01-28-2012 03:36 AM
28 12
tools
  1. jleebiker's Avatar
    I've heard that WP7 is impervious to viruses. I find that hard to believe. Is it because no one has taken the time to write one for WP7 or is it because there are certain inherent things about WP7 that prevent viruses from running? Any help is appreciated.
    Oso22 likes this.
    01-17-2012 04:40 PM
  2. Oso22's Avatar
    There does seem to be security policies in place.

    Windows Phone 7 Security Implications
    cedarlog, aubreyq and jleebiker like this.
    01-17-2012 06:41 PM
  3. jleebiker's Avatar
    Interesting article. I wasn't aware of how Silverlight worked and its "sandboxes". Sounds like a better start than most, but I do think viruses are on their way. Just a matter of time. Hopefully, MS will stay ahead of the virus writers.
    Oso22 likes this.
    01-17-2012 09:05 PM
  4. Reflexx's Avatar
    Having a controlled marketplace makes it significantly more difficult for viruses to make their way onto phones.
    Oso22 likes this.
    01-17-2012 09:29 PM
  5. Oso22's Avatar
    Interesting article. I wasn't aware of how Silverlight worked and its "sandboxes". Sounds like a better start than most, but I do think viruses are on their way. Just a matter of time. Hopefully, MS will stay ahead of the virus writers.
    Yeah, I dont think any OS will be completely immune to some kind of attack, but it is certainly nice to see that there are inherent security models in place.

    I switched from android mainly because of the fragmentation, but also because of the lack of proper vetting in the app market.
    01-18-2012 06:52 AM
  6. Vmac39's Avatar
    I've heard that WP7 is impervious to viruses. I find that hard to believe. Is it because no one has taken the time to write one for WP7 or is it because there are certain inherent things about WP7 that prevent viruses from running? Any help is appreciated.
    Right now, I think a few factors play a role in the security. First, it's a fairly new OS. Secondly, the ecosystem is too closed for any thing to really cause any major issues, if any. Last, the Market Place policies and review seem to be too strict.

    If I'm not mistaken, this is the reason the MS never tried to have flash developed for the OS. They felt that it posed a security issue. Besides, as of right now, even with the new development tools available, you still don't have access to the core OS of WP7. It only allows you access to certain functions. The developers tool kits are registered, I assume, considering you have to purchase it on a yearly basis. So, it actually makes more sense for a person to try and make money from it, then being malicious. But, the issues we do have are, people who develop crap apps and charge for them, without being able to try them out. So, there are scam apps but, you have to mindful what you download and not purchase anything you can't try out fully.
    aubreyq and Rich Edmonds like this.
    01-26-2012 02:59 AM
  7. Pronk's Avatar
    I think absence of Flash is a lot more to do with lousy performance on mobile devices. Even high-end android phones with multiple cores and a zillion GM of memory struggle with it because it's just not designed for mobile architecture. Hence Adobe giving up on it.
    01-26-2012 03:14 AM
  8. Vmac39's Avatar
    I think absence of Flash is a lot more to do with lousy performance on mobile devices. Even high-end android phones with multiple cores and a zillion GM of memory struggle with it because it's just not designed for mobile architecture. Hence Adobe giving up on it.
    Yeah, there's that issue, too.
    01-26-2012 03:29 AM
  9. Blacklac's Avatar
    I think absence of Flash is a lot more to do with lousy performance on mobile devices. Even high-end android phones with multiple cores and a zillion GM of memory struggle with it because it's just not designed for mobile architecture. Hence Adobe giving up on it.
    Your experience(?) greatly differs from mine, on that matter.
    01-26-2012 10:15 AM
  10. bear_lx's Avatar
    it is also the same reason why apple computers dont get viruses AS OFTEN. because they only hold less than 5% marketshare. why whould someone writing a virus want to do it on a computer that is so minimally spread? they dont... all products are suseptable to viruses, in one way or another. there is a way to hack everything. the security in place will effect the liklihood of a virus, one reason android is flodded with malware, it is open sourced and easy... microsoft and apple are more locked down, thus making it more difficult to spread a virus on.
    Blacklac and Aeon2k like this.
    01-26-2012 10:35 AM
  11. Pronk's Avatar
    it is also the same reason why apple computers dont get viruses AS OFTEN. because they only hold less than 5% marketshare. why whould someone writing a virus want to do it on a computer that is so minimally spread? they dont... all products are suseptable to viruses, in one way or another. there is a way to hack everything. the security in place will effect the liklihood of a virus, one reason android is flodded with malware, it is open sourced and easy... microsoft and apple are more locked down, thus making it more difficult to spread a virus on.
    Nope.

    1) "As often" isn't true because there are currently no (zero) viruses on OS X. There are trojans, but like all trojans they rely on the end user to enable them to do anything rather than system weaknesses. The BSD subsystem that forms the foundation of OS X has been under scrutiny for over 30 years, a large percentage of its potential security holes have long been closed. Basically, it's incredibly, incredibly difficult to write an OS X virus. So difficult, no one bothers.

    2) Mac marketshare is higher anyway:
    Mac market share continues to inch up | Apple - CNET News
    (and those numbers include hundreds of thousands of dumb windows terminals, such as ATMs, cash registers etc. that bloat up the numbers)

    3) the "security through obscurity" thing is a complete and utter myth. There were viruses for the Amiga, yet the Mac sells more each year than the Amiga did ever. There are viruses for obscure phone OSs. Market share is irrelevant - and even if the mac did still hold just 5%, that's millions of computers - well worth someone writing a virus to e.g. extract keylog data.

    You get viruses on a system when it has weak security and design flaws. Windows has a virus problem - and always, always will until it is rewritten from the ground up - because it's still tied to legacy code and back when it was written they simply didn't think about viruses.
    01-26-2012 11:47 AM
  12. bear_lx's Avatar
    true but people still write viruses, and millions is nothing compared to billions. so if i wanted a virus to spread as quickly as possible, it wouldnt be on os x
    01-26-2012 11:59 AM
  13. Pronk's Avatar
    But there would still be some. The fact there are none at all even on a format with rampant growth against all trends in the PC market absolutely blows the obscurity idea away.

    WP is the same - it has no viruses because of design, not low marketshare.
    01-26-2012 12:06 PM
  14. bear_lx's Avatar
    The reasons for this have been extensively debated by security experts, who offer several explanations:

    •Small market share. There is some truth to the "security through obscurity" argument. Many virus writers are motivated by the power they can command -- and the money they can make -- by seizing control of large numbers of computers. That puts a financial premium on Windows viruses.
    •Mac OS X, with its Unix-based file system and kernel, is harder to infect with a self-replicating program. (See Claudiu Dumitru's MacOS X Vulnerabilities for background.) Windows, as I understand it, allows users to write run executable code outside their own protected memory space; Mac OS X does not.
    •Viruses are going out of style. The action these days, I'm told, is in Trojans and spyware.
    This is not to say that OS X is invulnerable. The frequency of Apple's security updates and the emphasis the company is putting on the new security features in Snow Leopard are proof that it is not. Maybe Apple is just lucky. Or maybe it's better at protecting its users from infection than Microsoft.

    That said, if the built-in anti-virus protection in Windows 7 is as good as some earlier reviewers suggest. the security gap could close when Microsoft's new system finally launches next month.

    Which may be why Apple is hammering home the "thousands of viruses" message now.
    01-26-2012 12:18 PM
  15. Rodolfo#WP's Avatar
    Broader security breaches have become a bigger problem than viruses, and Flash probably a less-frequent or lower-proportion cause. Bing for a 2010 article entitled "Apple Security Breach Drenched in Irony" to illustrate -note the at&t role as well.
    01-26-2012 12:59 PM
  16. Pronk's Avatar
    The reasons for this have been extensively debated by security experts, who offer several explanations:

    Small market share. There is some truth to the "security through obscurity" argument. Many virus writers are motivated by the power they can command -- and the money they can make -- by seizing control of large numbers of computers. That puts a financial premium on Windows viruses.
    Mac OS X, with its Unix-based file system and kernel, is harder to infect with a self-replicating program. (See Claudiu Dumitru's MacOS X Vulnerabilities for background.) Windows, as I understand it, allows users to write run executable code outside their own protected memory space; Mac OS X does not.
    Viruses are going out of style. The action these days, I'm told, is in Trojans and spyware.
    This is not to say that OS X is invulnerable. The frequency of Apple's security updates and the emphasis the company is putting on the new security features in Snow Leopard are proof that it is not. Maybe Apple is just lucky. Or maybe it's better at protecting its users from infection than Microsoft.

    That said, if the built-in anti-virus protection in Windows 7 is as good as some earlier reviewers suggest. the security gap could close when Microsoft's new system finally launches next month.

    Which may be why Apple is hammering home the "thousands of viruses" message now.
    Apple aren't hammering home the thousands of viruses message because there aren't any - they might mention security in the blurb for Lion, but that's from the point of view of OS X being incredibly secure, not suddenly potentially vulnerable.

    Virus writers also do it for the kudos - and yet none of them have managed it on OS X. And the tens of millions of Apple computers - computers that usually cost more, and so should be a prime target as the users clearly have money - are a massively juicy target if cash was the aim. If the security through obscurity myth were true, no one would bother releasing OS X trojans either - but they do. It's simply a completely rubbish, frequently debunked idea. There's no "financial premium" with Windows either - it's just a ridiculously easy target whereas OS X is like robbing an armoured car armed with a penknife.

    Microsoft will never close the gap without rewriting Windows from the ground up - doesn't matter if it's Windows 8, 9, 10 or 50. They cannot "design out" the problems that let viruses self-execute because they're too tied in to the core of the OS and how it works. All they can do is patch the holes as best they can. Good luck to them doing it - no one like a virus - but without finally killing legacy support they'll never succeed in approaching the security other OSs can offer.
    01-26-2012 01:06 PM
  17. Blacklac's Avatar
    I think absence of Flash is a lot more to do with lousy performance on mobile devices. Even high-end android phones with multiple cores and a zillion GM of memory struggle with it because it's just not designed for mobile architecture. Hence Adobe giving up on it.
    http://www.blackcj.com/blog/2010/09/...obile-devices/

    Flash vs HTML5 Performance (Updated January 2012) | Pacoup.com

    Here's another one, more towards the HTML5 side, but it still shows how similar they perform.
    http://gigaom.com/video/mobile-html5-video-vs-flash/
    Note, he tested on Android 2.X phones and the Tablets were greatly improved with Flash performance after a Honeycomb update. I think its safe to say, on Honeycomb and ICS, Flash runs great. It always ran fine on the Blackberry Playbook though. ;) Nothing like Flash support baked into the OS, no plug-in needed.
    01-26-2012 01:39 PM
  18. Pronk's Avatar
    Depends on your definition of struggle. Even if it looks good onscreen, it's still much harder work for the processor and harder on battery life because of the way flash works.

    Android can have mobile flash - it's a dead format now anyway.
    01-26-2012 03:22 PM
  19. Blacklac's Avatar
    Those links explained battery life too... But please, tell me how Flash works and why it has this negative effect of battery life, that HTML5 doesn't have!

    Your posts are funny. Like talking points from a BGR comment section. ;)
    01-26-2012 04:34 PM
  20. bear_lx's Avatar
    pronk is our debater, he secretly wants an iphone, lol =)
    01-26-2012 04:54 PM
  21. Rich Edmonds's Avatar
    Right now, I think a few factors play a role in the security. First, it's a fairly new OS. Secondly, the ecosystem is too closed for any thing to really cause any major issues, if any. Last, the Market Place policies and review seem to be too strict.

    If I'm not mistaken, this is the reason the MS never tried to have flash developed for the OS. They felt that it posed a security issue. Besides, as of right now, even with the new development tools available, you still don't have access to the core OS of WP7. It only allows you access to certain functions. The developers tool kits are registered, I assume, considering you have to purchase it on a yearly basis. So, it actually makes more sense for a person to try and make money from it, then being malicious. But, the issues we do have are, people who develop crap apps and charge for them, without being able to try them out. So, there are scam apps but, you have to mindful what you download and not purchase anything you can't try out fully.
    Pretty much agree with every letter you typed here, sir. While every OS is prone to viruses (still enjoy seeing the anti-virus products being advertised on television including support for Windows and Android), a closed eco-system is a solid barrier to help protect consumers. It'll take odd occurrences such as the SMS bug.
    01-26-2012 06:05 PM
  22. Vmac39's Avatar
    A lot of viruses have a lot to do with user habits and the sites they go to, from my experience. I've notice that most viruses that I've cleared of my computer or others, have been because of sites that people like to frequent or rely on IM or email links and now it seems social sites, too. With that said, WP7 doesn't access most sites that have them and others would rely on people clicking on links. Most of these sites are very Flash based and since WP7 doesn't use it, the links that allow viruses on your computer or phone, don't open. I'm not saying it can't be done, just not as likely as Android. An open OS has it's benefits but, it comes with some issues, too.

    Popularity probably does play a role but, I will have to go with the fact the WP7 is more secure, at this point. If popularity was the main issue, the iPhone should be plagued with them.
    Last edited by Vmac39; 01-27-2012 at 01:49 AM.
    01-27-2012 01:41 AM
  23. Pronk's Avatar
    Those links explained battery life too... But please, tell me how Flash works and why it has this negative effect of battery life, that HTML5 doesn't have!

    Your posts are funny. Like talking points from a BGR comment section. ;)
    Yeah flash is so great, that's why Adobe continue to support it on mobile. Oh, wait.

    Why Flash didn’t work out on mobile devices — Tech News and Analysis
    Adobe Flash Meets Its End | News & Opinion | PCMag.com
    Mobile Flash Fail: Weak Android Player Proves Jobs Right
    Mobile Flash Is Officially Dead, Neither Users nor Adobe Will Miss It - Softpedia
    A Humbled Adobe Sees Beyond The Browser | TechCrunch
    (and a whole heap more articles, all citing poor performance, battery life issues stemming from hardware acceleration/h.264 decoding problems in versions pre 10.1 etc. - or is everyone just deluded?)

    By the way, your first link is 2 years old and your second link was nothing to do with mobile flash. Anyway, argue with all the guys in the links above - I'm not fussed. Adobe have made it quite clear what they think about Flash on mobiles, so I'm going with them ;)
    01-27-2012 03:06 AM
  24. Eirenarch's Avatar
    It is not possible to write a virus for WP7 because you don't have access to native APIs but only what Silverlight for the phone has to provide. It doesn't give you access to files and the storage is isolated so you don't get to write to other programs storage. Theoretically there may be exploits in programs written in native code by Microsoft or by their partners that can accept input without proper validation and use buffer overruns to call some native OS APIs that will allow them to replicate. This kind of exploit will be quite hard to find and pull off though. Note that both Android and iOS allow different levels of native access to the OS which makes it easier to pull off these exploits because devs have more direct access to the system.

    The whole Mac discussion is bull****. The main reason Windows gets more viruses than Mac (and viruses for Macs do exist) is that Windows users tend to run their systems as admins so programs can replicate without asking for permissions. Windows Vista's UAC does something quite similar to what a *nix based machine would do (i.e. explicitly asks for permissions when a program wants to access something) however because of Windows history many programs are written to expect these permissions by default while in the Mac world this is not the case. If you are able to find a mac user that runs as root all the time and every program he starts gets root access Mac (or any other *nix) machines will be as vulnerable to viruses as Windows. On the other hand if you run Windows with non-admin account the likelyhood of getting a virus is as low as on a Mac (except that there are more viruses for Windows). Sadly running Windows as a user with reduced privilleges is something far more annoying than what Mac users get when they run as non-root, but that's life (also one of the main reasons Vista was hated so much).
    Aeon2k likes this.
    01-27-2012 04:18 AM
  25. Blacklac's Avatar
    Yeah flash is so great, that's why Adobe continue to support it on mobile. Oh, wait.

    Why Flash didnt work out on mobile devices — Tech News and Analysis
    Adobe Flash Meets Its End | News & Opinion | PCMag.com
    Mobile Flash Fail: Weak Android Player Proves Jobs Right
    Mobile Flash Is Officially Dead, Neither Users nor Adobe Will Miss It - Softpedia
    A Humbled Adobe Sees Beyond The Browser | TechCrunch
    (and a whole heap more articles, all citing poor performance, battery life issues stemming from hardware acceleration/h.264 decoding problems in versions pre 10.1 etc. - or is everyone just deluded?)

    By the way, your first link is 2 years old and your second link was nothing to do with mobile flash. Anyway, argue with all the guys in the links above - I'm not fussed. Adobe have made it quite clear what they think about Flash on mobiles, so I'm going with them ;)
    The only part of that response that was even close to answering my question was about pre 10.1 performance. Flash is on 11.1 now. If your original comment about Flash's poor mobile performance was based on pre 10.1, you should have said that. I never said Flash was "great" and I never denied Adobe was no longer creating the Mobile variant.

    10.1 was also the first version optimized for Mobile, btw. Older version may have worked, but they werent specifically meant to perform well on Mobile Devices.
    Last edited by Blacklac; 01-27-2012 at 10:30 AM.
    01-27-2012 10:13 AM
28 12
LINK TO POST COPIED TO CLIPBOARD