Verify apps

Talking about malware on a mobile platform is a tough thing to do right. Some of what you hear is real, and needs addressed responsibly, but so much of it is just FUD from folks trying to sell you something or get you to change your choice of device. We try to do the former, without downplaying the serious issues, but we also depend on users to be a little bit savvy and not do the things that lead to getting malware on the phone in the first place.

Thankfully, Google has stepped up and taken the reigns here. As ComputerWorld's JR Rapheal has pointed out, starting with Android 4.2 users now have the option to have every application that is being sideloaded scanned before installation. This uses the same technology as Google Play's Bouncer, and is designed to scan for and find malware -- both known cases and suspicious applications. If an app's fingerprint matches known malware, you'll be blocked from installing the application. If the app shows anything that the canner feels is suspicious, you're warned that it may be harmful and given the choice whether or not to install. The service is entirely opt-in, and your choice can be changed at any time through the device security settings. 

We're big proponents of responsible reactions to and prevention of mobile security issues. In a time where companies release blurbs in the press that exaggerate the amount of malware (Android VP of engineering Hiroshi Lockheimer notes that actual dangerous malware is extremely rare on the Android platform) and push users to use their products, we're glad to see Google taking this sort of action. There is no substitute for common sense, but Android 4.2's new security scanning feature sounds like the right way forward.