Viruses and mobile telephones: fact or fiction?

By | March 15, 2004

One of the most infamous hoaxes currently doing the rounds on the Internet refers to an alleged virus that affects mobile telephones. According to this particular canard, if you get a call and the word ´unavailable´ is displayed on screen, you shouldn´t answer it, as your phone will suffer all the evil that could possibly hit a cell phone, except for spontaneous combustion.

The first thing to bear in mind is that the ´unavailable´ message is perfectly normal. Thanks to GSM (Global System for Mobile Communication), the number of the person calling can be displayed on screen, allowing you to decide whether to answer or not. But in order to see the number, firstly the caller has to want to be identified and secondly the network has to support this service.

Sometimes, and particularly with international calls, the call is transferred from one operator to another or through many different channels, including satellite, and therefore, it might not be possible to display the phone number of the caller on the receiver´s handset. On the other hand, GSM technology lets callers deliberately block their number from appearing on recipients´ phones simply by punching in a certain code. In these cases, a message will be displayed indicating that the caller´s number is not available. This message could be simply ´unavailable´ or words to that effect. This is nothing more than a normal call that, under no circumstances, is going to infect your phone.

So, the question is: Could a cell phone be attacked by a virus? And the answer is, in theory at least, No. Taking things to extremes, you could say that a cell phone is really a kind of computer that includes hardware and software. But viruses, with few exceptions, need to install themselves on the system they want to infect, and cell phones can´t save the content of calls to their software.

With reservations, it is possible to think that SMS (Short Message Service) messages could cause problems. In fact, a while back some cell phones had problems reading messages that had been specially-crafted to demonstrate this problem. However, this was resolved simply by switching off the phone and switching it on again (the old and trusted trick for solving most IT problems, and one of the most effective).

Another factor to bear in mind is the mobile phone system you use. A virus would never be able to spread through the old US system, for example, as it is analogical, they would only be able to affect digital networks. GSM, however, is digital. What´s more, this system is getting more popular in the US and is the most widely used system in Europe and in the rest of the world. Japan also uses a digital system.

Many users fear that if they use WAP (Wireless Access Protocol) technology, their phones could be infected by a virus, as the system allows them to access the Internet through a cell phone. The big difference is that when browsing through WAP pages, you cannot download executable code. The only thing available is images that the server has provided, but that are never actually stored on the phone. Likewise, it is not possible for this information to spread from phone to phone as the connection is between phone and server and never directly between two handsets.

Finally, we have GPRS (General Packet Radio Service) technology, which allows data to be sent out more quickly and economically than using standard GSM. However, in this case, a cell phone is no more than a data transmitter, which acts as a modem between the phone and the Internet. In this case, a virus could be transmitted through a mobile, but in the same way as a virus could be transmitted via modem or ADSL adapter, and at the moment, people are not particularly worried about modems or adapters.

The latest cell phones include multimedia functions, such as allowing images to be sent and received (some even incorporate a camera), or games to be downloaded. This is where problems with viruses could arise. In general, when describing viruses, it can be said that “wherever there is executable code, there could be a virus,” therefore, a virus could be downloaded hidden in a game.

However, for this hypothetical virus to be successful, the system on which the game were run would have to allow the game to replicate and spread to other phones, which is impossible. Information is only transmitted from phones to servers and from servers to phones, but never to other phones. This means that even if optimum conditions were met for a theoretical virus, a phone could be infected by downloading a game, but this virus could not spread to other phones, as it could only infect the users that downloaded the game. These restrictions mean that the virus would have almost no capacity to propagate.

Another factor that would prevent virus infections is the current design of telephone operating systems. Their design does not allow downloaded software to be saved in the handset´s memory. In fact, the only way that technicians can change the operating system is using direct connections through cable and with specialized software.

New generations of phones created in the future could bring surprises. Third generation technology, known as UMTS (Universal Mobile Telecommunications System), although later than expected, is starting to be implemented across Europe, and will offer many new functions.

To start, the concept of the ´telephone´ will become obsolete. The handsets that we connect to will not be like those that we use nowadays. They will be more like a Palm or PocketPC computer and will incorporate an operating system that will offer many more functions (word processors, mail managers, Internet browsers, file transfer, etc.). They will also allow users to establish connections for sending data directly to another handset, unlike WAP or GPRS technology. In this case, viruses would be able to spread between handsets and what´s more, they would have a permanent connection! This would leave the door open to worms replicating indefinitely, as well as leaving the user a hefty bill for bandwidth consumption.

The type of operating system these handsets will use has not yet been clearly defined and the propagation capacity of viruses will depend on this. There are already viruses designed to attack PALM systems, but as happens with Pocket PC, they can be eliminated by simply disconnecting the battery.

There is always the possibility that a virus could emerge that is capable of writing to the Flash ROM of the phone or handheld computer. Like the CIH virus, which was capable of overwriting the Flash ROM with the BIOS in certain systems, another malicious code could make copies of itself and modify the Flash ROM of the device through a connection used to synchronize data with another system. In this case, the virus would not disappear if the battery was disconnected, and therefore the ROM would need updating.

Another issue to consider is that viruses that attack mobile devices would have to be especially designed for them. Therefore, it would be impossible for ´classic´ viruses to infect them.

To sum up, it is far more important to look after the health of PCs, whether they are connected to a cell phone or not. At the moment, mobile phone viruses are nothing more than urban legends.

Leave a Reply