Forgot your password?
typodupeerror
Security Android Cellphones Handhelds

Kaspersky Inks a Deal With Qualcomm To Improve Android Security 56

Posted by samzenpus
from the on-the-dotted-line dept.
First time accepted submitter llebeel writes "Kaspersky Lab has signed an agreement with chip designer Qualcomm to improve security at 'the lower level' of a smartphone's mobile operating system. The Russian security firm told The Inquirer that it has agreed to offer 'special terms' for preloading Kaspersky Mobile Security and Kaspersky Tablet Security products on Android devices powered by Qualcomm Snapdragon processors."
This discussion has been archived. No new comments can be posted.

Kaspersky Inks a Deal With Qualcomm To Improve Android Security

Comments Filter:
  • Comment (Score:3, Informative)

    by Anonymous Coward on Monday May 13, 2013 @09:56AM (#43709475)

    Poop

  • nothing else.

    marketing at work.

  • by anthony_greer (2623521) on Monday May 13, 2013 @10:02AM (#43709547)

    This seems like a bad thing - I don't really trust any of the AV companies after 20 years of experience on Windows OEM AV crap...Is android doomed to the same bundled security crapware that plauges off the shelf Windows PCs in the retail channel?

    Give it 12 months from the launch of this and you will have Norton/Mcafee trial crap on every android device when Asus/Samsung/Whoever figure out that there is money on the table...

    • by Krojack (575051)

      Only you won't be able to uninstall this trial crap. It will be force upon you just like all this bloatware apps that you never use.

      • I am not to much of an android user, so I guess I dont understand how and application can not be removed...I thought android was supposed to be wide open, like Linux - so you are saying there is no way to delete an application if the Android equivalent of an add remove programs entry is not present?

        Who would buy such a device?

        • by robmv (855035)

          Because adding options to remove and add code from the base OS adds complexity, you will need to add a package manager that checks dependencies, when applying firmware updates, you need to check if the application is installed or not. The Android "solution" to this problem is to be able to disable applications, this way the OS behaves like the applications doesn't exist, without adding the complexity to manage different configurations on an OTA update, every device has exactly the same copy of the firmware

          • by Anonymous Coward

            Bullshit. You can remove applications on Android perfectly fine. To remove system applications, all you need is superuser access (aka root): that avoids stupid people from removing their launcher or phone applications. This does not complicate system updates in any way.

            • by tepples (727027)

              To remove system applications, all you need is superuser access (aka root): that avoids stupid people from removing their launcher or phone applications.

              The problem comes when manufacturers and carriers mark applications provided by "marketing partners" as system applications.

        • by Joce640k (829181)

          Only by rooting the phone and installing the "open" version of Android which may or may not have drivers for hardware which has been modified by the carrier to make it cheaper (cut out some sections of the graphics chip or use a second-rate non-standard camera or whatever)

          Those "free" phones they give out? Yeah, about those...

          • by Inda (580031)
            Not always so.

            Samsung's Vlingo on the S2 was a pig. Always popping up when you wanted to return to the home page. No option to remove. Arrghhhh, and all that.

            "You need to root" was the mantra from the crowd. "Root, root, root!".

            Using a 3rd party app were actually easier.

            For those who want to know how:

            1. Install Go Launcher
            2. Use Go Launcher to unistall the Vlingo app.
            3. Uninstall Go Laucher.
        • I am not to much of an android user, so I guess I dont understand how and application can not be removed...I thought android was supposed to be wide open, like Linux - so you are saying there is no way to delete an application if the Android equivalent of an add remove programs entry is not present?

          Who would buy such a device?

          Like Linux(because it mostly is, with some additional, mostly Apache-licensed, stuff on top) Android is 'Open' in the sense that you have the source for the GPLed components, and sooner or later get Google's source for the rest; but hardware vendors are under no obligation whatsoever to, say, have a bootloader that accepts firmware images that aren't cryptographically signed. Nontrivial binary blob drivers, for certain hardware components, are also quite likely.

          How tivoized various Android devices are varie

          • but hardware vendors are under no obligation whatsoever to, say, have a bootloader that accepts firmware images that aren't cryptographically signed.

            Hardware vendors have an obligation to their shareholders to provide a device that won't cause the company's customers to defect to Nexus in droves. It's analogous to pricing pressure and license pressure [slashdot.org].

            • At least until the US market stops being so heavily driven by carrier marketing, 'subsidies', and 'exclusives', I expect the steady stream of locked down and stuffed-full-of-shit phones to continue, unfortunately... On the other side of the coin, the could-be-promising pacific-rim noname tablets don't tend to waste time or money on lockdown or NDAs or such; but you'll be lucky if you can buy the same hardware twice, and any documentation that exists is probably in Mandarin...

              • At least until the US market stops being so heavily driven by carrier marketing, 'subsidies', and 'exclusives', I expect the steady stream of locked down and stuffed-full-of-shit phones to continue

                T-Mobile itemizes now. If you live and work in T-Mobile's service area, you can port your number to T-Mobile and leave behind the VZW/ATT carrier marketing.

      • by slaker (53818)

        At least newer Android versions allow you to disable apps you don't want. I had to root my HTC Evo to get rid of Facebook and the Sprint NASCAR app.

        • by Krojack (575051)

          True but I'm expecting the phone manufactures and/or carriers to remove that option once they realize people use it. Also there seems to be a way to disable the Disable button from within the app. I'm not sure it the app requires special system permissions to do that or if it's some simple on/off flag that's added to the app.

          But yeah I rooted my HTC Thunderbolt to rip out things like Slacker, Blockbuster and some random Twitter app (and many others). Even though I never used them they seemed to randomly

      • and have the use of Google's App Store account to helpfully pay your monthly per-phone subscription fee.

    • by MrMickS (568778) on Monday May 13, 2013 @10:56AM (#43710237) Homepage Journal

      This seems like a bad thing - I don't really trust any of the AV companies after 20 years of experience on Windows OEM AV crap...Is android doomed to the same bundled security crapware that plauges off the shelf Windows PCs in the retail channel?

      Give it 12 months from the launch of this and you will have Norton/Mcafee trial crap on every android device when Asus/Samsung/Whoever figure out that there is money on the table...

      Android is doomed to this for the same reason Windows was. Its too easy to install programs from anywhere.

      Now, before I get shouted down let me explain a little.

      Having open systems where we can install whatever we like is good. It does however come with at a price. That price is that in order that this isn't exploited the user has to have sufficient knowledge to be able to evaluate the decisions they make regarding installing software. These days that's more than just whether to install the software but what level of access to give it. E.g. does that drawing program really need access to my contacts? Sadly the people capable of making these decisions is a subset of those people that buy the systems. Its also a subset of those people that believe that they are capable of making these decisions. The outcome of this is that systems become infected.

      Currently the only protection we have against infected systems are AV suites. These are, not to put too fine a point on it, crap. Yes, they do the job that they are asked to but in a reactive manner and in such a way as to consume resource, valuable resource in the case of mobile devices.

      The alternative is some sort of trust based vetting of software; Apple does this with their approvals system for their app store, Google does it retrospectively with Play. They are different approaches to the same issue but have their own drawbacks.

      So there are your choices; keep the AV, or surrender the ability for the general public to load software from any source onto their devices. Which is it to be?

      • Virus protection should be part of teh OS.

        First there is a responsibility of the OS maker to be secure from the beginning, MS got the point - Windows is rock solid out of the box these days (assuming you run Windows Update).

        Second: the security hoes that cant be fixed without blocking 3rd party apps should be done by the OS Vendor as a built in (or at least freely available provided by the OS maker) feature. MS gave away Security Essentials for a while and now includes it with Win 8, you can of course disab

        • by MrMickS (568778)

          Virus protection should be part of teh OS.

          First there is a responsibility of the OS maker to be secure from the beginning, MS got the point - Windows is rock solid out of the box these days (assuming you run Windows Update).

          Second: the security hoes that cant be fixed without blocking 3rd party apps should be done by the OS Vendor as a built in (or at least freely available provided by the OS maker) feature. MS gave away Security Essentials for a while and now includes it with Win 8, you can of course disable it easily and / or replace it with another third party AV.

          If you make an OS that isn't totally secure or locked down, you should provide an AV. There should be no market for Norton/Symantec

          The problem is that, even with free AV integrated into the OS, virus management is reactive. So what if Microsoft ships AV in Windows 8, or Google includes AV in Android 4.2. Its only going to catch things once the AV vendor/team have seen a new virus, identified it, and updated the systems to deal with it. So there is a window for viruses to spread.

          With a single, well known, AV protection system available on a system the first thing the new virus will is to prevent the AV software detecting it. If you're a

          • by tepples (727027)

            People have shown that they aren't capable of identifying risk to their computer systems, why are we happy to give them the same choices on phones?

            What is the alternative, other than charging a recurring fee to anyone developing an application for the platform?

  • by Anonymous Coward

    instead of better band-aids?

    • Yes. Android is what it is. Its openness is why it is so popular, and the antivirus in this story is less about a need for security and more about the company trying to expand its market by using a 2 pronged approach.
      !: scare Android users about the spyware boogie man
      2: force bundling their software using the drug dealer model, first hit is free, then pay up mofo!

  • Considering the bugs in the last two Kaspersky enterprise AV releases, I'd say this is a terrible move for Qualcomm. I can't say enough horrible stuff about kaspersky AV.
    • Considering the bugs in the last two Kaspersky enterprise AV releases, I'd say this is a terrible move for Qualcomm. I can't say enough horrible stuff about kaspersky AV.

      Well, say a few more, seriously. I believe several of the (apparently independent) AV test labs give them high marks, but if there are some buried bodies I'd like to hear about them.

  • by jeffb (2.718) (1189693) on Monday May 13, 2013 @10:07AM (#43709619)

    Let's just pile on more software.

    I understand the concept of layered security, but I'm not convinced, especially not when things are bundled like this -- instead of serving as an independent layer, it seems like it'll just make a bigger attack surface.

    • by poetmatt (793785)

      hey, at least the performance and battery life degradation is free! /s

      just wait until this software is preinstalled on new phones from the MFR, cannot be disabled, or is put into hardware.

      I'd give it a year.

    • by Nerdfest (867930)

      I know what you mean. There are way too many downsides to reactive malware software. I was really hoping Google would have hired Moxie Marlinspike to improve their general OS security instead of letting Twitter grab him. It seems like such a waste to have him there.

  • Not good (Score:4, Insightful)

    by stewsters (1406737) on Monday May 13, 2013 @10:08AM (#43709643)
    This is something that should be fixed lower down. Phones need to be easy to upgrade to the newest version. Having a band-aid that has root privileges is a bad idea, especially when your phone doesn't have the battery to keep scanning 24/7.
    • Having a band-aid that has root privileges is a bad idea, especially when your phone doesn't have the battery to keep scanning 24/7.

      Then perhaps it could scan newly installed applications while the device is charging.

  • by wisebabo (638845) on Monday May 13, 2013 @10:20AM (#43709781) Journal

    While I'm sure that Mr. Kaspersky is a trustworthy, ethical person and that his staff adhere to the highest of professional standards, the fact remains that Kaspersky is based in Russia and therefore most of its assets (and employees!) are subject to the whims of the Russian government.

    And yes, I do mean "whims". I'm sure that close observers of Russia will agree that the rule of law does not apply when strategic interests (defined as whatever interests Putin) are at stake. While the United States by comparison, is hardly an angel in that regard it cannot be compared to a government that throws Billionaires in prison on trumped up charges and assassinates its own agents overseas (with Polonium no less) who cross it. Ethics and professional standards would/should crumble when your life or the lives or your family members are at stake.

    So should Kaspersky be allowed to make changes (at the chip level!) I would hope that at the very least it can be shown that it does not give the Russian govt. a back door into the platform. (For the same reason I would be very reluctant to use a home grown Chinese OS on a smartphone.)

    • That's what the rest of the world thinks about America and their WinTel monopoly. Deal with it.

      Really. America has never assassinated one of it's agents ever? You sure about that?
      Hmm, and jailing billionaires? Say it's not so! Let's start a "Free the billionaire" charity. We could sell cookies.

      • That's what the rest of the world thinks about America and their WinTel monopoly. Deal with it.

        Really. America has never assassinated one of it's agents ever? You sure about that? Hmm, and jailing billionaires? Say it's not so! Let's start a "Free the billionaire" charity. We could sell cookies.

        In case you haven't heard, the Wintel monopoly ain't what it used to be. Also, while I'm hardly dreamy eyed about the US, it's historical sins, and certainly its current path, comparing the US to Russia is ludicrous. Perhaps the US has assassinated some of its own agents. Please provide citations. As for crying over fraudulently jailed billionaires, I don't lose much sleep over them either. However, you're missing the point. If they can jail someone with that much influence and visibility on trumped up char

    • You made a number of points. Let me strike a line across them to assuage your concerns.

      After the fall of the Soviet Union a lot of Russia's state-owned resource-driven economy was privatized. It was a very murky process, in the result of which a few people grabbed huge industrial assets while paying a tiny fraction of the price. One of them is Khodorkovsky.

      After Putin was elected in 2000, he has taken measures to curb the influence of the said oligarchs. That resulted in a lot of complaints about the ru

      • The Western media maintain that the only cure to the situation in Russia is the respect for the rule of law ... However, that's a mistake

        Please forgive my Western bias, but I can't think of a single historical example where the Rule of Law wasn't preferable to the alternative. You seem to think Russia is an exception due to "special circumstances". That's the usual excuse for destroying the Rule of Law. Also, it's hard to think of when in Russian history people haven't argued that there were "special circumstances".

        • It's not about cultural differences; it's about different views on the history.

          Let me reiterate my major points: (1) violations of the rule of law started in 1990s with the deeply flawed privatization program, and the violations during the partial re-nationalization of 2000s were just another aspect of the same problem. [Ergo, oligarchs are just as "bad" as Putin is.] (2) while concerns about the rule of law are valid, the major underlying question which spurs the debate is ownership of the large post-Sov

          • It's not about cultural differences

            That was part of my point.

            oligarchs are just as "bad" as Putin is.

            Probably worse. I never said otherwise.

            the large underlying problem of the fair ownership of the Soviet assets has no easy solution

            I understand. The "privatization" of Soviet assets was theft on an unprecedented scale. It dwarfs even the West's more recent ripoff by their banks. However, that still doesn't justify Putin's "strong man" approach and eh, less than zealous concern for the Rule of Law. I can't think of when that's ever turned out well. In 1917 Russia wound up trading the czar for the Bolsheviks. How did that work out? Maybe they could tax assets in excess of $

            • Ok. Your argument makes sense. However, perhaps overtaxing the riches would give Putin just the same amount of bad press (and which is worse, bad economy and low investments). There are no easy solutions to the mess.

              p.s. By the way, is that +10 or -10db? That's either a very good or a very bad signal-to-noise ratio, but from your nickname it's not evident which one is implied.

              • +10 or -10db?

                I've forgotten. Maybe I'll say it depends on my mood. -10 means I'm very optimistic (because I think I can demodulate a signal like that!).

It is better to give than to lend, and it costs about the same.

Working...