Printed from http://www.electronista.com

Google: we've scanned for Android viruses since 2011

updated 04:50 pm EST, Thu February 2, 2012

Google details Bouncer and says

Google's Android engineering VP Hiroshi Lockheimer has detailed a process of screening for malware at Android Market that it has quietly been running for the past year. Known as Bouncer, it automatically scans both incoming and existing apps for recognizable malicious code. The routine also runs the apps themselves and checks for hostile behavior in practice, hoping to catch apps with suspicious behavior.

The mobile OS developer also went on the defensive, reacting to a since-retracted Symantec claim that millions of Android devices might have malware infections. Google pointed to Android Market having a 40 percent drop in "potentially-malicious" apps over 2011. This was around the same time that companies were claiming Android malware was growing, Lockheimer said.

He reiterated some of the common tropes of Android's security measures, including sandboxing, an explanation of app permissions before downloading an app, and Google's ability to remotely pull apps if they're found to cause a problem later.

While potentially challenging the opinions of McAfee, Lookout, and other companies that have described a swell of Android spyware and viruses, the comments also gloss over genuine problems Google has had. Bouncer now appears to have been partly ineffective, since it allowed malicious apps multiple times over the course of 2011 that wasn't caught until days later and possibly thousands of infected devices. As described, it can't catch zero-day exploits and could still let scam apps through the store until it's too late.

Permissions have similarly been a regular point of criticism. Much like Windows Vista's over-aggressive security prompts, Android's permissions have often been criticized for not being clear and important enough to make users pay attention. They only catch certain instances of suspicious activity and won't find instances where calls, messaging, or other behavior was already expected.

Although Lockheimer noted that "no security approach is foolproof," there has yet to be an instance of genuinely malicious apps on the iOS App Store, where Apple requires active human approval rather than automatic screening. What code has existed has so far either been a deliberate experiment from a security expert or limited to jailbroken devices, where the OS' usual defenses have been lowered.



By Electronista Staff
toggle

Comments

  1. Paul Huang

    Dedicated MacNNer

    Joined: Sep 1999

    +8

    So very funny

    I don't know how to laugh anymore.

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Razer Kraken Pro headset

Gaming headphones are a challenge to get right, for a long list of reasons that are unique to the consumer buying them. Some shoppers ...

Patriot Aero Wireless Mobile Drive

Regardless of how large a tablet you buy, you always want more space. There's always one more movie or another album you'd cram on, if ...

Patriot Fuel+ 6000 and 9000mAh batteries

Mobile device batteries are better than they used to be, but there's always a scenario where users could use more juice. Upgrade manuf ...

Sponsor

toggle

Most Commented

 
toggle

Popular News