Page 2 of 2 FirstFirst 12
Results 21 to 29 of 29
  1. #21  
    Quote Originally Posted by bkdude View Post
    Excellent thread. I was wondering if anybody had any thoughts on if following is possible and should I be worried about it:

    - While browsing some website or while installing/running a freeware (which unknown to me is a trojan), key logger gets installed and starts running as one of the "processes" (i.e. it does not show up in 'application list' in task manager')
    - And when I enter a password for a website (http or https), it is logged for the keylogger.
    - And at a later stage, key logger sends out the passwords, etc to whereever it was programmed to do.
    all of these are certainly possible on WM and there have been a few proof-of-concept attempts out there, but no massive outbreaks or major threats.

    the issue today is judging the current threat-level/likelihood of such an attack.

    That status is: LOW

    So what should the end-user do? Using mobile A/V software is an option but with the low threat and assuming you don't open random .exe.cab files sent to you, it's fairly easy to manage e.g. only download from official sites.

    The mobile world is just beginning so surely if one OS becomes dominant this could be more of an issue, but right now the general consensus is it's not really necessary. For years though these a/v products have been out with the warning that "any day now!" but so far, that one big virus/worm has not happened

    But if it makes you feel better, then knock yourself out but it will consume some memory, use some processor and you'll loose some battery. The best thing right now, imo is to just be aware of possible threats and knowing that there are products out there to help you if so needed

    Other options? If you use Exchange, enable the virus scanner or use a 3rd party email service that offers free virus scanning. That's a big help.

    WMExperts: News, Reviews & Podcasts + Twitter
  2.    #22  
    When trying to test the Block and Clean Anti-Theft modules in Kaspersky Mobile Security (v. 7), I found THEY ARE NOT WORKING. I can't block or cause anything to be cleaned.

    For me this is the only real reason to have this software at this point.

    I'm sitting on the phone waiting for their tech support now.
  3. #23  
    Mal and Darnell,

    Thanks for the responses.

    I dont think I am going to invest in A/V software at this stage. Right now, I am just trying make myself aware of what to do or not to do e.g.
    - downloading/installing a unknown freeware which has "cool" features but is not neccessary for me

    At the least, I don't want to be complacent that WM is unbreakable.
  4.    #24  
    If you use the RemoteTracker program I mentioned in an earlier comment and later want to uninstall it. After you uninstall the program, go into File Explorer to \Windows\StartUp\ and delete SMSLauncher. The uninstall program should remove that but does not.

    I've got a support ticket in with Kaspersky and I'm waiting to hear back from them. I was on the phone with them earlier, but their Level 1 guy could not resolve the issue. So they are bumping my issue up to higher level support. They seem surprised the Block and Clean Anti-Theft modules are not working properly for me.
  5. #25  
    Saw this in a news article:

    > A security flaw in Apple Inc's iPhone allows unauthorized users to gain
    > easy access to private contacts and e-mails even when the device is
    > locked, but the company said a fix is on the way.

    Although not applicable to Treo 800w, it goes to show that cell phones are not as "secure" as we may think.
  6. #26  
    Quote Originally Posted by bkdude View Post
    Saw this in a news article:

    > A security flaw in Apple Inc's iPhone allows unauthorized users to gain
    > easy access to private contacts and e-mails even when the device is
    > locked, but the company said a fix is on the way.

    Although not applicable to Treo 800w, it goes to show that cell phones are not as "secure" as we may think.
    This is Apple's first time in the mobile market and quite a few of these flaws have been found over time for their phone. I think it has more to do with them only being around for a little over a year than anything. Besides, the OS the iPhone runs is a cross between OS X 10.4 and 10.5 where they basically crippled the normal, desktop OS for phone usage. This is very different from all other manufacturers who use Windows CE or some other embedded platform so it wouldn't surprise me if the iPhone has more attack vectors.

    WM, Blackberry, etc developers have had, what, at least 6+ years with their OS?
  7.    #27  
    Quote Originally Posted by bkdude View Post
    Although not applicable to Treo 800w, it goes to show that cell phones are not as "secure" as we may think.
    Well bkdude, I can't name for you a single thing made by man that is totally "secure" . Which is why we know these devices are vulnerable and will always have vulnerabilities.

    It's like the Titanic, unsinkable, at least that's what they claim. Then one night with an iceberg proves otherwise.

    Really, I think those who wish to make code for malicious intent seek maximum impact. So they are sticking to the desktops for now. Overall not many people have Smart phones and even less have a Smart phone with any information on it that can be leveraged for much. But given the continual growth in the Smart Phone market it's good to remain cautious and alert. I remember when almost nobody had anti-virus SW on their desktops and back then Norton's product was way awful. But I think Malatesta is correct in mentioning it really all depends on how things hash out in the Smart Phone market and whether a single device becomes dominant. Then some with malicious intent might seek to take advantage of that. For now the anti-virus software is not looking like a "need" for Smart Phones.

    I do want to get these Anti-Theft modules in Kaspersky working on the Treo 800w though. Because I certainly see them as a good and currently useful thing, for me at least.
  8.    #28  
    Kaspersky support was able to figure out why I could not get the Anti-Theft modules to work. I was using the web site http://messaging.sprintpcs.com/textmessaging/ to test sending messages from. I did not know that site was adding a New Line Character at the end of every message I sent. Testing sending the messages from a phone (from my Treo to its self) worked perfectly. So basically, if you use Kaspersky and have to utilize the Anti-Theft modules, send the messages from another cell phone, not Sprint's messaging site.

    It's good to know I've now got a means to deal with if my Treo is stolen .

    And Merovingian, I signed up for 2 years of their product for that feature alone .
  9.    #29  
    Now that I know the Kaspersky Anti-Theft modules work, I did some testing I wanted to share in case anyone was the least bit interested.

    I found the feature to send an SMS message with a code to "Block" usage of the device to be pretty solid. I blocked my device, then pulled the battery, to see if a soft reset could get around the block feature. When the device came back up so did the Block. So not even a soft reset can remove the Block once initiated. Which was good to see.

    With the feature to send an SMS message to automatically delete certain data. I also found that to be very good. I've got over 600 contacts and in under a minute the clean feature was able to remove:
    • my Contacts
    • all mail in my inbox
    • all my SMS messages
    • documents
    • network settings


    After the clean feature was executed, the device was not even able to connect to Sprint data services, given the network settings were removed.

    It would be nice if the Clean feature was a bit more customizable, but it's good for what it is so far. Perhaps they'll offer more options in future releases. For now they offer options, but they are fixed, meaning you can't have a folder of your own choosing (like if you made your own special folder on the device) deleted.

    I also tried the "Block" and "Clean" features at the same time. First sending a Block to lock down the device, then sending a Clean command to remove selected data. I entered the code to unblock my device about a couple minutes after sending the Clean command from another phone. Once into my device, things were well cleaned.

    Good thing my Sprite backup file worked when I ran restores .

    The phone that the Block and Clean SMS messages are sent from is sent reply messages, to inform the commands were received. It only sends a message back if the command was received with a valid code. So you know when your device received the command properly and is executing it.

    When the device is blocked, it still rings when calls are made to it, but being locked there is no way to answer.

    When the SMS messages for Block and Clean are sent to the device, they are auto deleted silently. So if the device is checked after they are received, the messaging application is open, but none of the Anti-Theft SMS messages are in the messaging inbox.

    Well if my Treo 800w is ever stolen, now I may not have to worry as much about too much personal data being compromised .
Page 2 of 2 FirstFirst 12

Posting Permissions