July 19, 2009

Better Virus Filtration in the Future, Symbian Foundation Says

The Symbian Foundation admitted recently that it needed to improve the process of testing the applications digitally signed for the Symbian-based mobile phones due to the fact that it had allowed a botnet-building Trojan to slip through the filtering process. The Trojan horse program that managed to pass the security test is called “Sexy Space,” and has been available for download up until this week.

Symbian's Chief Security Technologist, Craig Heath, stated on Thursday that the Foundation's process that kept malicious applications off Symbian OS-based phones should be improved, so that situations like this would not occur again. “When software is submitted, we do try to filter out the bad eggs. When apps are submitted, they are scanned. We are looking at how they could be scanned better,” Heath said, cited by ZDNet UK.

In order for an application to be accepted by Symbian devices, the developers need to submit it to the Foundation, where it goes through a checking process. Each software solution that passes the security tests is then digitally signed, so that users are assured that the application they are downloading is a rather safe one.

The testing process has a few stages that applications must go through. The first one is an antivirus scanning, after which random samples are sent for human examination. According to Heath, the Sexy Space Trojan, which is reportedly a low-risk malware, was disguised as ACSServer.exe, a legitimate application, and hasn't gone through the human inspection phase.

Although the Foundation discovered that the app was a Trojan two weeks ago and revoked the digital signature, it seems that it remained available for download until this week due to an error on the servers. Heath also explained that the automated scanning processes would be enhanced, and that the Foundation also planned to improve the human auditing, though it would not expand it due to leveraged costs and the delays it would add to the digital signing process.



Blogger template 'PlainFish' by Ourblogtemplates.com 2008