GadgetTrak Blog

The Mobile Anti-Virus Myth
Saturday, October 9, 2010

We get asked quite a bit why we don’t add anti-virus to our new mobile security product and the answer is simple, it would be dishonest, as true anti-virus for mobile devices is not possible with the SDKs provided by most mobile platforms. In the mobile security space there are many companies selling what they call “anti-virus” applications for your smartphone, however the term is being used erroneously on purpose. A virus as it relates to computing devices is defined by the security community as software that can replicate itself into documents and executables and infect other devices either automatically through a network, or a storage device such as a USB flash drive, with the end goal of corrupting data and damaging the operating system.

In order to detect and mitigate the risk of real viruses the software would need to be able to run as a root process on the system, something that is currently not possible on most mobile platforms where applications run in a sandbox. For example, none of the Android “anti-virus” apps can provide zero day protection, at best they listen for the package installed intent then do signature based detection. If there were an actual real kernel exploit in the wild a sandboxed third party app won’t be able protect you, you would need an OTA patch from Apple, Google, OEM or your mobile operator.

  • Recent Posts

  • Recent Comments

    • Archives

    • Categories

    • Meta