Security Boost for Android Market

Wednesday, February 8, 2012 @ 10:02 AM gHale

A truly open environment for developers has its pros and cons. That is definitely the case when it comes to Android as it is an open platform for developers to get apps out to users. However, the bad part is security can be a nightmare.

The potential for spyware, malware and other nasty apps to sneak inside keeps increasing.

Smartphone Exposes Passwords
Android Malware Stays Hidden
Breaking Down a Malware Operation
Malware Shifts from Safe to Malicious

Now Google is saying no more. The company unveiled a new security service for the Android Market that aims to auto-scan uploaded Android applications to detect potentially malicious apps more quickly, ideally before users download them. Codenamed Bouncer, the new service searches for threats without requiring any pre-approval process, continuing to keep the Market as “open” as it has always been.

“Once an application is uploaded, the service immediately starts analyzing it for known malware, spyware and trojans,” said Google vice president of engineering Hiroshi Lockheimer. “It also looks for behaviors that indicate an application might be misbehaving, and compares it against previously analyzed apps to detect possible red flags.”

The new security service has already been working for the past few months. After finding an app that violates the rules — be it malware, spyware or whatever — the Android team takes the application down and bans the developer account from uploading any more apps. Further, Google continues to check new Android developer account sign-ups, so repeat offenders won’t continue to upload nasty apps under a different user name.

“Application scanning doesn’t just happen at the time of upload,” Lockheimer said. “We continuously analyze existing applications, too. That way, as our knowledge and technology improve over time, we can better monitor and analyze all apps in Android Market.”

In the world of mobile apps, there are certain positive aspects to cultivating a walled garden. Apple’s App Store only approves apps after putting them through a rigorous approval process, ultimately nixing apps that aren’t up to snuff for whatever reason.

Google’s philosophy differs from this completely. The Android Market requires no vetting process for pre-approving apps, no censor as to what sort of content can go in (unless it specifically violates the Android developer distribution agreement) and no wait times to get apps inside the market. Even the Android platform itself is built atop open source software. For all intents and purposes, it’s everything Apple’s App Store isn’t.

Leave a Reply

You must be logged in to post a comment.