Information Security and Network Awareness

Hurricane Labs

Subscribe to Hurricane Labs: eMailAlertsEmail Alerts
Get Hurricane Labs: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Related Topics: SEO Journal, Java Developer Magazine, iPad on Ulitzer, Android

Blog Feed Post

Mobile Security Apps – ESET

I started wondering if these anti-virus tools are as bad on Android as they are on Windows

The next thing to look at, which is always a problem with AV solutions, is how it runs in the background – how much memory/CPU/whatever does it take? Again, here ESET doesn’t take much. I had to scroll down on my usage page to even find it, Words With Friends took up more resources. I really wanted it to fail here because I hate AV. But it didn’t, it doesn’t suck up many resources at all. Which means it doesn’t have a significant impact on my battery life. I haven’t had to change my charging schedule in the past few days that it’s been running – that’s fantastic since I hate having to charge my phone in the middle of the day. So far, so good…

Once the scan is finished you are presented with the results by way of various counts. It doesn’t give you a lot of detail but really, who cares, you just want to know if you’re okay or not, right? Also, notice the Scan duration: 375 scanned files in 25 seconds. Not bad.

Results:
So far I haven’t been able to get it to complain about things I’ve installed. I’ve even installed some really sketchy things that really should cause it to alert. Finally I tested it with the EICAR signature (this is a series of strings guaranteed to trigger AV alarms). First I created a file on a web server and surfed to it. No problem, it displayed the text. This wasn’t terribly surprising but I was hoping for better. Since it was just a text file being displayed I was willing to let that slide. Then I tried to save the file and this is where the real magic began.

I was really hoping to see it catch some of the more sketchy stuff that I installed, but I couldn’t guarantee any of that to truly be malware. I even tried it with some custom malicious items but it didn’t pick that up either. It could be that it is just purely signature based, meaning that if it didn’t already know about my particular piece of malware it wouldn’t catch it – typical AV behavior. It doesn’t slow down your system or really seem to create any other problems, so if you work with a lot of questionable material on your phone or aren’t careful about what you install I suppose it couldn’t hurt. As an added bonus, there are additional anti-theft features and a nice phone/SMS white/blacklisting function. I’d put it at a cautious buy if you’re bored and have some spare cash.

Warning:
In typical AV fashion, I’ve found a reason to be angry. Each mobile AV app I’ve looked at (more reviews to come) is marked as “Free” in the Play Store. Although after installation they make it clear that you’re on a 30 day trial and if not purchased/subscribed within the evaluation period the app will cease to function. I place part of the blame on Google for not clearly tagging Trial software in the Play Store (Google Reps: Contact me to license this brilliant idea). The only one that was upfront about the pricing scheme was Kaspersky. They have a Lite version (100% free) and then two premium versions (Phone and Tablet). Kaspersky and ESET seem to be the lesser of the AV vendors evils, but I’m sure they’ll prove me wrong at some point.

Read the original blog entry...

More Stories By Hurricane Labs

Christina O’Neill has been working in the information security field for 3 years. She is a board member for the Northern Ohio InfraGard Members Alliance and a committee member for the Information Security Summit, a conference held once a year for information security and physical security professionals.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.