×

Discussion Board

Results 1 to 12 of 12
  1. #1
    Registered User
    Join Date
    Jun 2007
    Posts
    6

    How to implement an Antivirus for Symbian OS ?

    As a software designer of a security company I am going to design an Antivirus for Symbian OS. There are some points that I'm not sure about:
    1/ To develop a file system hook plugins, do I need Carbide OEM Edition or a more affordable edition is enough ?
    2/ A very important issue: what do I need to debug a Symbian executable, e.g. malware executables ( *.exe, *.dll, *.app, etc ) which AREN'T built with Debug Symbols ?
    3/ Is there really NO solution to the above problems on Symbian OS prior to v9.0 ?

  2. #2
    Super Contributor
    Join Date
    Aug 2005
    Location
    india
    Posts
    2,078

    Re: How to implement an Antivirus for Symbian OS ?

    Quote Originally Posted by Apricot View Post
    not sure about:
    1/ To develop a file system hook plugins, do I need Carbide OEM Edition or a more affordable edition is enough
    You can use any of the avalible IDE but OEM will have all privilages like making deamon, plugin and fsy etc..?
    2/ A very important issue: what do I need to debug a Symbian executable, e.g. malware executables ( *.exe, *.dll, *.app, etc ) which AREN'T built with Debug Symbols ?

    U can use ondevice debug to do target debugging..
    3/ Is there really NO solution to the above problems on Symbian OS prior to v9.0 ?
    There exists a solution writing your own fsy for writing antivirus scanning..

    Regards,
    Mateen Maldar
    Last edited by mateen_maldar; 2007-10-16 at 11:56. Reason: edit
    "Whatever the mind can conceive and believe, the mind can achieve"

  3. #3
    Registered User
    Join Date
    Jun 2007
    Posts
    6

    Re: How to implement an Antivirus for Symbian OS ?

    Quote Originally Posted by mateen_maldar View Post
    There exists a solution writing your own fsy for writing antivirus scanning..

    Regards,
    Mateen Maldar
    Well, according to this thread http://http://live.sdnhost.com/forum...=124&tstart=15, I can't un-mount C: and re-mount it, so the AntiVirus can't protect C:, which is very bad.

  4. #4
    Registered User
    Join Date
    Jun 2007
    Posts
    6

    Re: How to implement an Antivirus for Symbian OS ?

    How do we debug a Symbian executable, e.g. malware executables ( *.exe, *.dll, *.app, etc ) which AREN'T built with Debug Symbols on Symbian OS prior to v9.0 ? I tried gdb but that didn't seem to work.

  5. #5
    Nokia Developer Moderator
    Join Date
    Feb 2006
    Location
    Oslo, Norway
    Posts
    28,750

    Re: How to implement an Antivirus for Symbian OS ?

    Quote Originally Posted by Apricot View Post
    1/ To develop a file system hook plugins, do I need Carbide OEM Edition or a more affordable edition is enough ?
    The IDE just helps with comfort-services such as on-target debugging, etc. The capabilities are not coming from the IDE you use.
    2/ A very important issue: what do I need to debug a Symbian executable, e.g. malware executables ( *.exe, *.dll, *.app, etc ) which AREN'T built with Debug Symbols ?
    Debugging and tracking/analysing are different things.
    Debug: you are searching for programming errors in a known code. Presence of debug symbols are making this more comfortable, since you do not have to stare at a strange assembly code (which is really running), instead you can track happenings in your known, C++ source code.
    Virus scanners obviously do not rely on debug symbols, they are analysing the program on the machine-language level and/or search for binary patterns of known viruses.
    3/ Is there really NO solution to the above problems on Symbian OS prior to v9.0 ?
    These things do not depend on the OS version, and they are not problems at all.

  6. #6
    Registered User
    Join Date
    Jan 2007
    Posts
    41

    Re: How to implement an Antivirus for Symbian OS ?

    First step is, get developer certificate with All Files capability. You need it for antivirus, and you won't get it that easy. Trust me. Nokia never granted me MultimediaDD (SE did, after a week of emailing back and forth, and calling people in SE that are pushing for joint ventures), and my company is a symbian platinum partner. MultimediaDD is 2 levels of trust below All Files. Getting it will probably be harder then actually writing the application. If you get it, it means that Nokia trusts you enough to put all of nokia phones at your mercy.

    But, you don't have to wait for all files. You can start writing your code in emulator, you don't need certificates to get capabilities in emulator, you can just grant them yourself.

  7. #7
    Registered User
    Join Date
    Mar 2003
    Posts
    5

    Re: How to implement an Antivirus for Symbian OS ?

    Probably the best way to implement a AV scanner in Platform security enabled OS versions would be to hookup with SIS installer framework.
    And as the above poster stated, good luck on getting AllFiles capabilities.

    If I had to guess I'd think Nokia will make a deal with one company to provide AV scanner to ensure that viruses won't leak in from scanners.

  8. #8
    Super Contributor
    Join Date
    Nov 2004
    Location
    Wiltshire, UK
    Posts
    3,644

    Re: How to implement an Antivirus for Symbian OS ?

    Actually, for an FSY you need TCB, you also need to be a Symbian Platinum partner (DevKit licencee) and a Pro Member.

    An FSY is the incorrect solution anyway, you need to use a file server extension (pxt).

    Practically speaking, virus's are going to be very hard to write. Spyware/adware however is a lot easier.

  9. #9
    Registered User
    Join Date
    Jun 2007
    Posts
    6

    Re: How to implement an Antivirus for Symbian OS ?

    Quote Originally Posted by wizard_hu_ View Post
    The IDE just helps with comfort-services such as on-target debugging, etc. The capabilities are not coming from the IDE you use.Debugging and tracking/analysing are different things.
    Debug: you are searching for programming errors in a known code. Presence of debug symbols are making this more comfortable, since you do not have to stare at a strange assembly code (which is really running), instead you can track happenings in your known, C++ source code.
    Virus scanners obviously do not rely on debug symbols, they are analysing the program on the machine-language level and/or search for binary patterns of known viruses.These things do not depend on the OS version, and they are not problems at all.
    Thank you for your reply.
    Please excuse me for not expressing my points clearly enough. When I asked about debuging malware executables , I meant the how our malware analysts debug malware executables. Of course our software engineers have to debug the AV on-device but that's point 1 I mentioned and it is solved :)
    So we really can't debug malware executables on Symbian OS prior to v9.0 ?

  10. #10
    Nokia Developer Moderator
    Join Date
    Feb 2006
    Location
    Oslo, Norway
    Posts
    28,750

    Re: How to implement an Antivirus for Symbian OS ?

    Quote Originally Posted by Apricot View Post
    how our malware analysts debug malware executables.
    [...]
    So we really can't debug malware executables on Symbian OS prior to v9.0 ?
    I have absolutely no idea about the instruction set, and debugger support of an ARM CPU. However on lower version Symbian OS releases you have more control over the whole device, so I think it should be possible to debug code if you really want.
    On the other hand, you can use disassembled code for static analysis, CPU emulators, and if someone decides to build a business on this, she/he can establish some partnership with the device manufacturers, and get R&D or other customized builds.

  11. #11
    Super Contributor
    Join Date
    Dec 2005
    Location
    England,UK
    Posts
    1,600

    Re: How to implement an Antivirus for Symbian OS ?

    Quote Originally Posted by Paul.Todd View Post
    Practically speaking, virus's are going to be very hard to write. Spyware/adware however is a lot easier.
    Paul Makes a good point here. I got a virus from a program which aggregates web pages. These aggregated pages have java script spyware which the program did not detect and passed onto my E61 device. The result was that the pointer moves around standby icons when the device is idle.

    The E61 kept saying popups have been blocked and of course you quite often got sent to the wrong page!.

    Basically I deleted the App sis and the data files (aggregate web page files).
    and cleared the browser cache the spyware and popups disappeared.

    So how would virus checker find this problems how could you find java script applets from pages using c++?. The major problems is blocking unauthorized access to 3G network ports from expensive downloads of pop up pages.


    Good Luck
    Jim

  12. #12
    Super Contributor
    Join Date
    Nov 2004
    Location
    Wiltshire, UK
    Posts
    3,644

    Re: How to implement an Antivirus for Symbian OS ?

    Hey Jim,

    Was this a Symbian Signed application?

Similar Threads

  1. How to Implement Grid Layout in J2ME?
    By khatrijuned in forum Mobile Java General
    Replies: 3
    Last Post: 2007-08-20, 14:29
  2. How to Implement HMAC
    By naresh99 in forum Symbian Networking & Messaging (Closed)
    Replies: 0
    Last Post: 2007-01-31, 09:57
  3. How to implement a Zoom control for Series 60 2nd edition??
    By rafeeqpv in forum Symbian User Interface
    Replies: 14
    Last Post: 2007-01-19, 11:20
  4. Help~~How to implement this project.
    By Melloncx in forum Mobile Java Networking & Messaging & Security
    Replies: 0
    Last Post: 2005-12-24, 11:31

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
×