“The days of Android Market anarchy may be coming to an end,” Andy Greenberg reports for Forbes.
“On Thursday, Google announced a new functionality in the application market for its mobile operating system that automatically scans new apps for known malware. The program, which the company is calling ‘Bouncer,’ also continues to run periodic simulations on existing apps to test them for malicious behaviors like data theft or paid texting scams,” Greenberg reports. “‘If it’s a repackaging of known malware, we’ll flag it,’ says Android vice president of engineering Hiroshi Lockheimer. ‘We also run apps on the server side in a simulated device environment, to monitor what it’s doing. If we see anything fishy, it gets flagged for manual review.'”
MacDailyNews Take: And what about unknown malware?
“Google’s precautions still don’t come close to Apple‘s strict security measures for the iPhone and its App Store. Google still isn’t subjecting developers to a lengthy approval period, as Apple does, only a real-time scan when their app is uploaded to the market,” Greenberg reports. “And just as significantly, Android continues to allow apps to download and execute new code. As security researcher Jon Oberheide has demonstrated with decoy apps posing as Twilight movie photos and Angry Birds sequels, that capability could allow a tricky malware developer to upload an innocent-looking app to the Android Market and then use it to download malicious capabilities and run them on the phone. Because Google’s new security measures only scan the Android Market and not the device itself, that kind of scheme likely wouldn’t be caught.”
Read more in the full article here.
MacDailyNews Take: Google’s set themselves up for another war that they can’t win.
Related articles:
Steve Jobs: ‘I’m going to destroy Android, because it’s a stolen product; I’m willing to go thermonuclear war on this’ – October 20, 2011
Aftershocks from Android market share dive rumble through mobile market – January 31, 2012
ABI: Apple iPhone tops smartphone market as Android suffers its first decline in share – January 27, 2012
Apple overtakes Samsung to take world’s largest smartphone vendor crown – January 27, 2012
These charts will make the Fandroids want to puke – January 26, 2012
AT&T sold 7.6 million iPhones and fewer than 1.8 million Android phones in Q411 – January 26, 2012
Apple’s iOS passes Google’s Android to take U.S. smartphone market share crown – January 25, 2012
Analyst: Verizon’s record iPhone sales signal waning demand for Google Android phones – January 24, 2012
Massive Android malware operation may have infected 5 million users; many infected apps remain on Android Market – January 28, 2012
Insecure: Malicious Android apps double in six months – December 14, 2011
Android permissions flaw allows eavesdropping, data theft, location tracking – December 2, 2011
You bank on your pretend iPhone? Are you nuts?! Android malware up 472% since July – November 16, 2011
Android security threats surge with infected ‘Angry Birds’; iPhone and iPad users unaffected – November 15, 2011
Apple’s iOS unaffected by malware as Android exploits surge 76% – August 24, 2011
McAfee: Google’s Android number one in malware – August 23, 2011
Android malware records phone calls; iPhone users unaffected – August 2, 2011
Symantec: Apple iOS offers ‘full protection,’ Google Android ‘little protection’ vs. malware attacks – June 29, 2011
Malware apps spoof Android Market to infect Android phones – June 21, 2011
Google forced to pull several malware-infested apps from Android market – June 8, 2011
Android malware sees explosive growth; even faster than with PCs – April 27, 2011
Virus-laden apps infest Google’s ‘open’ Android platform; iPhone unaffected – March 3, 2011
Security firm warns of new Android trojan that can steal personal information; iPhone unaffected – December 30, 2010
Trojan infects Android smartphones; iPhone unaffected – August 10, 2010
Millions of Android phone users slammed by malicious data theft app – July 29, 2010
Unlike proactive Apple, reactive Google doesn’t block malware from Android app store – June 4, 2010
Malware designed to steal bank information pops up in Google’s Android app store – January 11, 2010
Patching up a break in the condom with a glue stick.
NICE!
And what’s wrong with that?
After using it…
Good I want to see them expand on this as time goes on.
They didn’t already scan uploaded applications for known malware??
That was exactly my response upon seeing this headline.
Considering the insecure, PC-like nature of Google’s approach to Android Market, this is something which should have been present from DAY ONE. Not bolted on after the fact a couple years later.
The fact that they’re only belatedly adding something like this NOW, tells you all you need to know about how forward-thinking their planning really is.
*SNAP* See my post below…
But… But… Android is better than iOS… Cause it’s open!
Why would we need malware scans?..
“It’s a FEATURE”
Google begins to auto-scan Android Market for malware
GOOGLE WEREN’T DOING THIS ALREADY?! 😯
All this proves is that today’s Google attitude regarding Android security is only slightly less lame than it was yesterday. Otherwise, nothing has changed. Post your malware, it gets downloaded and installed by suckers, they’re PWNed, you win.
Then, after Google ‘scans’ for your malware then removes it, you post another version, ad nauseam….
IOW, Android malware security still majorly sucks.
This is utterly hilarious. From the source article:
Android vice president of engineering Hiroshi Lockheimer… [says] “People can be confident in using Android. The service we’re announcing today is almost just an insurance policy to make sure that continues to be the case.”
OMFG, ROTFLMAO. Suckers beware: Google wants your business.
More like GOOgle wants to be IN your business. What good is selling you if they don’t know ALL of your business.
Does this create a “Walled Desert”?
Google…walking through Hunter’s Point with a pen light…
“all clear!”
Suddenly I’m having deja vu circa 1995.