Skip to main content

Google's Bouncer Protects Android Market From Malware

On Thursday Google seemingly succumbed to the needs of a hands-on approach to filtering out malicious apps on the Android Market by officially introducing Bouncer to the public. Now Android device owners can breathe a collective sigh of relief knowing that perhaps from here on out, apps listed on Android Market are exactly what they claim to be, and not underage malware in disguise trying to slip in through the front door.

Hiroshi Lockheimer, VP of Engineering, Android, reports that Bouncer (codename) provides automated scanning of Android Market for potentially malicious software without disrupting the user experience or requiring developers to go through an application approval process. The service performs a set of analysis on new applications, applications already in Android Market, and developer accounts.

"Once an application is uploaded, the service immediately starts analyzing it for known malware, spyware and trojans," Lockheimer explains. "It also looks for behaviors that indicate an application might be misbehaving, and compares it against previously analyzed apps to detect possible red flags. We actually run every application on Google’s cloud infrastructure and simulate how it will run on an Android device to look for hidden, malicious behavior. We also analyze new developer accounts to help prevent malicious and repeat-offending developers from coming back."

In 2011, device activations grew 250-percent year-on-year, and the total number of app downloads from Android Market topped 11 billion. However Bouncer actually began to kick malicious apps out the door last year, and between the first and second halves of 2011, Google supposedly saw a 40-percent decrease in the number of potentially-malicious downloads from Android Market. This is good news given that security firms report that malicious programs are actually on the rise.

"While it’s not possible to prevent bad people from building malware, the most important measurement is whether those bad applications are being installed from Android Market - and we know the rate is declining significantly," Lockheimer added.

In addition to Bouncer, Lockheimer also points out that Android has built-in services to help prevent malware including sandboxing -- aka putting virtual walls between applications and other software on the device -- permissions and remote malware removal.

"Android is designed to prevent malware from modifying the platform or hiding from you, so it can be easily removed if your device is affected. Android Market also has the capability of remotely removing malware from your phone or tablet, if required," he said.

But as Lockheimer points out, no security approach is foolproof, so not everything will be bounced out of Android Market. Yet at least we know there's a little bit of muscle helping to keep Android's slick app dance stay clear of malware.

.

  • house70
    This is good.
    Reply
  • mrmaia
    I LOLed at the photo :P

    Good to see Google cares for the security of their OS.
    Reply
  • earlgreyman
    mrmaiaI LOLed at the photo
    That guy's been a bouncer at the 9:30 Club in DC for as long as I can remember. Dude's awesome, and he's damn good at his job.
    Reply
  • kcorp2003
    shouldn't Google have been doing this before?
    Reply
  • JasonAkkerman
    earlgreymanThat guy's been a bouncer at the 9:30 Club in DC for as long as I can remember. Dude's awesome, and he's damn good at his job.When I think of bouncers I think of someone who is not only big and intimidating, but who can also fight. Nobody with that "stuff" hanging off of their face is going to be very effective in a fight. There are too many "things" that could get ripped off.
    Reply
  • flaminggerbil
    JasonAkkermanWhen I think of bouncers I think of someone who is not only big and intimidating, but who can also fight. Nobody with that "stuff" hanging off of their face is going to be very effective in a fight. There are too many "things" that could get ripped off.

    You do realise that a good bouncer doesnt have to fight? This isnt fucking street fighter, real life is a little different.
    Reply
  • olaf
    well its good to counteract the malware hype.
    Reply
  • __-_-_-__
    this is not good like it sounds. now they have an excuse to restrict the software they want.
    Reply
  • dericko23
    How dare you compare a stereotypical 90's bouncer to Street Fighter
    Reply
  • jojesa
    After discovering malware in the App store, Google will use this bouncer (in photo) to go and punch the lights out of whoever uploaded the crap.
    Reply