Printed from http://www.electronista.com

Google: we've scanned for Android viruses since 2011

updated 04:50 pm EST, Thu February 2, 2012

Google details Bouncer and says

Google's Android engineering VP Hiroshi Lockheimer has detailed a process of screening for malware at Android Market that it has quietly been running for the past year. Known as Bouncer, it automatically scans both incoming and existing apps for recognizable malicious code. The routine also runs the apps themselves and checks for hostile behavior in practice, hoping to catch apps with suspicious behavior.

The mobile OS developer also went on the defensive, reacting to a since-retracted Symantec claim that millions of Android devices might have malware infections. Google pointed to Android Market having a 40 percent drop in "potentially-malicious" apps over 2011. This was around the same time that companies were claiming Android malware was growing, Lockheimer said.

He reiterated some of the common tropes of Android's security measures, including sandboxing, an explanation of app permissions before downloading an app, and Google's ability to remotely pull apps if they're found to cause a problem later.

While potentially challenging the opinions of McAfee, Lookout, and other companies that have described a swell of Android spyware and viruses, the comments also gloss over genuine problems Google has had. Bouncer now appears to have been partly ineffective, since it allowed malicious apps multiple times over the course of 2011 that wasn't caught until days later and possibly thousands of infected devices. As described, it can't catch zero-day exploits and could still let scam apps through the store until it's too late.

Permissions have similarly been a regular point of criticism. Much like Windows Vista's over-aggressive security prompts, Android's permissions have often been criticized for not being clear and important enough to make users pay attention. They only catch certain instances of suspicious activity and won't find instances where calls, messaging, or other behavior was already expected.

Although Lockheimer noted that "no security approach is foolproof," there has yet to be an instance of genuinely malicious apps on the iOS App Store, where Apple requires active human approval rather than automatic screening. What code has existed has so far either been a deliberate experiment from a security expert or limited to jailbroken devices, where the OS' usual defenses have been lowered.



By Electronista Staff
toggle

Comments

  1. Paul Huang

    Mac Enthusiast

    Joined: Sep 1999

    +8

    So very funny

    I don't know how to laugh anymore.

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

IDrive cloud backup and sync service

There are a lot of cloud services out there, and nearly all of them can be used for backing up key files and folders. A few dedicated ...

Asus Chromebook C300

When Chromebooks hit the market back in 2011, consumers didn't know what to do with them. The low-cost laptops, powered by Google's Ch ...

Plantronics BackBeat Pro Bluetooth headphones

Looking for a pair of headphones that can do everything a user requires is a task that can take some study. Trying to decide on in-ear ...

Sponsor

toggle

Most Commented

 
toggle

Popular News