Security threats Toolkit

Symbian hits back over security

Tags:
Security,
Viruses

Will Sturgeon silicon.com

Published: 06 Sep 2005 10:40 BST

Mobile phone operating-system maker Symbian has reacted to growing media and security industry concern about the threat of mobile phone viruses, stating categorically that users are in no danger of getting a virus on their handset.

And David Wood, executive vice president of research at Symbian, told ZDNet UK sister site silicon.com it's crazy to think a company such as his own isn't constantly reviewing all security threats and wouldn't have reacted by now if such threats were real.

Wood said: "Trust me, we really don't want to come a cropper on this one.

"For the past four years we've been in constant talks with a number of partners and antivirus companies because we really don't want to find ourselves in the same trouble that people have now with their PCs ."

Wood believes the simple fact is that users are not at risk at present from mobile phone viruses and doesn't believe there has been an increase in the risk, despite claims to the contrary appearing in the media.

"The number of proof-of-concept viruses is increasing but that's not to say there has been an increase in the risk of infestation or there is any need for panic or worry," Wood explained

What few risks there are in the wild — which appear to exist at negligible levels — can easily be guarded against and do not have an effective way of infecting or spreading, said Wood.

He added that these viruses will only spread with user permission and conceded that in very rare instances a user could contrive to infect their phone.

"If somebody says: 'Can I borrow your phone for half an hour and put an application on it?' you'd be suspicious," said Wood. "So why would somebody open an application from somebody they do not know?"

Wood said he believes there is virtually zero chance that a user who displays "common sense" will ever fall victim to a mobile phone virus, although the threat may increase in time.

Doug Overton, head of communications at WDSGlobal, which handles around 100,000 helpdesk calls each month for customers of HP, Nokia, Orange, Sony-Ericsson and T-Mobile, agreed that the real issue is about proper configuration of mobile phones, which used properly should be impervious to the current smattering of viruses.

But Overton believes for some media and security companies it is often too tempting to talk about sexier issues.

"Security fears can provide a horror story which the media are sure to lap up and this can create a distraction from the real problems.

"Configuration issues have fallen by the wayside when they deserve greater attention."

Despite the insistence that such viruses are currently a non-issue, Symbian is still preparing for a day when that may not be the case.

"We realise that malware writers are going to become more ingenious. We don't know when, or if, a really nasty virus will target mobile phones. I personally don't think there will be one for quite some time," said Wood.

Work on the Symbian OS kernel is ongoing, with security in mind, and version 9.0 will start appearing on devices at the end of this year with improved platform security features.

The company's Symbian Signed application scheme also helps users see when an application comes from a source that is 'untrusted'.