Malware and common sense in Nokia's operating systems

Published by at

As with Nokia's previous operating system, Symbian, the most dangerous thing to a Lumia Windows Phone is you. The operating system itself is very secure, even when operating fully online, as Nokia Conversations has been at pains to point out (and quoted below), leaving physical damage from your good self as the number one threat and security threats from obscure applications as a very distant second.

From the article:

...Is my Nokia phone at risk from viruses?

If you have one of our award-winning Lumia phones or the excellent range of Nokia feature phones including Asha, then you have an operating system that cannot be overwritten by an external program, and also nothing can be installed without your knowledge, so you are quite safe from viruses.

Even our classic Symbian devices are incredibly safe, there were some early attempts to make viruses for them, but since Symbian also doesn’t allow any installations or changes to the operating system without the user’s knowledge, they were never able to spread far – and all models introduced since mid-2006 are safe even from those very few early virus attempts.

I had to chuckle at this. 2006? That was seven years ago and 99.99999% of Symbian users will be on post-2006 hardware now. But yes, the bottom line is that the OS in all Windows Phones, Symbian handsets and, yes, Ashas, is secure from tampering in a way that desktops and laptops, with operating systems loaded onto an easily accessible hard disk sometimes aren't.

I often have to answer the question from users 'do I need a firewall on my phone?' - and the answer is "no". You can check the status of all Internet facing ports yourself by going to GRC's Shields Up yourself on the device, if you don't believe me. 

The biggest software threat comes in each case from you intentionally installing something that's not what it claims to be, as the article carries on to mention, at least in the context of Windows Phone:

Is my Nokia phone at risk from other types of malware?

Lumia phones can only get apps from the Windows Phone Store, which means that everything you install has been checked before we allowed it to be published, and this is why it is the most secure platform on the market. In a world of “rooted Androids” and “Jail-broken iPhones”, Lumia is a haven of safety and tranquillity!

windowsphonestore

If you are using one of our other [Symbian or Asha] models, again anything you download from the Nokia Store will have been checked, but when downloading apps from other places you would be well-advised to choose only software from reputable sources. Apps may need access to your personal data in order to function, for example a chat app may need access to your contacts, an app offering services based on where you are will need to know your GPS location, etcetera; and you want to be sure that rogue app developers are not making inappropriate use of your data.

Yes, good point - it all comes down to trust. If downloading from an app store then there's a fair degree of trust available in the people who curate the store, that the app has been checked out, though note that even then there could be hidden malicious functionality that only comes to light after a certain date. But let's not get too paranoid - you can achieve more peace of mind by looking at the developer's other apps and their reputation, by looking at reviews from other users, and so on. But if something strikes you as worrying then steer clear until you have more information.

On Symbian, when side-loading SIS files, the trust from you is in the web site where the file was sourced. Do you trust it? Could the installer have been tampered with? And so on. And, yes, look out for, and read, and warnings put up by the OS at install time.

One other thing to look for (and worry about) is applications wanting access to some web service and asking for your login details. Make sure that any dialogs that appear do come, via OAuth, from the relevant site and aren't simply the app asking for the details for its own purposes. Again it comes down to trust. And if you don't trust an application implicitly then don't use it.

Can a virus in my PC also affect my Nokia phone?

No, absolutely not. Viruses are written for a particular type of computer system, they cannot attack another kind. Even with Nokia Lumia phones with Windows Phone, whilst the system architecture is similar to Windows in a modern PC, viruses intended for your PC cannot infect your phone.

Another FAQ, though note that a memory card or mountable mass memory disk might inadvertently host malware from a PC that was previously connected. If in doubt, scan the disks using a traditional desktop malware scanner. But the article's right, there's no way that a Windows virus can affect operation of a smartphone.

Read the full article here.

If you do have detailed tech support questions about any Nokia device, it's always worth having a search on www.nokia.com/discussions or perhaps posting something, quoting all relevant details.

As usual, just the very fact that you may be worrying about viruses and malware is enough to keep you sufficiently on your toes that you won't fall foul of some dastardly app. Hopefully!

Source / Credit: Nokia Conversations