Sunday, March 6, 2011


I was reading through the comments at this review of Lookout mobile security and saw this howler:

“…android is linux based. hence, it’s literally impossible for it to contract a virus through an app (i heard some story recently that somewhere in russia, a virus was attacking linux based devices, but not through apps, and such a thing was very rare). Apple also uses a linux base for the iphone and mac, which is why they are famous for not getting viruses.”

Isn’t that precious? Later on he walks it back and claims that he meant “it was difficult.”

I am painfully aware through my day job that there is malware specifically targeting OSX (a DNS changer trojan); and that the awareness of security on the platform is so low that it can get away with being painfully obvious. The equivalent trojan on the Windows platform has to employ serious camouflage tactics to avoid getting picked up and removed; using tricks like burying in the TCP stack and sophisticated counter-countermeasure mechanisms. The OSX one runs as a obvious background task and can be easily spotted by checking your DNS settings.

Here’s the deal: consumer computing machines have users who can grant permissions to apps to do things, including “full control” (whatever that means for your particular OS). This means there is no security beyond what the user imposes. An OS can give the user tools to assist them in the process, and can restrict access without specific permission; but in the end, the user can override any and all security measures.


  1. In fact that's exactly how the web-based "jailbreak" for your iPhone worked - with one of several un-patched exploits.

    Malware authors pick their targets economically - whatever has a broad (or broadest) install base, and whatever is easy to pop, they will do.

    This "Lookout" app seems to me to be nothing much really - just another app trying to ride the "Oh Noes! Malware in Android Apps!" media fear-mongering tidal-wave.

    If anything this looks like a spyware app - it tracks your calls, your location, and all apps you install, and saves it on a server under their control. BUT IT'S FREE! So that makes it okay.

    Unless this company has a large research and collections team cranking on reversing mobile malware binaries, this is just another scam app.

  2. Lookout predates the recent malware brouhahah. I didn't recommend them in this post because I appreciate the negative appearance of their activities. I don't use their backup service, in fact. I mainly use the location part of it. In this it's no different that the Microsoft My Phone app I used with Windows Mobile.

    I have no evidence one way or another about their malware signature capabilities; but given that they were highlighted in several ads by Verizon Wireless, I don't expect them to be black-hats themselves.

    From a certain point of view, Google is a spyware ring...

  3. iOS and MacOS are actually BSD derivatives, which predate Linux by quite a while. I love it when these idiots spout nonsense. They're almost as fun to watch as the Brady Bunch.

    Hmmm, I thinking there is a connection there, something about people who know nothing about which they are speaking and opening their mouths...


Please keep it civil