Pinning Down the Spread of Cell Phone Viruses 53
walrabbit writes "Wang et al (2009) (from Albert-László Barabási's lab) modeled the spread of mobile phone viruses based on anonymised call and text logs of 6.2 million customers spread over 10,000 towers. Their simulations shows that the spread is dependent on the market share of a particular handset, human mobility and mode of spread: bluetooth or MMS or hybrid. 'We find that while Bluetooth viruses can
reach all susceptible handsets with time, they spread slowly due to human mobility, offering ample
opportunities to deploy antiviral software. In contrast, viruses utilizing multimedia messaging services could
infect all users in hours, but currently a phase transition on the underlying call graph limits them to only a small
fraction of the susceptible users. These results explain the lack of a major mobile virus breakout so far and predict
that once a mobile operating system's market share reaches the phase transition point, viruses will pose a
serious threat to mobile communications.' You can read the full text (PDF) and supporting online information (PDF) (with interesting modelling data and diagrams)."
(Also summed up in a short article at CBC.)
This is why... (Score:5, Funny)
... I use the old fashioned method of communication [textually.org].
Re: (Score:2)
Do you use sterilized caps? You know, you might catch an ear infection from dirty caps!
Wear protection! (Score:2, Informative)
And don't share your phone promiscuously!
Abstinence is the way - don't use cell phones!
Re: (Score:3, Insightful)
Re: (Score:2, Informative)
or have a kill switch, disable background processes and practice full control of the software distribution
Re: (Score:1)
or have a kill switch, disable background processes and practice full control of the software distribution
That is, as far as Freedom to use goes, the same thing curfew.
Re: (Score:2)
One valid reason for the app store... (Score:5, Interesting)
I was having this debate with someone the other night who believes that in 3 - 5 years every phone will be android. Personally I was arguing that Blackberry in the business world is pretty hard to beat and the iPhone has a sizable lead. But people tend to trade in their personal phones every couple years. Businesses usually get married to a platform and it's harder to move them away. Especially if they have invested in any applications.
I know Apple gets flamed a lot around here by people for not being open enough and forcing developers to release apps through the app store, but I've seen it as an attempt to delay and try to prevent malware on the iPhone. Personally that's one reason why I am uncool in the geek world and don't jailbreak mine. I know I've bitched about the bluetooth stack being locked down on the iPhone. I'd love to connect a freaking wireless keyboard to it sometimes. But at the same time, I see Apple's position on controlling the gateway beyond them "being evil locking people in".
You have the people harping on how cool Android will be because one won't "be locked into one app store" etc.. But in the back of my mind that just increases the risk of someone downloading some "Cool free app" that happens to be a malware app. It only has to happen a few times before the reputation gets out there. And it will happen because people see pops ups now that say, "Hey you have mal ware, down load our malware cleaner." And then they click and install nothing but malware.
And I think it is much more likely given how I've seen people use their phones on such a spur of a moment basis. The number of times I've seen people just be browsing and buy/download a ringtone or app on the spur of the moment. Especially if they are at a club and have already had a few to drink and aren't thinking. (I have to take away certain people's iphones when we go out to keep them from doing anything stupid).
Either way, I dread the day that we have to run anti-virus on our phones.
It also makes me think there are still reasons to keep the trusty old land line around.
Re:One valid reason for the app store... (Score:5, Insightful)
every phone will be android
Ask them what drugs they're on. If they deny it, suggest they need meds. And have their flux capacitor reworked. And that they need to find a bucket of steam.
People want phones first and foremost to make phone calls. A smart phone, for many of us, is a dumb decision - it's too bulky, while at the same time it doesn't have enough screen to replace even a netbook ... and for people who tend to lose their phones on an annual basis, it gets expensive fast. Phones, for most people, are semi-disposable commodities. If someone loses it, or it gets stolen, or they drop it one time too many, it's not THAT big a deal. And for the majority, that's the way it should stay, because, like hard drive failures, it's not a question of if, but when - when you lose it, drop it, it dies, or it gets swiped.
Re: (Score:3, Insightful)
In my experience people want phones first and foremost to send text messages, and to take and send photos.
Re: (Score:3, Insightful)
People want phones first and foremost to make phone calls. A smart phone, for many of us, is a dumb decision - it's too bulky, while at the same time it doesn't have enough screen to replace even a netbook ... and for people who tend to lose their phones on an annual basis, it gets expensive fast. Phones, for most people, are semi-disposable commodities. If someone loses it, or it gets stolen, or they drop it one time too many, it's not THAT big a deal. And for the majority, that's the way it should stay, because, like hard drive failures, it's not a question of if, but when - when you lose it, drop it, it dies, or it gets swiped.
Today, people want phones first and foremost to make phonecalls. Tomorrow, they may want them first and foremost for email and video chat, with audio being a function not often used.
Most people don't want to lug a laptop around just to check email/the web, they're happy to do their surfing on a tiny device they can carry around with them anyway (a smartphone). Most people will never have a 'netbook' or even know what one is, but they do know that you can now get phones which will display your email too and
Re: (Score:2)
RE Video Chat: We've had phones with video calling for a couple of years now - it's a dud despite their initial heavy promotion by Rogers (which I could have told them). Nobody wants to show other people that they're in the toilet, or in bed, or that they haven't got their makeup on, or that they're with friends when they said they'd be working late, or that they're naked in front of their PC surfing pr0n, or any one of a number of things ...
RE: email: Get caught checking your email while driving, even
Re: (Score:2)
RE Video Chat...Nobody wants to show other people that they're in the toilet
I don't generally call people from the toilet, so it's not an issue. Perhaps it would be for you. In my opinion video chat has not caught on because it is expensive and charged at extortionate rates. I expect that to change. Look at desktop computers and you'll see video chat being used all over the world.
RE: email: Get caught checking your email while driving,
And? What does the obvious danger of emailing/phoning while driaving have to do with smartphones and the use of email on them? Texting while riding a bike is also inadvisable, but it doesn't seem to have p
Re: (Score:2)
I don't generally call people from the toilet, so it's not an issue. Perhaps it would be for you. In my opinion video chat has not caught on because it is expensive and charged at extortionate rates. I expect that to change. Look at desktop computers and you'll see video chat being used all over the world.
No, but people often seem to call me at the worst times ... Also, the video phone came with a flat-rate off-peak plan - it was a dud. People just don't want video chat when they're talking on their cell - probably because, if they're on their cell, they're doing something else at the same time ... like driving, shopping, out walking the dogs, cooking, whatever. It's a dud. We've had video chat on the pc for a decade, and conference-style standard-def video-in-a-server for almost a decade - it's a dud there
Re: (Score:2)
I agree. But I'm not sure how much longer consumers will have much of a choice. Smart phones are nice for the carriers because it allows them to tack on more services they can charge for. A couple weeks ago I went in to add a line to my AT&T account for my Dad. He's up in his late 60's and has had a pre-paid phone he kept in the car for emergencies, but it wouldn't work too well down on the farm. Last time I was down there, I kept getting pinged with emails, so I knew he could get service if he had
Re: (Score:2)
Yep - I looked at upgrading my Motorola v180 a few years ago; but kept it nonetheless. At the time, I had a job where I could have a camera in the office. If the phone had one, I would have had to leave it in
Re: (Score:1)
Should we expect the mobile carriers to play a role here?
Seems to me that they should be able to see anomalous traffic and shut it down. Nest Pa?
Lesson Du Jour... (Score:3, Informative)
It's "n'est-ce pas?".
Word for word, that is "is it not?". Figuratively, it's the equivalent of "No?". The "ce", or "it", is usually silent.
Re: (Score:1)
Re:One valid reason for the app store... (Score:5, Insightful)
You have the people harping on how cool Android will be because one won't "be locked into one app store" etc.. But in the back of my mind that just increases the risk of someone downloading some "Cool free app" that happens to be a malware app. It only has to happen a few times before the reputation gets out there. And it will happen because people see pops ups now that say, "Hey you have mal ware, down load our malware cleaner." And then they click and install nothing but malware.
But Android will end up being diverse enough to withstand most malware. Even if Android is running on 100% of the phones, not all of them are going to run exploitable versions, others will have more restrictions, still others might be without data and won't receive updates locking them into a specific version.
Also, Android is Linux. You aren't root. Theres nothing you can do to totally mess up your phone. Get a virus? No problem, just delete that user and start again. Sure, you have the downside of losing some contact info if it wasn't backed up, but its sure easier than buying a new phone.
Re: (Score:1, Insightful)
You forget one thing: virus can very well exploit the phone itself, without any need for AppStore applications.
For example, through a hole in Flash interpreter or exploitable JavaScript vulnerability.
And that's when iPhone monoculture is going to bite you.
Re:One valid reason for the app store... (Score:4, Insightful)
Through a Flash vulnerability? You really haven't paid much attention to the iPhone, have you?
Re: (Score:2)
Either way, I dread the day that we have to run anti-virus on our phones.
Personally I look forward to the day when I can run any software I like on my phone and my carrier can't lock it down and/or override my own settings. If that implies I have to worry about viruses then so be it. TFA (PDF) states that at least 420 already exist anyway, and I know Avira already offers anti-virus for certain mobile platforms.
No..valid reason NOT to have "app stores" (Score:2)
I know Apple gets flamed a lot around here by people for not being open enough and forcing developers to release apps through the app store, but I've seen it as an attempt to delay and try to prevent malware on the iPhone.
Really, I doubt that malware prevention is even on Apple's list of reasons for marshaling application development through its App Store. If it is, it's waaaay down the list. It is a marketing decision the way Nintendo exhibited tight control over who published games for the NES, or the way the iPod and iTunes service are tightly integrated and interoperability severely restricted.
Apple's App Store is about image and "synergies" and lock-in and creating a captive market. That is all. Not only does it not
We haven't seen an outbreak yet (Score:4, Insightful)
The distributed and diverse nature of the mobile OS market means that there have never been (to my knowledge) any large infections on the scale of Blaster or so forth, and yet many (popular!) phones that I've used have had simply *awful* OSes, with known security risks, monolithic kernels, and a wide install base. Such are the benefits of not having a monopoly!
Perhaps if Microsoft were the power it wants to be in the mobile market, we'd be far more familiar with large-scale infections of mobiles. I'm bloody glad it isn't -- MMS messages are down-right extortionate!
Re:We haven't seen an outbreak yet (Score:5, Insightful)
It doesn't hurt that most people don't run MS-Word and Outlook on their phones. Or an easily-compromised web server. Or have a bunch of open ports.
Ironically, unlike a PC, there's only a few ways for a virus to phone home on a phone.
Re: (Score:2)
Symbian seems to have a worse track record for viruses than Windows Mobile.
Re: (Score:1)
There's also the issue of resources. I think most programmers, nowadays, don't optimize code for minimal resource usage. Virus writers are most likely no different, and thus, probably aren't accustomed to coding for platforms with as few resources as cellphone and other handheld devices. There have been a couple stories on
Re: (Score:1)
It won't (Score:3, Insightful)
Phase transistion (Score:4, Funny)
Wouldn't reversing polarity on the flux capacitor and diverting all power to the medical/av deflector prevent the spread of a virus?
Re: (Score:2)
Re:Phase transistion (Score:5, Funny)
Re: (Score:3, Insightful)
...when the iPhone's marketshare reaches the kind of threshold this article talks about that results in it being the most popular target for spreading malicious code. Because the irony will be lost on a lot of people here.
Probably won't happen. Too many people just want a phone. I won't even consider an iPhone because it's too bulky. I want a flip-phone so that I can fold it up and ignore it - not have to worry about scratching it. Lets face it - how many times do you drop your phone ...
Also, how many times do you simply *lose* your phone?
Re: (Score:2)
"Reaches a certain market-share threshold" != "everybody owning an iphone"
Re: (Score:2)
I can understand why some people would just want a phone, but you think that the group of people who will never
buy a smart phone is so astronomically high?
Re: (Score:2)
You're off by an order of magnitude ... the estimate for efficient propagation of a virus was much more than 1%, as per the cbc article [www.cbc.ca].
The study predicts that situation will continue until one operator obtains a share of at least 9.5 per cent of the overall mobile market.
If it were realy just 1%, as yu said, we'd already be passed the threshold - symbian is at 3.2% of the entire mobile market ...
Smartphones currently make up about five per cent of the total mobile market, and the most popular smartphone operating system, Symbian, has 64.3 per cent of the smartphone market -- that's 3.2 per cent of the mobile market overall.
Re: (Score:2)
Though, I have a beef with one of their assumptions. (Well, the authors admitted that there were several factors that could cause the threshold to be quite a bit lower)
The idea behind MMS viruses is that they'll spread to everyone on the phone's contact list. But, they couldn't get the contact lists of the phones in the data, so they approximated it by using the calls that a phone made ove
Cellular provider cash cow (Score:2)
MMS will need to work first. (Score:2)
Re:I didn't RTFA, but what is the phase transition (Score:2)
Right now, the Smart Phone is too fragmented, and so there is no "giant component" of cell-phone users with the same OS who are connected to each other. This, and not technical limitations, is the reason why there have not been any cell-phone virus breakouts.
However, we're getting pretty close to that point, and once a certain threshold is met, there will be a sudden "phase transition", and giant components will form.