Free anti-virus for tablet

securityguy

dipsomaniac wrote: »

can you expand on this as i haven't yet seen a good reason to install av on unrooted android

There are some reasons, but they're mostly patching around poor behaviour.

The real problem with Android is that the typical user is not able to meaningfully evaluate the set of permissions that a new application asks for. Android has a very fine-grained capability model, so you can grant access to the GPS (and, indeed, grant access to varying degrees of precision), grant access to the network, grant access to the storage, etc, etc, etc. But when a user is installing an application, just how many of them (a) check at all and (b) are in a position to make sensible decisions about those permissions? Hence the crazy situation where flashlight applications demand wide-ranging permissions, which users typically grant:

http://www.snoopwall.com/wp-content/uploads/2014/10/Flashlight-Spyware-Appendix-2014.pdf

So in principle, a security software solution provides a second line of defence. However, the Android store model provides a good second line of defence too, and I'm sceptical as to whether an AV vendor will be any faster to respond to concerns than the store itself, and AV software will have quite high thresholds of misbehaviour before it shuts down applications which have been installed and approved by the user.

If you're going to root your phone, or install weird applications from the gutter of the store, then AV software might be beneficial. But for the general user of an unrooted Android phone on which they install mainstream applications like Facebook and Twitter? On a simple "attack surface minimisation" argument, I'd not bother with security software.

wongataa

securityguy wrote: »

There are some reasons, but they're mostly patching around poor behaviour.

The real problem with Android is that the typical user is not able to meaningfully evaluate the set of permissions that a new application asks for. Android has a very fine-grained capability model, so you can grant access to the GPS (and, indeed, grant access to varying degrees of precision), grant access to the network, grant access to the storage, etc, etc, etc. But when a user is installing an application, just how many of them (a) check at all and (b) are in a position to make sensible decisions about those permissions? Hence the crazy situation where flashlight applications demand wide-ranging permissions, which users typically grant:

http://www.snoopwall.com/wp-content/uploads/2014/10/Flashlight-Spyware-Appendix-2014.pdf

Whilst there are issues with the permissions model in Android that article does do a good bit of unnecessary scaremongering whilst selling their services. App makers should really explain why they need the various permissions though.

securityguy wrote: »

If you're going to root your phone, or install weird applications from the gutter of the store, then AV software might be beneficial. But for the general user of an unrooted Android phone on which they install mainstream applications like Facebook and Twitter? On a simple "attack surface minimisation" argument, I'd not bother with security software.

AV software can never do anything as when you install an app you give it all the permissions it wants. An AV app is just going to see that it has been allowed to do whatever it has been allowed to do and let it carry on. Also, AV software is also restricted by the permissions it has been granted and, if not rooted, has absolutely no access to the system just the same as any other app and so can't do anything there.

JJ_Egan

dipsomaniac wrote: »

can you expand on this as i haven't yet seen a good reason to install av on unrooted android

I tend to agree that 99% of users do not at present require protection .The bad guys bank on the stupidity of users and to a certain extent so do the AV purveyors .



But the report below is one of many similar from varying security testers

From Sophos .
http://blogs.sophos.com/2014/02/24/sophoslabs-report-explores-mobile-security-threat-trends-reveals-explosive-growth-in-android-malware/

https://nakedsecurity.sophos.com/2014/07/09/googles-android-security-chief-dont-bother-with-anti-virus-is-he-serious/


By the end of this year, smartphones will outnumber the entire human population, with smartphone subscriptions reaching more than 7 billion. And just as the cybercriminals targeted the dominant operating system of the past—Windows—now they are targeting the Android platform and its nearly one billion devices. In the past 12 months, our researchers at SophosLabs have seen an alarming acceleration in the development of mobile malware. In that time, Android malware has increased by nearly 600% to a total of more than 650,000 individual pieces of malware (as shown in figure 1 below). Although this is a tiny fraction of the number of pieces of malware out there for the traditional Windows PC, Android malware is indeed the fastest growing threat to users.

bod1467

It is a requirement that any text copied and pasted here is supported by a reference from whence it came. Otherwise it is copyright infringement and may be deleted by the forum team.

(And no - I haven't reported it).

JJ_Egan

bod1467 wrote: »

It is a requirement that any text copied and pasted here is supported by a reference from whence it came. Otherwise it is copyright infringement and may be deleted by the forum team.

(And no - I haven't reported it).

Thanks for the heads up .

PlymouthMaid

Security Guy - I thought antivirus was needed because executable programs are downloaded onto a tablet or phone - is this not true then? Will uninstall it if it is pointless.