Google reveals Bouncer security for Android Market

Google reveals Bouncer security for Android Market
If you’ve watched headlines over the last year, you know there is more than one opinion on how big of a problem malware is on the Android Market. Companies that make (and sell) security apps tend to trumpet the biggest numbers they can find, while some other analysts and especially Google have downplayed the risk, especially compared to traditional PCs.

It turns out that Google’s confidence wasn’t just bravado, they actually have been working behind the scenes to make the Android Market more secure, without incurring the prolonged app testing times (and expense) that other app stores with higher walls suffer. The result of their work was revealed today in a service they are calling Bouncer.

Bouncer is basically an app-crawler that scans all the apps in the Android Market, including every new submission. It checks for known trojans and malware, much like a security app on your phone might, while also analyzing how apps run in a virtual machine, to try and ferret out new threats. Finally, Bouncer also tracks developer account behavior, so repeated offenders are caught when they open a new account to cause havoc with.

And apparently Bouncer is, erm, bouncing a lot of malware successfully. Google reports a 40% decrease in the number of “potentially-malicious” downloads from the market between the first and second half of 2011. Considering the 250% increase in user activations in 2011, that’s quite a decline.

Google also trumpeted other security features of Android, which include judicious use of sand-boxing to prevent malware from accessing data it doesn’t have permission to, the permission system itself, which lets users apply common sense when the “hawt-ladyz” app they are contemplating says it needs permission to send SMS, and the fact that Android is designed so that malware can’t make changes to the OS itself – which means all you have to do to clean an infected phone is remove the offending app.

How good will Bouncer be? Time will tell. We’re sure this won’t be the end of malware on Android (or any other mobile platform), but it’s a good step in the right direction.

source: Google via Droid-Life

FEATURED VIDEO

22 Comments

1. theBankRobber

Posts: 682; Member since: Sep 22, 2011

Glad to hear this kind of news, others just live sad little lives and just want to mess it up for everyone else.

17. ledbetterp3

Posts: 467; Member since: Aug 31, 2011

That's exactly how I feel about those people...

2. GALAXY-S

Posts: 701; Member since: Jun 07, 2011

Great job google!! ive never been worried about any malware on my phone.. if i download a an that makes my phone act a lil dif, then all i do is uninstall.. BAM issure resolved!

13. G2Noobin

Posts: 81; Member since: Dec 17, 2011

Bam...totally agree some apps totally do that i find yahoo mail make my system a bit slow but i need it.... Also you cant blaim the way a pda works today offered by a specific OS whether google, apple, or windows...its part of that Network....or network web...those machines running those OSs to get the optimal usage out of that machine...aka apps, games, you have to be connected to apps and the developers....and its something that is engrained into optimisize a Personal Computing device. I only have dealt with google because i find my pda should be like my PC and not all bogged down by restrictions....simplicity and freedom and art always trumps complication, restriction, and conformity...in a HEALTHY SOCIETY!#!

3. thephoneguy92

Posts: 191; Member since: Dec 29, 2011

Good move by Google. This has been a big concern for all those little-old-lady types who don't know how to read reviews and uninstall apps ;)

4. MorePhonesThanNeeded

Posts: 645; Member since: Oct 23, 2011

This by far is the greatest strength of mobile OS like android is the way it is sandboxed to keep infections from spreading like wildfire and making removal easy and simple. No need for any Symantec nonsense to remove malware, just uninstall and you are clear. Those anti virus companies are just making up crap to get sales, mobile OS like android and I assume iOS are not built like traditional PC OS's thus usual tactics will not work as well. Gotta love mobile, only time will tell how saavy these nerds get to try an infect mobile OS's in the future. Right now most issues are caused by the owner of the phone downloading shady looking apps to begin with. Google is doing something on their end and you should always protect yourself on your end.

14. G2Noobin

Posts: 81; Member since: Dec 17, 2011

im just curious as to how so... good comment tho....is it because of linux base???

19. MorePhonesThanNeeded

Posts: 645; Member since: Oct 23, 2011

Android is more or less permission based and you have to grant permission in order for the app to install and run. The permissions are what keeps you safe from apps just running wild and doing whatever with your phone services. Permissions look as if it's hardwired into Android OS so the app must be given permission, so if you didn't agree to it then the app can't use what it was not permitted to. Sandboxing as Google calls it, to play in that box over there, you need permission from the user to be allowed access to it. Unlike PC OS which doesn't tell you exactly what a program is allowed to access, just grants pretty much full access to your sensitive data unbeknownst to you. So if you didn't read what permissions the app you just downloaded needs and allowed it, you're at fault. The end user has to bear some sort of responsibility to what he downloads on his end.

5. protozeloz

Posts: 5396; Member since: Sep 16, 2010

Exelent! From now on "virus " will become uniformed troll aterial ;) now the "users " that claim virus where the only thing stopping them from trying Android... will you consider it now?

6. gallitoking

Posts: 4721; Member since: May 17, 2011

good job Google you just acknowledge something that most fandroids have ignored or believed it didnt exist...

7. Sniggly

Posts: 7305; Member since: Dec 05, 2009

*gives up and walks away, knowing that nothing I say will have an effect*

9. protozeloz

Posts: 5396; Member since: Sep 16, 2010

Troll!

12. Giggity

Posts: 147; Member since: Nov 17, 2011

PA really need a bouncer for the likes of you and Miz

18. ledbetterp3

Posts: 467; Member since: Aug 31, 2011

Actually, I thought the problem was a lot worse than it is.

20. atheisticemetic

Posts: 377; Member since: Dec 18, 2011

trollolololololololol you're right tho apple doesnt need malware on their apps, they just need to submit $1000 dollar "gem apps" (that do nothing) that apple users will be stupid enough to buy nice try tho

8. Sniggly

Posts: 7305; Member since: Dec 05, 2009

Aaaannnnddd.... once again, when people advocate that Google takes steps to improve an aspect of its business, what does Google do? It listens and does so. This service sounds exactly like what I wanted Google to implement on Android market.

10. protozeloz

Posts: 5396; Member since: Sep 16, 2010

It could be better tho but glad they are using a method to make the market even more safe. Now even more enterprise might be interested in Android since the market is even more safe.

11. Whateverman

Posts: 3295; Member since: May 17, 2009

THANK YOU!!!

15. remixfa

Posts: 14605; Member since: Dec 19, 2008

And all without an overlord curating the market or arbitrary rules

16. XiphiasGladius

Posts: 813; Member since: Aug 21, 2011

Yeah It feels good knowing no one is treating you like a kindergarten on a boot camp.

21. solidsnakeduds013

Posts: 221; Member since: Oct 20, 2010

you know whats so funny. I have been reading the comments on the first page and i didn't see not one thumbs down. Make this be an article about Apple and a sea of negative comments would be there. BTW im a fanboy of both IOS and android

22. Paden

Posts: 262; Member since: Jul 07, 2011

Happy to see Google beefing up security! Smart move.

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.