Welcome Guest | |
Follow Us:
    
Newsletter Signup:
Google's bouncer ejects malware from Android market
Google is using a technology called Bouncer to monitor and remove malicious apps By David Chernicoff, InformationWeek USA, February 06, 2012
Google, which has always maintained that the Android Market, although not immune to malware, was not heavily affected by it, revealed Thursday it has been using a technology called Bouncer to monitor apps for malware. Although only saying that Bouncer has been in use "for a while now," Google said it saw a 40 percent reduction in the number of potentially malicious apps downloaded from the market between the first and second halves of 2011. Bouncer removes apps that it identifies as containing malware, spyware, or trojans.

Google is quick to point out that the significant reduction in potentially dangerous applications occurred in the same time frame that anti-virus vendors made a lot of noise, well covered in the media, about the huge growth in malware-infected applications coming straight from the Android Market to users' devices. It's no secret that Google does not think well of anti-virus vendors, which it has called "charlatans" for selling anti-virus software. Google has said anti-virus software is a worse blight than the malware itself.

Bouncer looks at applications in the Market and in developer accounts, searching for known code or behaviors that seem suspicious, and comparing new apps against previously uploaded versions. Additionally, apps are run on what is likely--Google doesn't say--an Android simulator in the Google Cloud to look for behaviors that are not obvious from the code analysis.

Red-flag behaviors result in the app being pulled from the Market, and can also result in the developer's account being closed for repeated malicious behavior. Google also has the capability to remove an app from a user's device via its Remote Application Removal feature. This feature has been rarely used to this point, with Google only commenting on its use in removing a test app that a security researcher uploaded to the market.

Google cautions users to look at the permissions that an app requests, and if the requests seem suspicious, to stop the installation. Of course, this means users have to understand the permissions being granted, and for most non-technical users, this is an onerous requirement. So far, nothing has been released via the Market that can't be removed by simply uninstalling the offending app. Should that change, then Google's offhand approach to protecting users might see a change.

 

Source: InformationWeek USA



blog comments powered by Disqus
Digital Issues
View More
Sponsored White Papers

  • Multiple ways to build a Multi-tenant SaaS Apps

  • Global Study on Mobility Risks - India Study

  • Global Study on Mobility Risks

  • Security Pros & Cons : Infographic Summary Report

  • Security Pros & Cons : Research Report

  • Identity and Information Security Integration

  • How to Get Started with Enterprise Risk Management

  • Benefits of a Partnering with a Security Service Provider

  • Enabling Cost-Cutting Initiatives with eGRC

  • Best Practices in Log Management

    
Featured Videos
Gigamon visualizes virtualization traffic
At Interop, Gigamon announced GigaVUE-VM, so administrators can look at the same traffic flows, but this time between virtual machines -- again, setup and defined down to the application (including custom applications)
More Videos
Latest Mobile News
All Articles By David Chernicoff
Top Stories
CIO Life
‘My inspirations from life’ - N Nataraj, Global CIO, Hexaware
Winner of several prestigious awards, there are several important lessons from N Nataraj's career and life, which are inspirational for emerging CIOs. He shares his key inspirations from life, and the lessons learnt from every individual
BankTech India - IT News for BFSI Segment
We're on Google+
InformationWeek India on Facebook