Back to the articleBrilliant #
Posted Friday 20th February 2009 14:45 GMT
Nice to know us Symbia people are being targeted. Now phuck offf and play with windows.
'Sexy View' SMS malware targets Symbian devices
But it begs the question. #
Posted Friday 20th February 2009 16:20 GMT
"Who signed the worm?" Normally mass-distribution apps are signed by Nokia themselves after going through quality assurance. Either something slipped through the cracks or the worm makers enlisted inside help.
yawn #
Posted Friday 20th February 2009 16:51 GMT
So, once again, let's get this straight. First of all, somebody is stupid enough to install it. Then, each time it tries to phone home or propagate, they press "yes" again? They continue to keep pressing "yes" every few minutes as the worm tries to propagate? Frankly, anybody that stupid is too dumb to own a smartphone anyway.
@Neil #
Posted Friday 20th February 2009 22:00 GMT
Apparently, *because* it is signed, once it's installed and running, it can access the protected parts of the system. These include the SMS subsystem and the address book. From what I've read, it's able to pull these off without further human intervention. That's why it's classified in some places as a worm rather than a trojan.
@Charles #
Posted Saturday 21st February 2009 00:46 GMT
It's also possible that the worm creator was able to break the security on the signature. I say that without knowing any details of how it works, but it's not inconceivable. Only as strong as its weakest link, and all that.
Self-signed? #
Posted Sunday 22nd February 2009 21:40 GMT
There are apps for S60 phones that will allow self-signing (Freesigner) and sites that will sign apps for you (Symbian Signed) - so maybe it wasn't Nokia that signed this at all?
That said - it's still a case of people OK'ing stuff they don't know properly
