On Mon, Sep 12, 2005 at 09:52:27AM -0700, James A. Donald wrote: > Typical worm installation goes like this: > > : : Receive message via bluetooth from unnamed > : : device? Y/N > : : > : : Installation Security warning: Unable to > : : verify supplier. Continue anyway? Y/N
It's just a networked computer that happens to look like a mobile phone. Not particularly security-oriented. It also doesn't matter what current malware does on the current platform. FWIW, it's still in primitive shenanigan stage. It's a question what future malware on future mobile platforms will do. It's a machine for young social primates. Not suitable for a payment system, unless equipped with dedicated, hardened cryptographic compartment with dedicated display and PIN/biometrics. http://www.f-secure.com/weblog/archives/archive-052005.html Yesterday we received information on Commwarrior.B sightings on two new countries: Greece and South Africa. So it seems that the rate in which Commwarrior is spotted is quite a lot faster than with Cabir. But then again, high discovery rate might be result of increased public awareness. Also as Commwarrior is in the wild here in Finland, we have had an opportunity to follow how the worm spreads and interviewed people who have been infected with it. And it seems that we have found at least partial answer to the question why people install Symbian worms on their phones. The most common reason why people have installed Commwarrior from MMS message is the trust that they have on the sender. People are wary of messages that they receive from unknown sources, but quite willing to install whatever has been sent from a friends mobile. This is a phenomenon that we have also seen with E-Mail worms, people just are unwilling to mistrust something coming from a friend. Current count of countries with Commwarrior sightings: 1.Ireland 2.India 3.Oman 4.Italy 5.Philippines 6.Finland 7.Greece 8.South Africa > Seems to me that the phone designers have done a better > job with virus, worm, and malware resistance than > Microsoft or Linux. Teenagers are pretty sophisticated. Are we talking even about the same species? About the same teenagers which already own malware-infested PCs, and swap whatever ringtones, logos and games en vogue with their FOAFs? -- Eugen* Leitl <a href="http://leitl.org";>leitl</a> ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
signature.asc
Description: Digital signature
