Google’s New ‘Bouncer’ Targets Android Market Malware
By Katherine Noyes, PCWorld
Hard on the heels of the controversy that arose recently around Symantec and its claims that numerous apps on the Android Market were actually malware in disguise, Google on Thursday unveiled a new tool to help it identify malicious apps.
Symantec subsequently recanted its assertions, of course, but in the meantime there’s now a service called “Bouncer” that aims to keep the Android Market free of malware by quietly and automatically scanning it for questionable apps.
“Today we’re revealing a service we’ve developed, codenamed Bouncer, which provides automated scanning of Android Market for potentially malicious software without disrupting the user experience of Android Market or requiring developers to go through an application approval process,” wrote Hiroshi Lockheimer, vice president of engineering for Android, in a Thursday post on the Google Mobile Blog.
‘We Actually Run Every Application’
When an application is uploaded, Bouncer immediately starts analyzing it for known malware, spyware, and trojans, Lockheimer explained. The service also looks for suspicious behaviors and compares it against previously analyzed apps to detect possible red flags, he noted.
“We actually run every application on Google’s cloud infrastructure and simulate how it will run on an Android device to look for hidden, malicious behavior,” Lockheimer wrote.
New developer accounts are also analyzed so as to help prevent the return of developers who have submitted malicious software in the past, he added.
A 40 Percent Drop
Bouncer has actually already been at work in the Android Market for some time already, Lockheimer added, and it’s turned up some interesting results.
Though more than 11 billion apps were downloaded from the Android Market over the past year, the number of Android malware downloads is decreasing dramatically, he asserted.
Specifically, between the first and second halves of 2011, there was a 40 percent drop in the number of downloads of potentially malicious software from the Android Market, he wrote.
In fact, “this drop occurred at the same time that companies who market and sell anti-malware and security software have been reporting that malicious applications are on the rise,” Lockheimer pointed out.
No ‘Walled Garden’
Indeed, last fall saw several dire warnings of a “mobile malware crisis” looming on the horizon, so it’s good to hear some concrete data putting such claims in perspective.
At the same time, it’s also good to see Google adding to Linux-based Android’s arsenal of protections, which already include sandboxing, a rigorous permissions system, and the ability to remove malware easily, as Lockheimer notes.
No platform has perfect security, of course. Still, the addition of Bouncer adds one more level of protection while still avoiding the constraints of an Apple-style “walled garden.”