• After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.

Webroot Antivirus

gcobb

gcobb

Android Enthusiast
Moderators: Please don't move this to a 6 month old, dead, generic antivirus thread. I can't post in app reviews or I'd have put it there.

I was looking on the web today for new, interesting apps. I ran across the Webroot Antivirus. I've been skeptical of these since they almost always tend to use CPU time and needed memory. But that isn't so much the case with this one.

It is coded to scan only what you download and install. Otherwise it doesn't run constantly, scanning any programs you open. The update was fast, the initial scan was quick and when updating apps from the market, it only took seconds.

In addition to being a good antivirus option there is the option to turn on or off SMS/Call blocking. It can also help you locate your device in the event you misplace or lose your phone and includes remote options.

And it checks for malicious web sites.

It hasn't affected my phone's performance. I'm pretty happy with it.
 
I grabbed this app a month ago when I got my Huawei Ascend and have loved it!! Works great and does not have any adverse effects on the system at all! Great product! :)

Thanks for the post gcobb
 
I assume it's not really an "antivirus" since there are no Android viruses (yet). If it's for other types of malware, it would be great to know something about what malware it looks for and what criteria it uses. Security apps hardly ever provide us with that sort of info, and it would be incredibly useful when trying to evaluate them.
 
The correct term should be anti-malware, but for some reason the greater public does not really connect with that term. Anti-virus is more accepted and used.

Phishing and apps that have been compromised with malicious code is getting more and more prevalent, and we hope to stop those :)

Just to add:
The types of malware prevalent in the field (or have been pulled by Google) are quite public (quick search). But we assume, once the pandora box has been opened, many more attacks will follow. Logical if you note that money is involved.
 
WebrootMobile said:
The correct term should be anti-malware, but for some reason the greater public does not really connect with that term. Anti-virus is more accepted and used.

Phishing and apps that have been compromised with malicious code is getting more and more prevalent, and we hope to stop those :)

Just to add:
The types of malware prevalent in the field (or have been pulled by Google) are quite public (quick search). But we assume, once the pandora box has been opened, many more attacks will follow. Logical if you note that money is involved.
Click to expand...

How do you identify malware? Permissions are presented when you install an app from the market I would think most malware installed with the market would have to present the permissions it requires as I have not seen a way to get around that. i.e. many users may not stop and wonder why a wallpaper app needs access to your contacts. Is there another way that your app protects users? Would this only be for sideloaded apps? If I chose to install your app how would I know that I am protected from malware other than you telling me?
 
I am not sure I can answer that without someone hitting me with a large bat ;) so I won't answer directly how we identify malware. We do so by traditional methods, if that helps.

How would you know. I guess the best way is that you never have a compromised device, and just read about others that do.
We of course are improving our methodology and we will be under the spotlight with reviews and user opinions, we obviously will earn trust the hard way, but that will just make us better I hope. :)

We do have some analytics that we present to the user for apps that could pose a potential risk. This feature is not available yet, but it is coming in a paid version. This however does not stop the user from downloading and installing apps, whether side loaded or not. But we might in the future who knows ;)
 
WebrootMobile said:
I am not sure I can answer that without someone hitting me with a large bat ;) so I won't answer directly how we identify malware. We do so by traditional methods, if that helps.

How would you know. I guess the best way is that you never have a compromised device, and just read about others that do.
We of course are improving our methodology and we will be under the spotlight with reviews and user opinions, we obviously will earn trust the hard way, but that will just make us better I hope. :)

We do have some analytics that we present to the user for apps that could pose a potential risk. This feature is not available yet, but it is coming in a paid version. This however does not stop the user from downloading and installing apps, whether side loaded or not. But we might in the future who knows ;)
Click to expand...

The issue I see is several weeks back Google pulled apps from the market as they were malware. It seems to me if any of the "antivirus" apps out there were to have been flagging these as malware it would have talked about here seeing as this is one of the largest, if not the largest, android fan community. It was not. That tells me that none of the antivirus apps around were doing anything. Now the US government has been investigating app makers and have issued a supeona for the makers of Pandora for collecting user data and distributing it without consent. That sounds like malware. Did webroot flag this as malware before it was announced by the media? Does it flag it now?

I have had a compromised device before. It was due to user error and not knowing enough about the OS prior to downloading apps from the market. I did however have lookout installed but lookout did not identify the issue. It was thanks to forums like that that I identified the problem. Once I did that I uninstalled lookout as it is ineffective. From what I understand about most malware on android phones now they either transmit personal data to a third party without fully informing the user however it likely will be posted in the permissions and the user accepts them and/or they gain root access to the phone which I don't believe you could protect against on a non-rooted phone while if you have a rooted phone superuser would alert you about this, again rendering some antivirus app useless.
 
Until Google allows security vendors to install with root permissions then security software will not be able to stop apps with root permissions unless they are already known.

Pandora's issue, and this is just my personal opinion is that this market, this environment, the whole mobile platforms is so new (relatively) that we are all just catching on. No one solution (security) has the answer at this time, and if taking a look at what has gone on the PC world is any picture of the things to come, I think we will be playing catch up constantly.

There is better ways of catching these apps, probably there is, and we will have a solution of sorts. Like I said, we can't stop these from being installed at this time, but ... in time we will enable the user to stop these by looking at permissions etc...

There is no magic pill, but the more we learn together the better our solutions will be (we being users and security app makers alike).
 
However just looking at permissions would not be enough. Yeah you may be able to alert the user that they accepted permissions for an app that has access to their contact data, depending on the app that permission may be required like an SMS app, while if it were an app that would not need that permission your app telling the user so may be useful. If all the antivirus app does is alert the user of permissions they have already been alerted to on the market. Do you have a way to identify the intended purpose of an app the user chooses to install or does it just look at the signed apk and give permissions? If the latter is the case then the app seems like it would only be useful to people who are sideloading hacked/cracked/pirated apps or using a device that is not certified by google and does not have access to the offical market.

If I am understanding what you are saying is that Webroot doesn't find malware but alerts the user of permissions within the app that they would see if they used the Android market and the end user is given the final decision to either keep the app or uninstall. It would not be able to fully identify something as malware unless it has already been identified by another source and given the structure of the Android ecosystem that would need to be google and they would have removed the app from the market.

If this is not the case please correct me.
 
I only wanted to post a positive review of this application. Please start another thread that involves the analytical concepts of anti-malware technology and how it is detected.

Thanks for your support, Webrootmobile. I have used Webroot since 2004 if not earlier and have all the confidence in the world in the products you guys distribute.
 
This thread is a discussion of webroot. I have been on topic and addressing the dev who has posted here but has yet to provide any evidence that the app actually does more than the market does to protect your phone. I feel that if the dev is going to claim to protect the phone they should be able to provide some sort of proof. Otherwise having an antivirus app is pointless. Look at reviews of these type apps on the market, they all say it says the user is protected but currently there is nothing to protect against. Even with the malware apps that were pulled from the market the so called security apps did not detect them. If webroot wants to claim they can protect my phone I want proof to back up that claim otherwise it is just fear mongering for their own profit.
 
The protection I would think is not so much for apps or whatever you get from the market, but those files you get elsewhere... that may be altered to be malicious.... just my thought... :)
 
lriv said:
The protection I would think is not so much for apps or whatever you get from the market, but those files you get elsewhere... that may be altered to be malicious.... just my thought... :)
Click to expand...
Well, then the question is whether this or any other antivirus app can identify malware apps BEFORE everyone already knows about what to look for, or whether it's just issuing an update based on the same info we already have access to. It's not as if there were so many kinds of Android malware that we have trouble keeping up with the news by ourselves. ;)
 
Yeahha said:
This thread is a discussion of webroot. I have been on topic and addressing the dev who has posted here but has yet to provide any evidence that the app actually does more than the market does to protect your phone. I feel that if the dev is going to claim to protect the phone they should be able to provide some sort of proof. Otherwise having an antivirus app is pointless. Look at reviews of these type apps on the market, they all say it says the user is protected but currently there is nothing to protect against. Even with the malware apps that were pulled from the market the so called security apps did not detect them. If webroot wants to claim they can protect my phone I want proof to back up that claim otherwise it is just fear mongering for their own profit.
Click to expand...

I agree with this completely. This is the issue I have with any anti-virus app on Android. It is pure fear mongering. They are selling the illusion of security and not selling any actual security that's not already provided with the market. I have yet to see one single story about ANY Android anti-virus app that detected a legitimately malicious app or file on a users phone before Google did.
 
WebrootMobile said:
I am not sure I can answer that without someone hitting me with a large bat ;) so I won't answer directly how we identify malware. We do so by traditional methods, if that helps.

How would you know. I guess the best way is that you never have a compromised device, and just read about others that do.
We of course are improving our methodology and we will be under the spotlight with reviews and user opinions, we obviously will earn trust the hard way, but that will just make us better I hope. :)

We do have some analytics that we present to the user for apps that could pose a potential risk. This feature is not available yet, but it is coming in a paid version. This however does not stop the user from downloading and installing apps, whether side loaded or not. But we might in the future who knows ;)
Click to expand...

Can you give an example of apps that you have been able to flag as malicious before Google or any other third party realized they were malicious? To me this is the gold standard of anti-virus software. Once a virus is known, everyone updates their definitions to protect against it. It's the ability to protect against the unknown or the viruses that are similar to known viruses that is so vitally important.

I've never used Webroot as I too am skeptical about anti-virus apps on Android. If I try to install a live wall paper and it asks for access to my contacts, it's obviously bogus. If I'm a clueless user or am simply tired and not paying attention, will Webroot warn me that what I'm about to do may not be in my best interest?
 
I apologize for us getting back to you so late.

We have an interesting challenge with Android OS and its openness. Permissions can be used for legitimate reasons as well as malicious ones, so we can't just deny certain behaviors and allow others. A requested permission doesn't necessarily mean malicious intent. We have to be smart and accurate about how we implement detection, we research thousands of apps looking for malicious behaviors and what type of attacks we could expect. Our goal is to detect all known and unknown malicious apps. The last thing we want to do is lesson the Android experience.

Examples of apps we
 
Android.Pjapps was only found in pirated applications I believe, so not downloading apps from warez sites would combat this.

Stealth SMS spy is an application someone else must load on your device so making sure you do not allow someone that would want to steal you text info should prevent this.

DroidDream is perhaps the first malware you provided that seems like a real threat, however as you did not cite it as being discovered by you I presume you found out when everyone else did.

DreamDroid attempts to open a backdoor via root access. As was previously stated by webrootmobile security apps can not have root permissions currently. So you have likely coded an update to look for the offending code however new code to do similar exploits would get through. I also believe the apps permissions did not match what the intended use so a savvy user could/would have caught it prior to the install. Also a rooted user with superuser would have been alerted of the app attempting to gain root access and could have blocked it.

It is my understanding the damage done by DreamDroid is only corrected by modifying your root, upgrading to gingerbread, or a factory reset. Due to most users not having root access or a nexus s I would take it webroot is unable to assist users who were affected even if they had webroot at the time the apps were pulled from the market.

I still see no need for an antivirus app and stand by my previous statements. Please respond and correct me if my information is incorrect.

Just for fun I will download webroot and retract all I have said if it identifies any malware.
 
Just ran webroot on my phone...

No threats were found. This makes me feel just as safe as I did prior to running the scan. I did write a quasi positive review and gave you 5 stars however.
 
First up, as this is posted in Android Applications then it was inevitable that the thread would evolve into a discussion of the app. So long as it remains topical i.e. related to Webroot specifically and conforms to the Site Rules it is acceptable.

Secondly, having developers willing to engage directly with end-users in a public forum is a great opportunity for everyone, so please be respectful and don't expect them to divulge "trade secrets" or go into detail on how the app works. Doing so kind of negates the purpose. ;)
 
Yeahha said:
Android.Pjapps was only found in pirated applications I believe, so not downloading apps from warez sites would combat this.

Stealth SMS spy is an application someone else must load on your device so making sure you do not allow someone that would want to steal you text info should prevent this.

DroidDream is perhaps the first malware you provided that seems like a real threat, however as you did not cite it as being discovered by you I presume you found out when everyone else did.

DreamDroid attempts to open a backdoor via root access. As was previously stated by webrootmobile security apps can not have root permissions currently. So you have likely coded an update to look for the offending code however new code to do similar exploits would get through. I also believe the apps permissions did not match what the intended use so a savvy user could/would have caught it prior to the install. Also a rooted user with superuser would have been alerted of the app attempting to gain root access and could have blocked it.

It is my understanding the damage done by DreamDroid is only corrected by modifying your root, upgrading to gingerbread, or a factory reset. Due to most users not having root access or a nexus s I would take it webroot is unable to assist users who were affected even if they had webroot at the time the apps were pulled from the market.

I still see no need for an antivirus app and stand by my previous statements. Please respond and correct me if my information is incorrect.

Just for fun I will download webroot and retract all I have said if it identifies any malware.
Click to expand...

This sums up my thoughts completely. The real threats to Android are social engineering attacks. Webroot or any other AV app for that matter, doesn't protect against that. If I download a pirated version of Angry Birds and it has malicious code in it, it's a pure social engineering attack. I'm likely to ignore an anti-virus warning as I figure it's just detected that the app is pirated. Social engineering is the big threat. I don't know if there are any apps that can protect against that. If there are, I'm interested.
 
Malicious code is definitely a path for criminals to make some money, however I think with more investigation, more research we (anti-malware companies/people) will be able to combat applications that have malicious code in them. The more we come across these samples, the more we can identify in the future.
Although these techniques are already in use in some behavior bases anti-malware programs like say .... PrevX etc... we hope we can use these techniques in the mobile app area.
Social engineering is stoppable, and with new tech that our teams are using and implementing in other platforms we use now a portion of that to stop SE threats.
 
You must log in or register to reply here.
Back
Top Bottom