Android users have little reason to fear an immediate onslaught of malware despite the demonstration of a rootkit-based attack at last week's Defcon conference, according to a leading anti-virus supplier. Researchers at Spider Labs demonstrated proof-of-concept malware that could access messages and emails on an Android …
So far the only smartphones affected by malware in the media have been jailbroken.
Serves them right
no remote install -> no threat
If my G1 pops up a random su requester you can guarantee I'll get suspicious real fast. Until someone finds a *silent* privilege escalation being jailbroken is no less secure than not, on Android at least.
This rootkit claim appears to require physical possession of the phone, at which point its rooted state hardly matters, just saving them rooting it themselves!
RE: Paul Shirley
What's an su request?
its basic Linux security
'su' is how you run commands with root permissions, without it a rooted phone behaves identically to an unrooted one. Since su pops up a full screen requester every time its used it's hard to sneak su use in without the user noticing. Hard to install a rootkit without su...
When someone works out how to bypass that requester then we'll be in trouble.
It's basically like running your computer without full permissions and having it ask you for a password every time something tries to change the registry or run a program?
An ingenious idea for a smartphone
The short answer is it stands for Super User and can only be accomplished with a rooted Android phone.
His point is even on a rooted phone when a program tries to execute SU it has to ask for permission.
There's still one vector of attack tho.
The ignoramus Joe Sixpack, aka PEBCAK, aka the victim of ye olde social engineering trick.
Disguise rootkit as attractive game/utility, put in some lies about needing root support for something or other (and sprinkle it with technobabble to deter Joe Sixpack from reading further), and you have rooted access soon enough.
Of course this happens all the time, to all systems. and it'd be Joe Sixpack's own fault for failing to exercise skepticism, but in litigious countries like the US and most of Europe, it's not hard to predict what's going to happen next.
Paris, because she's an example of a Joe Sixpack.
Re : "tries to change the registry"
What's the 'registry' ?