02
Feb
bouncer

As Android has grown from a small hobbyists OS to the mainstream-conquering behemoth it is today, so has the amount of malware directed towards it. A large chunk of the problem comes from malicious apps that make it into the Android Market - often times, duplicates of popular apps with a few strings of code thrown in that allow the app to transmit personal information or hijack the device.

Makers of anti-virus apps claim that there's more malware in the market than ever, painting the picture of a wild west-esque place that's ever-more attractive to the scum of the app universe. Not so, says Google: they have created a virtual bouncer (deceptively named "Bouncer") to automatically scan the Market "for potentially malicious software without disrupting the user experience of Android Market or requiring developers to go through an application approval process." In slightly longer-form:

The service performs a set of analyses on new applications, applications already in Android Market, and developer accounts. Here’s how it works: once an application is uploaded, the service immediately starts analyzing it for known malware, spyware and trojans. It also looks for behaviors that indicate an application might be misbehaving, and compares it against previously analyzed apps to detect possible red flags. We actually run every application on Google’s cloud infrastructure and simulate how it will run on an Android device to look for hidden, malicious behavior. We also analyze new developer accounts to help prevent malicious and repeat-offending developers from coming back.

The service isn't actually new (it's been around for "a number of months"), and the company says it has already resulted in a 40% decrease in the number of potentially-malicious downloads from the Market.

In addition, they  mention that Android was built from the start with security in mind. Things like sandboxing (keeping different parts of the OS separate so that malicious apps can't access certain things) and the permission confirmation system play a part, as do Google's malware removal tools.

For more details on Bouncer and Android security in general, hit up Computer World's Q&A with Hiroshi Lockheimer, Android's VP of Engineering.

[Source:  Google Mobile. Read more: Computer World]

Aaron Gingrich
Aaron is a geek who has always had a passion for technology. When not working or writing, he can be found spending time with his family, playing a game, or watching a movie.

  • Toddrick

    Google Bouncer: Malware Stopped At The Door, Slashes Driver's Tires

  • Sam

    Sounds good to me! As long as they check all positives to make sure Bouncer hasn't made a mistake.

  • JM62

    Of course the "Makers of anti-virus apps claim that there's more malware in the market than ever", they want you to buy their pruduct. Called 'Scare Mongering'

    • Jon Garrett

      +1

      Id like to know more about 'sandboxing'

  • Elrando

    So this confirms what I've always thought, malware on the Market itself is next to a non issue. Those scary figures that the anti-malware companies like to spout only really come into play if you download apps from dodgy sources.