Android Market

Today Google unveiled a new tool to fight malware in the Android Market, appropriately named Bouncer.  Hiroshi Lockheimer, VP of Engineering for Android made the announcement on the Google Mobile blog, and it seems to address most concerns users have with the "free and open" style of app market, all done server-side.

Bouncer is a service that runs on the Market's computers, that scans each and every app for known malware, spyware, and trojans.  It also looks in the code to see if the app has the potential to "misbehave", and compares it against other previously analyzed apps to spot any red flags.  New developer accounts are also analyzed to make sure they're not a previous offender with a new name.  Google says they actually run every application in the cloud to simulate how it acts on our Android devices.  

This service has been running for some time already.  Despite the claims across the Internet that malicious applications are on the rise, Google says the amount of bad apps in the Market has decreased 40 percent between the first half of 2011 and the second half.  According to Google, the most important measurement is whether or not malicious apps are being installed, and they know that "rate is declining significantly".  This is in sharp contrast to recent claims by Symantec and others that malicious Android applications are on the rise.

They also take a bit of time to explain how Android was designed from the beginning to make malware less disruptive.  Learning from the way malware can cause havoc in the PC model, Google has incorporated sandboxing, a permission system that's readily available for the end-user to see, and the ability to remotely remove malicious applications.  

No system is perfect.  Even very closed application market models have malware slip in once in a while.  it's nice to see Google is doing what they can to keep us all safer.

Source: Google Mobile blog


Reader comments

Android Market security addressed by Google's new Bouncer


I'm glad they are being proactive, though I have never had a problem with a Market app, or downloaded a malicious app, normally they are pretty easy to spot, I pay attention to ratings and comments, more actually than I pay attention to the permissions, it seems so many apps need almost all of them anyway.

Third party app stores, excluding amazon probably, are what you have to worry about. I sometimes use slide-me but I'm very careful about what I download and have lookout security installed because I use a third party market

movielover said he was careful, not that he was relying on Lookout. What on earth is wrong with having multiple levels of security, starting with being careful? Lookout, Avast and others also add anti-theft and lost phone finding for FREE. If you feel like you are infallible, go ahead and turn the scans off.

I download a lot of apps and never got a bad one, I do check permissions very carefully though. This is awesome all the way around! It would be a clever developer indeed who could get around this kind of security. And once any new technique is invented to circumvent this, Google adds it to the library, and the bad guys have to start from scratch all over again!
Android market being considered unsafe is now an even bigger myth than ever.

Does Amazon market do anywhere near this level of Due Diligence?

This is why any on-device malware detection software is a fraud IMHO. Google has been finding it long before any of these anti-virus/malware packages ever do. Not one person has ever published an account of any of these apps finding even one instance of malware in something obtained from the market.

Unless you go looking for apps on the dodgy black market, you don't need any virus/malware detection on device.

I rooted my father's phone, installed the superuser app. Some months later he comes to me asking why he can't tether anymore. He had installed an antivirus app and it deleted the superuser app which was needed for tethering...

Moral of the story: the antivirus apps do work, and if you are downloading/installing apps from third party sources, then they might actually be useful. Or a pain in the butt.

Well, so much for Android being prone to malware, easy to infect, blah, blah, blah as many people have tried to perpetuate. Good to see that Google is doing this (and has actually been doing for months)!

This is a great idea. I hope Amazon starts to do the same. It make FAR more sense to do this at the source of apps rather than at the destination.

This is good news and will help, although it should NOT make you lower your guard. I'm still extremely diligent about looking at permissions and user reviews. It's possible something could slip past the bouncer... Years of working in the IT industry has taught me the end user is always the weakest link.

This also gets me thinking about how rooting your phone affects its security. I follow the principle of least privilege on my PC's so if malware were to get past my primary defenses (layered security – defense in depth), damage is limited to only the logged in limited user. If you're rooted, doesn't that remove that layer of security and allow something rogue to possibly make system wide changes. I've looked around, but never found any good information on this. Thanks.

That is the purpose of the Superuser app. It grants priv to software that requests permissions. Just because you have root access does not mean that you run as root. Witness the fact that you have to make folders R/W when you run Root Explorer.

Been running for a some time, didn't something come across last week or something about a bunch of apps being infected??

But here we go again....Windows all over again need protection from this and that. They should start hanging the people that write the stuff.