Ask HN: Why do phones not notify you of malware?

5 points by night-rider ↗ HN
We’re all aware of things like Pegasus infecting phones with info stealing malware, but surely it’s trivial for Apple et al to inspect a device for malware and notify the user? Why do they not do this?

19 comments

[ 3.0 ms ] story [ 54.6 ms ] thread
It's not trivial to detect something that's rooted your phone, no.
Yeah but third party tools like iMazing have the ability to check for Pegasus. All it does is look for the presence of certain files unique to Pegasus. Why can’t Apple do this too or buy such tools from iMazing? Not like they can’t afford it.
If Apple does this, you would say that why Pegasus would not change that certain files.
Ah yes, the "put your head in sand" approach to problem solving.
iMazing runs from a separate device, doesn’t it? You can’t trust the phone to check itself.
If there is a public tool, which checks for Pegasus, NSO will simply modify Pegasus to evade such a trivial detection. I would even assume that every Pegasus-infection is pretty unique due to mutations between every sample.

Everybody who claims Pegasus and other ATP-malware is trivial to detect has no clue what he's talking about.

That’s silly. OSX and iOS have anti-malware tooling built in without incurring such liability. Same for malware scanners; Malwarebytes, Norton, McAfee etc. don’t accept liability for what their scans find.
> OSX and iOS have anti-malware tooling built in

You ever seen them notify users of detection and remediation? Yeah, didn't think so.

> Malwarebytes, Norton, McAfee etc. don’t accept liability for what their scans find

Because they're not liable as not the authors of the operating system. Apple's position is "Macs don't get malware" and any contrary fact is quickly swept under the rug.

Apple does not advertise that Macs don’t get viruses. The only people who claim Macs don’t get them are people who are uninformed.
> Apple does not advertise that Macs don’t get viruses.

https://www.youtube.com/watch?v=sdF5IsyOxU4

It's even got the signature Apple infant background music.

Technically, that ad never says the can’t get them, just that Windows gets them more. Definitely deceptive.

But also, that ad is 16 years old. It was released when Jobs was still alive. The Apple of today doesn’t make those claims.

> Apple's position is "Macs don't get malware" and any contrary fact is quickly swept under the rug.

C’mon, that’s a lie. They have articles about reducing your malware risk.

https://support.apple.com/guide/mac-help/protect-your-mac-fr...

I'm sure this article will change the opinions of millions of people who watched Apple's TV spots gloating over PCs getting viruses and consequnently formed an opinion.
Microsoft has made massive strides in built-in virus and malware detection since those nearly 20 year old ads. At the time, “Windows gets more viruses” was an entirely supportable claim.
Some do, like google play protect, you can also literally just install an antivirus if you want one.
> google play protect

Which has no way of acknowledging false positives [1] except by turning it off completely (in which case it will start spamming you to please re-enable it).

[1] An app that for rooted phones allows mounting the external SD card as a mass storage device instead of via MTP [2] unfortunately doesn't work with SELinux enabled, so it automatically offers to turn it off (and later back on) for you, which for Play Protect is apparently enough to classify it as highly suspicious. [2] MTP is just plain awful – slow, can only do one operation at a time, doesn't preserve file dates, limited compatibility, sometimes doesn't show all files because it's based on Android's media scanner database instead of the physical file system contents, etc. etc.