27
Feb
secuniatiny

There are a lot of security apps for Android that go a little ways into overkill territory. Whether you're talking about superfluous task managers or "virus scanners" that may provide some minimal protection while generating more fear than is warranted, Android has a persistent problem with companies applying a Windows-era mentality on a completely different OS. Secunia PSI, however, takes the cake for being one of the least effective apps on the Play Store.

secunia1 secunia2 secunia3

Here's how it works: Secunia scans your apps for possible vulnerabilities. Not actual infections, mind you. It just checks to see if the currently installed versions of your application match any known security holes. If some malicious software has actually taken advantage of that hole already, that's on you.

Once it has the list of outdated apps with potential vulnerabilities, it will direct you to the Play Store to download the newest version.

Wait, what?

Yes, the trouble with this app is not that it only scans for known holes, rather than actual infections. It's that even if it finds anything, it can only direct users to the Play Store for patches. This model makes a certain amount of sense on Windows where there is no unified place for all app updates. However, on Android, it's common knowledge that, if you want to stay safe, stay up to date. The end result of any scan is either "Go hit 'Update All' on the Play Store" or "You're fine! Do nothing."

This might still be handy for people who are avoiding updating certain apps (there are some legitimate reasons to do so). However, in a blog post announcing this app, Secunia says that currently their software is only capable of scanning "the most popular apps," with more being added as time goes on. And I quote: "Right now, the Secunia PSI for Android will therefore probably not cover all of your apps."

This makes sense. After all, this only a technology preview, right? Except no one told the Play Store description that. Nowhere is it mentioned that this is a limited scan, nor is it stated that even after checking your system, you might still have vulnerable apps because Secunia hasn't gotten around to adding them to their list.

We're sure that someone, somewhere, somehow will benefit from Secunia PSI. Someone who doesn't update a popular Android app that still wants to be aware of security vulnerabilities on their device. However, until this thing can check all (or even most!) of your applications, and direct users to patches from non-Play Store sources, it will remain hokum. A placebo at best.

Eric Ravenscraft
Eric is a snarky technophile with a taste for the unusual. When he's not obsessing about Android, you can usually find him obsessing about movies, psychology, or the perfect energy drink. Eric weaves his own special blend of snark, satire, and comedy into all his articles.

  • username_already_exists_error

    US only again! can somebody have the apk?

    • brkshr

      Why? They pretty much stated that this app is useless. Pretty much any 'security' app is useless on Android. The only 'security' feature you may need is to find a lost/stolen phone.

      Before downloading an app - check ratings, check # of installs & shares, read reviews. I've been using Android for over 3 years now without a problem.

      • username_already_exists_error

        doesn't matter if your using android for 3 years actually. i've been developing my own rom and custom kernel since n1 days so i'm aware of that. it's just out of my curiosity on how useless this app is :p

        ... and also getting sick of US only apps.

        • brkshr

          I'll accept that answer :-)

    • anzensepp1987

      B$ - I could download it here in Germany. But I won't.

  • Andy Blakely

    I can't seem to get my parents to check for updates on their phones. I wonder if something like this could (when it matures) at least give a visual reminder to check for app updates. Otherwise the only use I can think of is if you have apps that came from outside the Play Store. Then this would become a very good idea.

    • brkshr

      I turn on 'Auto-update apps' in the Play Store for my parents & others, when I set up their phone. They aren't power users, so they should have plenty of data on their plan to allow for this.

      • Andy Blakely

        Good idea. I doubt they would want to read the update details and check reviews for crap-updates first... like I do.

  • RitishOemraw

    if they charged for this app I think it would border on illegal activities

  • Bedammit

    Gee Eric.. Secunia is well known for APPLICATION SECURITY. They maintain a huge repository for application vulnerabilities. This app can help a user assess their risk level with apps. For example.. Google might not pull an app or mark it as malicious. However this does not mean there inst a risk. Secunia aggregates these known vulnerabilities from various security professional sources and maintains a database of all knows app vulnerabilities.

    Oh.. And the person (username_already_exists_error) in this thread that is not in the US that posted they want the APK.
    That's just classic.... looking for a hacked/dumped security app APK.
    I would never trust an APK which I can get from the play store or Amazon app store that was aquired from anywhere except the developer.
    You're just asking for it...

    think ppl think...

    • username_already_exists_error

      yes. and i would never judge a person that he/she will just install it on his/her phone. sometimes, there is a thing called emulator and/or bluestacks. if you get a valid apk sometimes, it will be recorded as installed to your account and you can see it from the list of "all apps" (instead of installed app). that trick works on some free apps like google maps and street view.

      i even got google books and videos app available and downloadable because of that trick.

      and no... market enabler is not an option.

      i can even still download my tetris app from EA which i bought during sale (US version) when spoofing the carrier ID was still working.

      thing is, you can have a dummy account to attach that application and if the application has valid signature, you can see it from the app apps section now though it may not appear on the installed apps list.

      again. not all people asking for an apk are pirates or dumb just to install them on their phone. sometimes an unknown reason for you exists ;)

  • Anon

    Anybody with a moderate interest in PC Security has heard of Secunia..

Quantcast