What about web-based attack vectors such as drive-by infections and cross-site scripting? With the browser on a modern smartphone being the principle "window on the world", is it possible to mitigate against these on Android?
-
After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.
Webroot Antivirus
- Thread starter gcobb
- Start date
WebrootMobile
Lurker
Good question.
Drive-by: Only the Android OP controls the install/uninstall of an app. So perhaps on a rooted device this might be possible?
Having a good behavioral analysis of each and every app, and maybe even file could mitigate such types of attacks. I am not the expert on this and will ping my colleague to see if he will chime in.
Drive-by: Only the Android OP controls the install/uninstall of an app. So perhaps on a rooted device this might be possible?
Having a good behavioral analysis of each and every app, and maybe even file could mitigate such types of attacks. I am not the expert on this and will ping my colleague to see if he will chime in.
I would think they can not do anything about something like this until one has been confirmed and identified.
alostpacket
Over Macho Grande?
Considering iPhones could be jailbroken from a webpage at a certain point it's certainly not impossible.
With a company name like WebRootMobile you'd think they'd considered this. It's basically what the name means if you take it literally.
Sorry, not trying to be rude, but had to point out the irony there
With a company name like WebRootMobile you'd think they'd considered this. It's basically what the name means if you take it literally.
Sorry, not trying to be rude, but had to point out the irony there
WebrootResrch
Lurker
Certainly these type web attacks are something we would like to prevent, currently we don't have a method in place to prevent these. We do have something in mind where we'd utilize our Secure Browsing plugin along with our engine to watch for these behaviors. That will be in a future release.
We can't rely on browsers and the OS to prevent such attacks. With Sandboxing and some of the measures taken by browsers being in the hands of malware writers for sometime now, it's just a matter of time. I see something like a two phase method where the browser downloads something behind the scenes and passes control to an app it knows it can exploit. But who knows how it will come, we've just got to try to think like they do.
We can't rely on browsers and the OS to prevent such attacks. With Sandboxing and some of the measures taken by browsers being in the hands of malware writers for sometime now, it's just a matter of time. I see something like a two phase method where the browser downloads something behind the scenes and passes control to an app it knows it can exploit. But who knows how it will come, we've just got to try to think like they do.
alostpacket
Over Macho Grande?
Well said, thanks.
And I agree that the two-step is what we'll see most likely. The site that jailbroke iphones basically exploited iOS's built in implmentation of PDF Reader if I remember correctly.
Of course lots of XSS and phishing is possible in the browser too. But like Slug, I'm sploiled by nopscript.
Anyways thanks for the reply. Hope I didnt offend with the irony post
Rob2isking
Lurker
I love using webroot. I traded kaspersky in for it.
RDKamikaze
Android Enthusiast
That's funny because I just received my Kaspersky rebate in the mail yesterday after a zillion weeks of waiting (known for any MIR, though). *off topic*
Anyway, I do have a question for you, WebRootMobile team! Thanks for your posting on this forum, it helps build the reputation of your caring for our privacy.
What I'm getting from reading this thread is that you cannot provide maximum security unless you have root access, right? For us rooted users, do you plan to be ahead of the game with other companies and develop a stronger anti-malware, etc. that has root access? If so, that sonuds like it might solve our problems (if root access is the issue).
If I'm not mistaken, it sounds like your program's effectiveness is throttled down because you can't gain root access on every phone. Please correct me if I'm wrong, thanks!