving end to answer and install it), we will be in big trouble.
4 threats to wireless security
How iPhone, Android and other GSM phones are vulnerable to attack
DISA has an app for smart-phone security
Second, until very recently the operating systems on most phones simply couldn’t support most viruses. A user would need to purposely install the code, or at least think they were installing something else, and even then getting rid of it would not be too much of a problem — simply wipe the phone down to its default settings, albeit with a loss of data.
But the potential for viruses is there, and we can’t get complacent. That’s why it’s nice to see that antivirus companies are starting to make moves to protect smart phones before hackers can get a foothold.
My favorite free AV program for PCs, AVG, is now moving to cell phones, specifically the Android. We recently downloaded DroidSecurity to a Verizon Droid X we were testing in the lab.
The program has a clean interface, stays mostly in the background, and will scan all programs before they run, looking for malicious code. It will perform daily or weekly scans on your schedule. And it’s free. Or you can pay $9.99 for the Pro version of the application, which adds in real-time scanning of all SMS traffic for full-on lockdown protection and even spam blocking.
But AVG isn’t alone. Trend Micro has an entire suite of tools aimed at protecting mobile phones from viruses. Trend Micro realizes that smart phones have advanced to the point where they are actual clients on your network, and we all know the dangers by now of having an unsecured node on a government system.
The Trend Micro suite seems to go a bit farther than the AVG one, but for a little bit higher price. We found it on sale online for around $15, with a free trial available.
There is also Lookout Mobile Security, which, like AVG, is available for free. We put the Lookout software onto the same Droid X and found that of the three, it seemed to have the cleanest interface.
And like AVG, there is a Professional version that goes beyond scanning apps when demanded. The $29 pro version will automatically scan all programs with an eye to user privacy, making sure that nothing can collect data on your phone without your permission. It also has a remote wipe feature, so if your phone is ever stolen (physical crime is still a problem in this electronic age) you can destroy all your data with a few clicks from any computer.
It’s only a matter of time before some horrible self-replicating phone virus strikes. And when it does, wherever you are on land or at sea, you better be ready to protect yourself. Given that lots of basic protection is completely free, there’s no reason not to raise your shields.
John Breeden II directs the GCN Lab. Follow him on Twitter: @GCNLabGuys.