Google reveals Bouncer security for Android Market
If you’ve watched headlines over the last year, you know there is more than one opinion on how big of a problem malware is on the Android Market. Companies that make (and sell) security apps tend to trumpet the biggest numbers they can find, while some other analysts and especially Google have downplayed the risk, especially compared to traditional PCs.
It turns out that Google’s confidence wasn’t just bravado, they actually have been working behind the scenes to make the Android Market more secure, without incurring the prolonged app testing times (and expense) that other app stores with higher walls suffer. The result of their work was revealed today in a service they are calling Bouncer.
Bouncer is basically an app-crawler that scans all the apps in the Android Market, including every new submission. It checks for known trojans and malware, much like a security app on your phone might, while also analyzing how apps run in a virtual machine, to try and ferret out new threats. Finally, Bouncer also tracks developer account behavior, so repeated offenders are caught when they open a new account to cause havoc with.
And apparently Bouncer is, erm, bouncing a lot of malware successfully. Google reports a 40% decrease in the number of “potentially-malicious” downloads from the market between the first and second half of 2011. Considering the 250% increase in user activations in 2011, that’s quite a decline.
Google also trumpeted other security features of Android, which include judicious use of sand-boxing to prevent malware from accessing data it doesn’t have permission to, the permission system itself, which lets users apply common sense when the “hawt-ladyz” app they are contemplating says it needs permission to send SMS, and the fact that Android is designed so that malware can’t make changes to the OS itself – which means all you have to do to clean an infected phone is remove the offending app.
How good will Bouncer be? Time will tell. We’re sure this won’t be the end of malware on Android (or any other mobile platform), but it’s a good step in the right direction.
source: Google via Droid-Life
Bouncer is basically an app-crawler that scans all the apps in the Android Market, including every new submission. It checks for known trojans and malware, much like a security app on your phone might, while also analyzing how apps run in a virtual machine, to try and ferret out new threats. Finally, Bouncer also tracks developer account behavior, so repeated offenders are caught when they open a new account to cause havoc with.
Google also trumpeted other security features of Android, which include judicious use of sand-boxing to prevent malware from accessing data it doesn’t have permission to, the permission system itself, which lets users apply common sense when the “hawt-ladyz” app they are contemplating says it needs permission to send SMS, and the fact that Android is designed so that malware can’t make changes to the OS itself – which means all you have to do to clean an infected phone is remove the offending app.
source: Google via Droid-Life
Popular stories
Latest News
FCC OKs Cingular\'s purchase of AT&T Wireless
Things that are NOT allowed: