I just got a G1 Tmobile Phone. How can I sandbox / LUA my phone?

Discussion in 'malware problems & news' started by connect4, Apr 17, 2009.

Thread Status:
Not open for further replies.
  1. connect4

    connect4 Registered Member

    Joined:
    May 20, 2008
    Posts:
    104
    I go to wilderssecurity forum when I need the best information on computer security.

    I recently got a G1 Tmobile Cell phone, and it allows web browsing and email access.

    My PC Security setup uses LUA (Su Run) and Sandboxing methods for protection of web browsing and emails.


    How do I Sandbox // use LUA on my G1 cell phone?

    If not sandbox, how can I protect my phone from bad emails / websites?
     
  2. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    10,215
    What do you mean by bad emails or sites? They won't actively bite your phone. Nothing bad will happen unless you execute bad code. So if you get an attachment with a file in it, which might be suspicious - don't run it. Simple as that.

    Anyhow, maybe this will help you:

    http://www.dedoimedo.com/computers/safe_web.html

    http://www.dedoimedo.com/computers/mail_security.html

    No black magic or special tricks. Some of the things may not apply to your phone, but remember, it's a tiny computer. So most of it is relevant.

    In a nutshell: don't execute bad files and you'll be ok. If you are really paranoid, just don't use the browser or email on the phone, plain and simple. Still, take things into proportion. If you don't tend to get infected in general, no reason why you should start doing it now on your mobile.

    Lastly, it runs Android, right? It's Linux, so you should be fine.

    BTW, you gave me an idea - mobile security, maybe I'll write some on it, too.

    Cheers,
    Mrk
     
  3. connect4

    connect4 Registered Member

    Joined:
    May 20, 2008
    Posts:
    104

    Thank you for the reply Mrkvonic.

    I will look into everything you said, but a quick answer to your question.


    What I mean by "bad emails and websites is this":

    I know on any PC, if you are using Internet Explorer or Firefox.

    Sometimes, just the mere act of going to the wrong website (No downloading or executing files), your browser will get "hijacked" and instantly your PC can become infected with malware. For example, spyware that will capture keystrokes/cookies/password info.

    I believe the same thing can happen with emails. Even if you don't download and execute the attachment, just by clicking/opening emails with malicious code, it can somehow infect your PC with malware.


    So that is my concern with my phone. I don't know if the same rules applies, but if so
    I am just worried that I might go to a malicious website or open malicious email (Even if I don't download and execute). I don't want spyware to start capturing my mobile keystrokes, or passwords. I don't want any form of malware on my mobile.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.