There are a lot of security apps for Android that go a little ways into overkill territory. Whether you're talking about superfluous task managers or "virus scanners" that may provide some minimal protection while generating more fear than is warranted, Android has a persistent problem with companies applying a Windows-era mentality on a completely different OS. Secunia PSI, however, takes the cake for being one of the least effective apps on the Play Store.

secunia1 secunia2 secunia3

Here's how it works: Secunia scans your apps for possible vulnerabilities. Not actual infections, mind you. It just checks to see if the currently installed versions of your application match any known security holes. If some malicious software has actually taken advantage of that hole already, that's on you.

Once it has the list of outdated apps with potential vulnerabilities, it will direct you to the Play Store to download the newest version.

Wait, what?

Yes, the trouble with this app is not that it only scans for known holes, rather than actual infections. It's that even if it finds anything, it can only direct users to the Play Store for patches. This model makes a certain amount of sense on Windows where there is no unified place for all app updates. However, on Android, it's common knowledge that, if you want to stay safe, stay up to date. The end result of any scan is either "Go hit 'Update All' on the Play Store" or "You're fine! Do nothing."

This might still be handy for people who are avoiding updating certain apps (there are some legitimate reasons to do so). However, in a blog post announcing this app, Secunia says that currently their software is only capable of scanning "the most popular apps," with more being added as time goes on. And I quote: "Right now, the Secunia PSI for Android will therefore probably not cover all of your apps."

This makes sense. After all, this only a technology preview, right? Except no one told the Play Store description that. Nowhere is it mentioned that this is a limited scan, nor is it stated that even after checking your system, you might still have vulnerable apps because Secunia hasn't gotten around to adding them to their list.

We're sure that someone, somewhere, somehow will benefit from Secunia PSI. Someone who doesn't update a popular Android app that still wants to be aware of security vulnerabilities on their device. However, until this thing can check all (or even most!) of your applications, and direct users to patches from non-Play Store sources, it will remain hokum. A placebo at best.