- Jan 2, 2010
- Reaction score
My 2 cents:
I'm currently researching AV/malware protection for my Droid and plan to deploy as soon as I find a product that meets my needs and comes from a source that can be verified as being legitimate.
Konstructa mentioned that "some of the first root kits were Unix based". Actually, the very first root kits were Unix based.
Speaking of root, how did we get root access on our device? Someone found a vulnerability that we have exploited to run code of our choice. Guess what - malware writers do the same thing.
Many have stated that Android doesn't need AV because it is Linux based. I've even heard a number of colleagues state the same thing when approached by management asking about AV on Unix servers.
But a common flaw in that thinking is this: most malware anymore doesn't even target the OS. Rather, it targets the applications such as the web browser, email client, Java, Acrobat, Quicktime, etc. Anyone out there avoiding those apps?
Anyone stating we won't ever need protection is just burrying their head in the sand.
My bottom line:
Just because there are no known viruses or malware targeting our beloved platform at the moment is no reason not to research and support tools to protect our platform and the data stored therein.
I don't think (or at least I hope) that anyone's contention is that Linux can't get viruses or can't be compromised somehow. Any computer, any OS, anything in the world that connects to the Internet can be compromised. However, the odds of your Linux system being compromised are almost slim to none and to be honest, you'd almost have to allow it to get infected. You left off some important things:
Sure, malware targets applications such as browser, acrobat etc, but most (not all) binaries which are downloaded to a linux system wont be executable by default. In other words, if you link to some binary on the net, or if some rogue application downloads a binary, it's not going to result in an automatic execution on your system (unlike Windows), hence the "This application uses" screen before you install an app, and the "Trust 3rd party" checkbox.
Second, even if you do run a package from an attachment and even if you do put in your sudo password (or in this case run as root), you're still going to be told that this is from an untrusted/unsigned source and you have to make the decision to proceed. Again, you'd have to essentially try to infect your system if you download some rogue app from a third party that you know nothing about.
Third, most linux targeted viruses can't self-replicate so again it's essentially you attempting to infect your system.
If you download a binary from www.removedlink.com called "GetPeoplesCreditCardInformation.apk", run it at root, trust it, and install it and your system gets infected, that's a user flaw and not a Linux flaw.
I have no intention to install any antivirus on my Linux systems, or my phone as it is unnecessary. Can Linux/Android be compromised? Absolutely. Is it likely that you're going to get compromised by downloading an app from a malicious coder? Yes, if you agree to all the security warnings that are presented to you before you install. There are far too many checks done before something actually executes, and I would honestly blame the user if he/she managed to somehow mess up their system.
If I'm completely wrong about this, someone please correct me, but I'm pretty sure I'm not haha...