McAfee and Symantec rarely, if ever, do each other favors. After all, they are slugging it out for the dollars of consumers who want to buy anti-malware protection for their various digital devices. But on Friday, just as McAfee was announcing a major upgrade to its mobile security package, Symantec announced that it had discovered a new and dangerous mobile threat on the Android Market.
The malware is Counterclank, and it attaches itself to 13 different arcade games and apps with suggestive names like “Sexy Girls Photo Game.” (Symantec posted more details on its blog, which you can read here.) It has the potential to steal data and trick your device into carrying out commands such as dialing expensive phone numbers over and over again, says Symantec.
For its part, McAfee has been sounding the alarm about the Android Market for months, telling consumers that because the Market is so much more open than Apples’ iTunes App Store, it has the potential to distribute fake and infected applications. Now it has happened, and here’s McAfee all ready with a product to defend Android, Symbian and Blackberry smartphones. You can’t buy publicity like that.
Fair enough. So let’s talk about McAfee Mobile Security 2.0, which will be available on Monday. It costs $29.99 a year, but you can download it for free and try it out. Because I have an iPhone, I wasn’t able to test it. If you’re interested, I’d suggest that you use the free version to see if it sucks up battery life or slows down your phone. (Apple’s iPhone isn’t supported by the package because iOS is locked and Apple won’t allow it to work with third-party security programs.)
Like its earlier iteration, McAfee Mobile contains anti-virus, anti-spyware and anti-phishing protection: It scans for malicious code from files, memory cards, applications, Internet downloads and text messages. Because viruses and the like change all the time, McAfee mobile downloads new anti-malware definitions whenever you tell it to update itself. And that’s also why the program is sold as a subscription, in much the same way many desktop security programs are sold.
It also contains a number of anti-theft features, including the ability to wipe all of the data on the phone via a remote command if it is lost or stolen. If you do wipe the data and later find or replace the phone, you can restore it if you’ve been backing it up to McAfee’s cloud. You can also track a lost device using GPS from McAfee’s Web site, or make the phone emit a high-pitched scream.
One cool new feature allows you to block calls or text messages. You have the option of creating a black list of people or companies you don’t want to hear from, or if you really don’t want to be bothered much, you can create a white list of numbers you’ll accept calls from.
McAfee Mobile Security now looks more closely at applications you might download. It has a database of what McAfee calls PUPs, or potentially unwanted applications, which may contain malware. It also looks at the apps once you’ve downloaded them and tells you what permissions the developer has built into it.
Permissions are a pretty big deal, and generally you don’t even know they are there. Some apps, for example, can look at your address book; others are permitted to track you. Mobile Security will show you exactly which permissions the app has. Unfortunately, Mobile Security can’t change those permissions. But once you know about them, you can change them in the app, or if the app doesn’t allow you to do that, simply delete it.
San Francisco journalist Bill Snyder writes frequently about business and technology. His work appears regularly in CIO.com and the publications of Stanford's Graduate School of Business and the Haas School of Business at the University of California at Berkeley. He welcomes your comments and suggestions.