» The only time you’ll see AVG Security Suite warn you about malware on Windows Phone 7 Within Windows

Sep 2011

31 Comments

The only time you’ll see AVG Security Suite warn you about malware on Windows Phone 7

Screenshot of AVG Security Suite protecting me from evil.

So AVG released a companion application for Windows Phone 7. (It’s actually a ported Android application.) It claims to scans for viruses (on demand, not real-time) and provides a SafeSearch capability. Unfortunately, there just isn’t any malware to scan for on Windows Phone. So… what does this thing do? It displays ads and scans for EICAR test strings. Oh and the word עברית (Hebrew). (Your guess is as good as mine here.)

If you’re curious, here’s a dump of the definitions database transmitted over HTTPS from cloud.droidsecurity.com.

Rating: 0 stars.

Update: Microsoft has pulled the application.

http://www.wpdownunder.com Sheeds

LOL. Nice work. WP7 Bloatware.
http://www.facebook.com/profile.php?id=820830061 Rafael Muñoz

Microsoft should kick them out of the marketplace. There are many ignorants that might write flames around this.

Mordenkainen

Wouldn’t more ignorants complain of censorship then?

Anonymous

Ouch!

Ric

/avoid
http://twitter.com/abeshkov Andrey Beshkov

At least it is free. :)
http://twitter.com/jonl3636 Jon Lichman

That Hebrew word is ‘Ivrit’ which is the Hebrew word for Hebrew.

Seems like a weird thing to search for.
http://josedmorales.net Josè Daniel

Well, I don’t know any current threatware for WP7 and since it doesn’t do that much then, I only can consider this app as a really bad image for WP; the last thing we users want is people thinking WP gets viruses #Ugh

adsf@asdf.com

And this is likely their intent. FUD.

—–

The real source of all these sour grapes from this AVG shill?

http://www.microsoft.com/en-us/security_essentials/default.aspx

http://josedmorales.net Josè Daniel

Well, I don’t know any current threatware for WP7 and since it doesn’t do that much then, I only can consider this app as a really bad image for WP; the last thing we users want is people thinking WP gets viruses #Ugh
http://www.quillaja.net quillaja

$$$
http://www.facebook.com/xtonyprince Antoine Prince

wow microsoft needs to get rid of this. This is going to create bad image and it does revolve around WINDOWS, Blue screen, and Viruses. Take this shit off. Lets start a petition.

http://www.facebook.com/people/Zachary-Chastain/1308655925 Zachary Chastain

Actually Antoine, Microsoft had a huge hand in creating it. AVG worked very closely with Microsoft. Microsoft trained AVG’s teams for this product, and Microsoft gave it the thumbs up (even having AVG implement changes MS suggested) before launch. http://blogs.avg.com/product-news/avgs-response-community-feedback-windows-phone-7-app/

asdf@yourhost.com

OK. Enough with the weasel words, mistruths and lies. Pure FUD. We can clearly see that AVG has reached the end of it’s life, and is thrashing about wildly.

Yous say “ Microsoft had a huge hand in creating it.”

Really? We know that this app cannot trangrece it’s sandbox – surely MS knows this too. Yet, you *WANT* to suggest (from teh app itself) that it can. Which we know it cant. This is fiction.

You say “Microsoft trained AVG’s teams for this product, ”

Really? MS trains *MANY* people. That doesnt mean that they had a hand in it’s development. None. I can be trained by MS, but it doesnt extend to what I develop.

You say “and Microsoft gave it the thumbs up”

Really? So, it approved your app – an automated system scanned the code and assured you meet the minimum criteria for Marketplace listing. This **DOESNT** mean that your app is affiiliated w/ MS in any way.

You say “even having AVG implement changes MS suggested”

Really? See above; the automated system will present your shortcomings and tell you how to resolve them. This happens for everyone. It’s automated.

Every single one of your statements is designed to MISLEAD and MISINFORM the reader.

You’re a disgrace.

Your WP7 product is sham.

Your entire effort here is a lie.

—–

The real source of all these sour grapes from this AVG shill?

http://www.microsoft.com/en-us/security_essentials/default.aspx
http://www.facebook.com/people/Zachary-Chastain/1308655925 Zachary Chastain

It’s not *my* app, asdf. I don’t work for AVG, I wish I did, because an extra income would be nice, but no, I just enjoy sharing my opinion online. I’m not trying to spread lies or “be a shill.”

I’m not trying to say the app can do anything it isn’t capable of yet. To quote myself elsewhere in this discussion. “I’m not saying you should install it in its current state, or that it’s useful right now for anything beyond basic beta testing, however, don’t mistake this as AVG’s answer to malware for the WP7 platform, it’s just a starting point.”

I’m not trying to make any false claims about what the app can currently do, I’m just saying it’s a step in the right direction and is capable of more than what it currently offers.As for the rest of that, that’s just what I gathered from reading AVG’s blog posts and other news source’s reporting on the topic. I don’t know what they meant by all that, you would need to take that up with them. Just like you, I only know what has been reported about the issue.

I don’t think AVG has “reach the end of it’s life” or is “thrashing about wildly” either. I think that this particular product is obviously becoming a disaster for them, I’ll give you that, mostly because of the phone recovery feature being enabled by default (a bad decision for those concerned over privacy issues) and of course an amazing level of rejection from WP7 users who fear that the app’s existence will cause questions about the security of the platform.

Yes, this application has become a disaster for them, but outside of that, AVG is doing very well. They have a wildly successful free version, have just released the lightest, fastest, most powerful version of AVG yet, and have also started expanding into several other software markets, one of which would be their successful AV product for the Android platform. AVG has almost 100 Million *active* users right now, they are growing as a company and increasing their influence.

As for the MS Security Essentials jab, that’s pretty clever and funny. ;) I’m a fan of AVG, but no, I’m glad that AVG has some quality competitors. I consider MS Security Essentials and Avast to both be worthy competitors that could give AVG a run for their money. They need good competition to keep them on their toes and motivated to innovate in their products, otherwise, they might slack off and we might not have great new products like AVG 2012.

I don’t think I have any “sour grapes.” I don’t have any problem with MS or any tech company really. I’m just sharing a more security minded opinion here, but I’m not trying to say that you guys are wrong to want to protect the reputation of your favorite platform either [and I'm not calling you a shill for doing it either ;) ], I understand where you’re coming from. I work in the IT sector and have some involvement with InfoSec as well, so I’m just conditioned to look at security as a priority above reputation, it’s part of my obligation to the small businesses and families that I consult for.

Someone

omg this is ridiculous
Dude

Uh, why was it approved in the first place?

http://www.facebook.com/people/Zachary-Chastain/1308655925 Zachary Chastain

It wasn’t just approved, Microsoft worked very closely on this product with AVG, training their product teams, suggesting their own changes that were implemented, and of course giving it the thumbs up before release. http://blogs.avg.com/product-news/avgs-response-community-feedback-windows-phone-7-app/

Aaron Kelley

Seriously? That article does nothing to address the concerns that have been brought up by this post and related articles.

“We worked closely with Microsoft on the development of this product.
Our teams were trained by Microsoft and our software was provided to the
company for review and certification prior to release. We did implement
a number of requested changes provided to us by Microsoft.”

Rough translation -
We might have had some communication with Microsoft while getting started coding on their platform (or maybe just read their documentation). We submitted the app for review before publication (the same process ALL apps have to go through). Microsoft rejected it, we made some changes based on their feedback, and somehow it managed to sneak through the approval process after that.
http://www.facebook.com/people/Zachary-Chastain/1308655925 Zachary Chastain

Your rough translation is a bit too rough Aaron. You took some liberties there. ;) No, being trained by MS is a bit different than just reading the documentation, that’s training yourself. But really that doesn’t seem to be the main concern of most of the people here.

The main concern seems to be that this will cause negative feedback as people will fear infections on the WP7 platform. I however, don’t think that’s necessarily a bad thing, all platforms have malware and exploits, it’s important that people accept this fact early, and start working to proactively secure the platform before the threats start popping up. WP7 may not have it’s own yet, but malware will be created and exploits will be discovered as the market share of the platform increases.

I think it’s great that MS is working with AVG to secure their platform proactively, rather than re-actively. As was pointed out in the link I shared, when AVG first released Mobiliation for Android it was a bit skimpy on the features as well, but it has since evolved to become a comprehensive product that offers valuable protection.

My point is, Rome wasn’t built in a day. This product is not finished, it’s actually just beginning. Think of it more as a proof of concept at this stage, a base to build upon, as time goes on and the platform evolves and attracts more users (and of course more attention from the cybercriminals along with them) then I think you can expect to see this product expanded on and improved.
Aethec

If you want to post wrong, pro-AVG information, don’t do it using your Facebook account, especially if your photo just happens to be an AVG team photo.
Just sayin’…
http://www.facebook.com/people/Zachary-Chastain/1308655925 Zachary Chastain

I’m well aware of what my photo shows. If I wanted to hide my affiliations with AVG, I could easily have done so. I see no reason to be deceitful, because I’m not trying to inject “wrong” or “pro-AVG” information, this is my honest personal opinion from my own experiences supporting users and from being involved in the InfoSec field. I’m not an employee of AVG, just a fan. I own an independent IT consulting company in a small town in South Carolina. Here’s a video that explains a bit more about my affiliation with AVG and the event that photo was taken at. http://www.youtube.com/user/RunPCcomputerrepair?feature=mhee#p/f/3/hxe1iIvbJCA

As for the other jab, I haven’t said anything factually incorrect. You may not share my opinion, and that is fine, but nothing I’ve said is wrong. You may not agree with my focus on security and my belief that it’s more important for the users to be truly secure, rather than believe they’re secure even when the day finally comes that they are not, and would rather worry about what some pundits might say about the platform, but that doesn’t mean either of us are wrong, it just means we focus on two important, but separate priorities. You’re more worried about the reputation of the platform rather than the real long-term security of the users, I understand you have another viewpoint, but that doesn’t make my opinion *wrong.*

In that same spirit, I don’t think your opinion is *wrong* either. You are just more interested in the reputation of a platform you love (which is important to it’s growth and adoption, and therefore its long-term survival) than securing the platform, for fear that others will spin the efforts to secure the platform as a reason to avoid it, “it’s being secured, so there must be security problems.” But honestly, any platform has security problems waiting to be found, and if you protect the reputation by ignoring security, then it may expand the user base, but when the user base expands, then so will the threats as cyber-criminals turn their attentions to it. You can’t have one without the other.

If a pundit or news source tries to put a negative spin on securing the platform, then I think that’s pretty low of them, but at the same time, I think it’s more important to truly secure the platform, or in the future they’ll have some more concrete examples to cite when they want to talk about how insecure the platform has become.

Reputation is important, but you won’t have much of a reputation in the long run without proper security, and that starts here, with this product, and evolves with the needs of the platform.
Aethec

To be able to scan all applications, a WP7 antivirus would need to bypass the sandbox ; in other words, to become a virus in itself.
http://www.withinwindows.com Rafael R.

Or have native code like some apps on the marketplace.

Sent from my Windows Phone
——————————
http://www.facebook.com/people/Zachary-Chastain/1308655925 Zachary Chastain

As I’ve already stated, Aethec, I’m not saying that it’s currently combating a threat. Right now, about the only useful feature would be recovering your phone if it’s lost or stolen.

You never know what will happen in the future as the platform evolves. Say someone develops a way to gain root access to the WP7, but that it compromises the sandboxing of the apps. Then for those who want to root their phones, this app will be useful. Or as Rafael pointed out, it could be altered at some point in the future to have native code.
That’s my point, that this isn’t a final revision. It’s not a statue carved in stone, it’s software. If it needs to be changed or expanded to meet the needs of securing the platform in the future then it can be changed.

Also, bypassing the sandbox in and of itself would not make a program a virus. To be malware, a program would have to take an action with a malicious intent, otherwise, it’s not malicious software. If software bypassed the sandbox in order to protect you, that’s not malicious. If software bypassed the sandbox to delete all your data and crash your phone, that would be malicious.

http://www.facebook.com/people/Zachary-Chastain/1308655925 Zachary Chastain

It may seem premature now, but at the moment it is in the proof of concept stage. The threats may not be there yet, but as with any platform, as it gains popularity and market share, it will be targeted. AVG is working to proactively protect the WP7 platform, so that when the threats do arrive on the scene, users will be protected.

For those who say Microsoft should kill it, how did it get approved, we should start a petition, it will create negativity, etc, know that Microsoft actually trained AVG’s teams that worked on the product, were very involved with its development, and of course gave the thumbs up on the final release (after some of their own suggestions were implemented).

The argument has been made that releasing AV software for the platform now will spook users. I think this is counter-intuitive. Today, Mac malware is on the rise, with a recent outbreak so bad Apple had to acknowledge it in internal memos to their customer support staff. This problem will only get worse, and one thing that will perpetuate it, is the myth that “Macs can’t get viruses.” This was pretty true 10, even 5 years ago, but it wasn’t true because the platform was absolutely secure and could never be infected. It was true simply because nobody bothered to write the code, because the Mac had such a small market share.

Today, WP7 is a secure platform, if for no other reason than the criminals are not yet targeting it. This will not always be the case. Better to get users used to the idea of running AV software and learning safe browsing/use habits now, before they need it, rather than when it’s too late, and malware is flooding the platform, while users blissfully think “WP7 doesn’t have viruses. I was told I can’t get infected. I can view, download, and install whatever I like.” Victory favors the prepared.

I think it’s legitimate to consider the short term political implications of the premature existence of AV software for WP7, and the damage it could do to the platform’s credibility. However, I think it’s even more important to consider the long term damage of not getting ahead of the malware that will eventually be created for this platform, in both the technical sense as well as conditioning users on how to be safe with their WP7 devices.

Let’s face it, no tech is 100% unless it’s turned off, unplugged, and locked away in a safe (and even then…). Any device which can run code, can be made to run malicious code. I think it’s great that MS worked so closely with my favorite AV vendor to begin proactively securing the WP7 platform before it needs to be secured, that is surely a step in the right direction to keeping this platform as close to secure as is humanly (and technically) possible.

If you’d like to learn more about the product straight from the horse’s mouth, check out AVG’s recent blog post regarding the feedback on AVG’s Mobiliation for WP7: http://blogs.avg.com/product-news/avgs-response-community-feedback-windows-phone-7-app/
M Witwicki

hey this is so funny, just wait till SNL (saturday nite live) gets hold of ths. Glen Beck would twist it upside down & inside out.
just get iphone
http://twitter.com/BallerIndustry Angus Cheng

Why was this application pulled?

http://www.facebook.com/people/Zachary-Chastain/1308655925 Zachary Chastain

There were some concerns about information collected by the app to facilitate the phone recovery feature of AVG Mobiliation for WP7 should the phone be lost or stolen. http://blogs.avg.com/product-news/avg%E2%80%99s-geo-location-privacy-data-policy-windows-7-phone/

While Microsoft has not found any violations of their policies (at least as last I heard) they have pulled the application while they investigate. http://www.windowsphonesoft.com/2011/09/avg-app-pulled-from-marketplace-by.html

http://www.withinwindows.com Rafael R.

Why does AVG need to provide this lost phone capability? The platform has it built in.

http://www.mspy.com Darren Wisen

My computer has this AV Security Suite thing going on and I can’t access
anything on my computer. I am writing this on a different computer.
How do I stop it?