17 April 2005
Mobile safety is up to you
Phone users have to do a lot wrong to be hit by a virus
The number of viruses infecting mobiles rose last month, according to research.
A total of eight viruses, both new strains and variants, emerged and one malicious program, called Cabir, was found in a 17th country.
The trend continued in the first two weeks of April with the discovery of the Mabir, Fontal and Hobbes viruses.
But industry experts are playing down the threat from the malicious programs saying that users have to do a lot of things wrong to fall victim to them.
Most of the mobile viruses, worms and trojans are aimed at Symbian's operating system, particularly its Series 60 version, largely because it is used on a majority of smartphones.
"The more handsets we see with a common open operating system, the more skill the virus developers have and the more damage they can do," said Tiago Alves, spokesman for mobile chip designer Arm.
Some of the viruses will stop a phone working if they are installed, others try to spread from one phone to another via the Bluetooth short-range radio service.
Getting infected with any of them could mean that users lose phone numbers and contact information that they do not store in any other place than their handset.
"Most people do not take back-ups of the data and software they have on their phones," said Marit Doving, spokeswoman for Symbian.
Ms Doving said that Symbian had been expecting viruses written to attack its software for some time.
She said the company had been working on ways to combat the malicious programs for years so that the phone industry did not suffer the same problems viruses have caused the PC industry.
Doving: Users need to be responsible with handsets
Many computer anti-virus firms now produce software that can run on handsets.
Educating users to be responsible was a key part of this, she said.
"What's important now is to make the normal consumer more aware of how he and she can use their telephone in a way that they do not get these problems," she said.
Becoming infected by a mobile virus was still quite difficult, said Ms Doving.
For instance, to fall victim to the Cabir worm users must agree twice to install it and ignore at least one warning message.
Although Cabir can only spread very slowly via Bluetooth it has now been found in 17 countries. Newspaper reports say that mobile phones used by some cab drivers in Sydney are infected with it.
Ms Doving said users needed to be careful about what they installed on their handset.
"It's a little bit like someone ringing your doorbell," she said. "You wouldn't let that person across the door step without identification."
Hardware-based systems to protect phones are on the way
The same caution should be exercised with the add-ons people put on their phones.
Mr Alves said the desire to put security software on phones was not going to be driven solely by the growing number of mobile viruses.
But, he said, the growing use of phones to play music and movies which needed to be protected with digital certificates and rights management systems and the growing use of phones as payment mechanisms was kindling interest in security software for handsets.
To this end he said Arm had been working on a hardware-based system called Trustzone that acts as an overseer for everything that software is doing on a phone.
Mr Alves said Trustzone only lets certain privileged programs make big changes to a phone. Software arriving via Bluetooth would be severely restricted in what it could do to a phone, said Mr Alves, which should help tackle virus problems.
"It'll help protect the really sensitive user data from a virus," said Mr Alves.
The Trustzone technology has already been included in Arm processor designs and is expected to start appearing in handsets in the next few years.