Viruses - A plea for sanity

Don't be panicked by media hype about viruses targetting Symbian OS smartphones

As I write this, on New Year's Eve 2004 (almost 2005), the media worldwide are championing scare stories about viruses spreading like wildfire between smartphones happening to run Symbian OS. Even by media standards, this is incredibly misleading. And, to be frank, a load of absolute rubbish. Read on...
Overview

Have you ever tried getting an application (or indeed any other kind of file) from one smartphone to another? Quite apart from the logistics of getting Bluetooth in the right mode ('Visibility: shown to all') on the recipient phone and getting the phones to actually find each other, anything request from another phone to send something has to be manually authorised (i.e. the recipient has to actively read the warning and press a button marked 'Yes'). And, for an application, there are many extra steps to agree to, in terms of accepting that you want to install it in the first place, that it probably hasn't been officially signed and then deciding which disk (internal or expansion card) to install to.

This is totally unlike the virus situation on desktop computers, where viruses infect you quickly and silently, reaching out to others via extra email transmissions and via direct Internet probes. Under Symbian OS, there is (so far) no known way for software to get sufficiently under the hood without your express permission to be able to do any of these things.
A Symbian targetted virus in the Real World

So you're walking through Paddington station, London, within Bluetooth reach of a hundred other smartphone users. And you've left your Nokia 6600 (or similar Series 60 smartphone) open to incoming Bluetooth connections because you often share contacts and appointments with colleagues and it's simply more convenient to leave this setting 'on'. All of a sudden, an 'infected' Series 60 smartphone (assuming there are any in the wild) reaches out to your phone and you hear a beep. Looking at the display you see

"Receive message via Bluetooth from Nokia 3660?"
with buttons marked 'Yes' and 'No'.

Your first choice should obviously be 'No', as you're not with a friend or colleague and are not expecting an incoming contact, appointment or file. Pressing 'No' means instantly stopping the incoming connection dead in its tracks. But let's say that you press 'Yes', out of curiosity perhaps. The virus application will be received into your Inbox, which may even automatically spot that it's a Symbian Installation (SIS) file and will start installing it. There's still no need to panic, though, as you'll then have to accept the various installation warnings and questions:

"Installation security warning: Unable to verify supplier. Continue anyway?"
with buttons marked 'Yes' and 'No'.

There's no application title shown yet, and perhaps you decide to carry on a little further, again out of curiosity (remember that you're not expecting anything).

Now we're getting to the nub of the matter. Symbian OS next pops up the question:

"Install Cabir?" (or "Sexxy", or whatever the heck today's media-favourite virus is called)
with buttons marked 'Yes' and 'No'.

At this point, if you still answer 'Yes', then you deserve everything you get! (As an aside, there are still at least two more questions to answer before the application is actually installed, giving you two more chances to back out)
Conclusion

Does the above sequence sound like the seamless and invisible mechanism needed by any decent virus if it's to propagate itself effectively in the wild? An emphatic NO.

You can keep your Symbian smartphone completely free of malware by following a couple of simple rules:

1. Don't accept unsolicited Bluetooth transmissions from other phones.
2. Don't install applications unless they are ones you've asked for or have downloaded from reputable software sites (Handango, My-Symbian, 3-Lib, etc.)

In most cases, it's quite safe to leave Bluetooth visibility as 'Shown to all'. If you do get bothered by too many unsolicited connection attempts, simply change the setting to 'Hidden'. Although given that the number of 'infected' Symbian Series 60 phones worldwide is probably still in single figures, you really don't have to worry! You're more likely to be hit by lightning or to win the lottery...

(C) 2004, Steve Litchfield

---------------------------------

To je ono sta ja cijelo vrijeme tvrdim... Symbian virusi ne pretstavljaju neku prijetnju. Problem su neinformirani mediji koji preuvelicavaju opasnost