We have moved to a new Sailfish OS Forum. Please start new discussions there.
19

[Request] Native Antivirus

asked 2014-11-25 15:39:47 +0200

mariner gravatar image

updated 2014-11-26 04:01:01 +0200

avhakola gravatar image

As long as Jolla devices rely on running Android apps there is a need for Antivirus and Privacy software. Even without Android apps there is still the possibility of hacking Sailfish directly even though all sailors are such nice people. I understand there is a native Firewall, but I think there is still a need for native Antivirus as well. I don't think you can necessarily rely on the Android antivirus. I don't know enough about Sailfish to understand the possible infection risks, but I know enough about software to understand that however perfect there are always ways hackers can infiltrate software or even firmware.

edit retag flag offensive close delete

Comments

11

Antivirus only solves Microsoft problems, on linux they are useless. What you want is a well configured firewall, and maybe an advanced threat detector like snort or something

dsilveira ( 2014-11-25 20:41:23 +0200 )edit
3

I'd add "snakeoil" as a tag

Blizzz ( 2014-11-25 20:58:21 +0200 )edit

@Blizzz done!

dsilveira ( 2014-11-26 03:45:26 +0200 )edit
1

I would add, that what else is needed is for the users to keep the phone up-to-date (Which Jolla made easy for us with the OTA updates), and for Android to be sandboxed (which I believe it currently is not done at all)

dsilveira ( 2014-11-26 03:50:04 +0200 )edit
3

+1 for android sandbox with explicit permissions for accessing anything.

Moo-Crumpus ( 2015-09-17 16:17:04 +0200 )edit

7 Answers

Sort by » oldest newest most voted
5

answered 2014-11-25 20:39:52 +0200

Nieldk gravatar image

ClamAV works already, however, because the OS is BTRFS, it cant be configured to scan on file-open. You can configure it to run on boot, and in intervals, using either systemd services, or cron (not in SailfishOS standard) https://build.merproject.org/package/show/home:nielnielsen/clamav

edit flag offensive delete publish link more
4

answered 2014-11-25 15:56:41 +0200

hook gravatar image

The obvious choice could be to run a ClamAV – which is a FOSS antivirus engine for detecting trojans, viruses, malware & other malicious threats.

edit flag offensive delete publish link more

Comments

clamav is not an antivirus which inspect all the ms windows file for finding a virus? i've the feeling that with clamav we don't solve the issue.

cemoi71 ( 2014-11-25 16:32:20 +0200 )edit
4

answered 2014-11-25 20:42:59 +0200

florifreeman gravatar image

Welcome to Open Source Software! First and last security is the open source community which Looks through the code and detects trojans etc...this works on Linux why shouldn´t on Sailfish OS?

As for Android: This is "wild west" without any net or community that is Aware of that.

edit flag offensive delete publish link more
1

answered 2014-11-25 21:56:01 +0200

dulog gravatar image

I like to suggest also an 'ban Android' feature, that avoids any dalvik apps at all? In my usecase I only like to use native sailfish os applications and so I avoid pure Android malware.

edit flag offensive delete publish link more

Comments

3

you don't solve any problem with your "Einstellung" my friend. why do you post those things? you know why there was a need to have this possibility? you know too that if it bother you, you have not to answer to it. what is your problem?

cemoi71 ( 2014-11-25 23:36:41 +0200 )edit
7

This feature already exists. Its called "dont install android compatibility from the jolla store"

r0kk3rz ( 2014-11-26 03:14:57 +0200 )edit

@cemoi71 I don't understand your reaction. I was suggesting an mode that avoids infections by disabling the dalvik runtime. IMHO nothing that's a no go?

dulog ( 2014-11-26 23:57:09 +0200 )edit

@r0k3rz Thanks for explanation. I wasn't aware that this is still optional, but expected that it's enabled by default. So my feature is already implemented ;-)

dulog ( 2014-11-26 23:59:18 +0200 )edit

@dulog: sorry for the strong and spontaneously reaction, but something described to "ban" has a really negative effect for the interpretation, particularly if the distance between each actors is big. if you don't think like it seems to be, then i apologize, but i advice you to change your message. As r0k3rz wrote, there is a typicall option already implemented. (you've seen it, that clear). please reformulate your post/message for a better understanding (or better said for avoiding misunderstanding). I repeat me, but "to ban something" is a really negative expression.

cemoi71 ( 2014-11-27 13:33:40 +0200 )edit
0

answered 2014-11-25 16:35:08 +0200

cemoi71 gravatar image

Hello Mariner /Nokius, there is on google play kaspersky and avast antivirus as google apps. maybe you could try them first. Then please give a feedback if it's help.

best regards

edit flag offensive delete publish link more

Comments

in aptoide there is some of av. if you can install an android app, you can install an av app too. don't you?

cemoi71 ( 2014-11-25 17:26:40 +0200 )edit
0

answered 2014-11-25 20:06:11 +0200

mariner gravatar image

I was aware of the Android antiviruses from companies like Avast and AVG etc. These will help with the Android problems, but when we have a full set of native Sailfish apps and Jolla becomes really popular the problems will move move to the native Sailfish environment. I am just asking in advance that we should try to get something similar ported to Sailfish. As regards the suggestion to test current Android antiviruses I can't do this until the tablet is available. I don't have the Jolla phone to test, because it does not yet have the features I need.

edit flag offensive delete publish link more

Comments

In this respect, a native Sailfish product is a must. Why? Because a mobile security app is not only a malware hunter but also a protection against theft and unauthorized access. This can't be fully and efficiently achieved by an Android app with limited access to the core system resources.

objectifnul ( 2014-11-25 20:28:52 +0200 )edit
1

Don´t use any AV on my Linux VM´s so why should i use a AV on my Jolla when using only the official Jolla apps or Droid App that run in their own tiny Sandbox?

florifreeman ( 2014-11-25 20:38:22 +0200 )edit

... are they really running in their own tiny sandbox?

Moo-Crumpus ( 2015-09-17 16:20:24 +0200 )edit
0

answered 2014-11-25 23:42:01 +0200

mariner gravatar image

I am glad to see so much agreement that we need to move towards an all native Sailfish system, I am just not sure how long it will take to get there. I understand well designed and reviewed Open Source helps avoid problems., but we are all human and it is easy to miss vulnerabilities in large complex communications systems. I seem to remember several big panics recently relating to high profile Linux server vulnerabilities that were obviously missed by Open Source code reviews. Antivirus may not be the answer, but firewalls don't do everything and there needs to be another level of automated protection at the application layer somehow, often just protecting the user from their own mistakes, not being onguard 100% of the time.

edit flag offensive delete publish link more

Comments

1

What you're talking about is the need to keep the system up-to-date, which SailfishOS makes very simple for us!

dsilveira ( 2014-11-26 03:48:06 +0200 )edit
Login/Signup to Answer

Question tools

Follow
3 followers

Stats

Asked: 2014-11-25 15:39:47 +0200

Seen: 1,847 times

Last updated: Sep 17 '18