Timofonica virus 'blown out of proportion'
Published: 08 Jun 2000 14:17 BST
Mobile phone viruses could be a real threat, say the UK's mobile phone operators, but the Timofonica worm that appeared earlier this week isn't anything to worry about.
Timofonica, which is similar to the destructive 'ILOVEYOU' worm, caused infected PCs to send text messages to randomly-selected Telefonica mobile phones. This feature has caused widespread speculation about the imminent arrival of a true mobile phone virus, but so far experts stress it is just that -- speculation.
Computer security firm Computer Associates went so far as to issue a statement downplaying Timofonica's importance, noting that since the worm is written in Spanish it is not likely to spread to non-Spanish speaking countries. "It is important that the industry puts these kinds of threats into proper perspective," said Simon Perry, CA vice president, security solutions, in the statement. "Some reports have linked Telefonica to a new type of attack that spreads through mobile telephones. That is not the case."
The wireless industry also reacted angrily to press coverage of the virus, calling it misleading. "This whole thing has been blown way out of proportion," said GSM Association spokesman Mark Smith. "It doesn't harm mobile phones, it doesn't affect them."
The worm exploits a feature that allows PC users to send emails that appear as SMS text messages on Telefonica mobile phones. While Telefonica admits such a virus could affect users, it says none of its users have reported being hit.
Other mobile phone operators, such as British Telecom's Cellnet, also operate email-to-SMS gateways, but say filtering and security technology minimises the risk of misuse. "There are certain things that ensure only legitimate messages get sent through," said a Cellnet spokesman. "Also, if we see anything coming through that looks mischievous, we can bar specific originating addresses."
Other operators, such as Orange, are not affected because they do not allow email-to-SMS communications.
In any case, the threat to mobile phone users by a Timofonica-like virus is not a matter of their phone being invaded by hostile code -- at worst, it is the problem of unwanted messages, or spam, that email users deal with every day.
But the public's interest in Timofonica highlights a wider point, say experts -- that there is a real, if as yet unrealised, threat from mobile phone-based viruses.
Today's phones simply don't have the processing power or complexity to be affected by viruses, but that is expected to change with next-generation "smart phones" that combine wireless and handheld-computer functionality. A few early examples already exist, including the Palm VII and Nokia's Communicator.
Once such devices become more widespread, mobile phone users will run the same risks as PC users do today. For example, an email attachment could be specifically designed to infect applications running on a mobile operating system such as Psion's Symbian, erasing contact information and forwarding itself wirelessly to other handheld devices.
"Future generations of mobile phones will be much more capable, and more vulnerable," said the GSM Association's Smith. "[Mobile phone viruses] are naturally something we would need to develop barriers against."
What do you think? Tell the Mailroom. And read what others have said.
Take me to the Virus Workshop
Did you find this article useful?
69 out of 87 people found this useful
- Share this article:
