crazylazy.info

txt

The more interactive smartphones get, the easier it is to abuse their capacities for (technical) tricks, for spying, stealing and surveillance. Threats of our modern age. But only a very low number of people cares, according to Daniel Hoffman, who gave a Pauldotcom interview this week.
Comparisons to the PC aren't that farfetched: smartphones can go into the Wireless LAN, they can serve multimedia applications, eMail, SMS, Phonecalls, nearly any protocoll imaginable for daily use; so they have TCP, IP, GPRS, GPS sometimes, GSM... I don't say that every of these protocols has a vulnerability that I know. But the attack vector is wide open: there a few barriers and many open gates.

I wanted to test a mobile security solution and I chose Kasperski Mobile Security 7 for Symbian as an example. It has:

Anti Theft Protection - binds the SIM card and the device together
SMS Spam Filters - non numeric SMS messages are blocked
eMail Filters against Spam, black- and whitelisting
signature based Anti-Virus that automatically scans Memory if you want
Real Time Protection (scans new data for viruses)
a network filter (called Firewall), but not on Layer 7

Sounds hardending? The Anti Theft Protection is very nifty: I used another SIM card, put it into the device, and it send the number of the new SIM card to a specified number. Therefore thief identification may be very possible. It didn't include GPS information, but there are other products which do that.

The SMS Spam protection offers the ability to block non-numeric messages. Carrier advertisement doesn't reach me. Quite nice.

The eMail Filters may seem useless to Gmail folks, but they make total sense if you imagine business people, syncing their mails. Smartphones pass all perimeter strategies and work from the inside. If there're potential harmful pieces of software on those devices, that can cause a productive computer environment to get infected, this is serious. Even if that doesn't affect the mobile device itself. For home users it's the same: aggressive Malware may find its way through the setups. If there's none on the smartphone.

Anti-Virus is very signature depending. Heuritsic processes, modern voodoo, could cause high CPU loads. The Real Time Protection in this case isn't a bottle neck, because normally there isn't that much traffic on a smartphone.

The network filter detects portscans, has little configuration, but works. It has three major modes, which differ by allowing outgoing traffic for third party applications in general, by scanning incoming TCP traffic, and by allowing everything. Quite poor, compared to the PC-world.


Anyhow: at the moment there isn't even much consciousness for smartphone security but lots of hyping for very interactive devices, that aren't necessarily very well secured. If you find other ways to secure a smartphone, let me know. Seeking for transparent OpenSource software in case of Symbian isn't very promising these days. If you imagine Symbian becoming OpenSouce in near future, maybe a trend will rise to real openness. That very much depends on security, because for now most mobile software works secure by obscurity. If people begin messing up with it, it'll get worse. At the beginning. If the community and the maintainers don't put lots of constructive effort into security, it'll get hard to solve all problems.
I think this software just shows nicely what you can do. Maybe it's not the best; maybe it's obscure too. But it's useful at the moment for managing the risks of mobile computing.

Have fun,
wishi