Good news for users of Android phones and tablets. The Android Market has long had a checkered history in terms of security – primarily because Google did not provide oversight of Market apps. Compared to Apple’s serious (and extremely effective) vetting of its own App store, the Android Market has been more of a free for all where malicious apps could be published unchecked.
However, some months after denying that malware in Android Market was a serious issue, Google have just published details of a new service (codenamed Bouncer) that improves security of the Market. According to a Google VP of Engineering:
Bouncer “provides automated scanning of Android Market for potentially malicious software without disrupting the user experience of Android Market or requiring developers to go through an application approval process”.
You can read the full article here – basically, any uploaded app (including those already in the Market) will be checked by Bouncer for malware and suspicious behavior. It is unclear whether Bouncer utilizes a particular antivirus product (or a mix of several) to perform the checking but Google will also run every app through a Cloud virtual Android device to look for hidden malware.
A crucial phrase in the article is “the service has been looking for malicious apps in Market for a while now”. It doesn’t state how long for, so it is impossible to determine how effective Bouncer has been to date. However, the report does take a big swipe at antivirus companies who have been increasingly alarmist about Android malware:
“Between the first and second halves of 2011, we saw a 40% decrease in the number of potentially-malicious downloads from Android Market. This drop occurred at the same time that companies who market and sell anti-malware and security software have been reporting that malicious applications are on the rise”.
Suggesting that antivirus companies might be misleading the public to create a new market for their Android security products? Well, I never…
Where Does Bouncer Leave Android Security?
Google’s Bouncer service only covers apps in the official Google Android Market – so apps downloaded from other Markets or individual websites are not checked and still have the potential to include malware. However, according to a quote from BitDefender:
“only 0.5 percent of the 10,000 malicious Android apps in 2011 came from the [official] Android Market. The rest come from third party app markets, mostly in China and Russia”.
If BitDefender are correct it means only 50 malicious apps were found in the official Android Market during the whole of 2011 – so perhaps Bouncer has been in place for some months already and has done a pretty good job…
It’s increasingly obvious that apps should only be downloaded from the Android Market to avoid the (perhaps literal) Russian Roulette risks offered by non-Market apps. Whether a security product is required for Android devices is a matter of debate. Whilst security companies may be overstating the risks in order to sell more products, recent tests on many free Android antivirus products produced awful results – in the majority of cases the free products were next to useless.
Paid apps like Kaspersky Mobile/Tablet Security did significantly better. If bought as part of Kasperksy ONE Universal Security package, it can be a very cheap way of protecting Android devices as well as traditional Windows/Mac computers.
Ultimately, Bouncer is a step in the right direction but it still does not provide checks for spyware and adware, nor does it require app developers to go through an application approval process like Apple does – it might help security but doesn’t in itself remove the need for common sense when installing apps and good antivirus protection.