Google adds 'Bouncer' malware detector layer to Android Market

Posted:
in General Discussion edited January 2014


Google has added a behind-the-scenes service, codenamed Bouncer, to scan for malware on applications on the Android Market in an effort to counter the notion that its mobile operating system is insecure, the company revealed on Thursday.



Hiroshi Lockheimer, Google Vice President of Engineering, Android, published a post on the company's official blog outing the feature. Bouncer automatically scans the Android Market for "potentially malicious software."



Lockheimer was quick to point out, however, that the new scanner does not add an "application approval process" for developers or disrupt the user experience.



According to the post, the service "performs a set of analyses" on new applications, pre-existing applications in the digital store, and developer accounts.



"Here’s how it works: once an application is uploaded, the service immediately starts analyzing it for known malware, spyware and trojans," Lockheimer wrote. "It also looks for behaviors that indicate an application might be misbehaving, and compares it against previously analyzed apps to detect possible red flags."



Google apparently runs each application on its cloud infrastructure, simulating how it will run on an Android device in order to detect malicious behavior. The company also monitors new developer accounts to keep an eye out for repeat offenders.



Lockheimer admitted that the service has been in effect "for a while now." The post touted a 40 percent decrease in the number of "potentially-malicious downloads" from the Android Market between the first and second halves of 2011.



"This drop occurred at the same time that companies who market and sell anti-malware and security software have been reporting that malicious applications are on the rise," he said.



The report put forth download rates, rather than the number of malicious applications, as the "most important measurement."



Lockheimer also pointed out several security features built into Android that make malware less disruptive. For instance, Android uses a "sandboxing" technique to put up virtual walls between applications and other software. It also offers a permission system that informs users on the capabilities of new apps. Lastly, Android Market is capable of remotely removing malware from devices.



Google's post comes as a growing number of security firms have warned of a malware epidemic on Android. The mobile operating system gained notoriety last year as an insecure platform. Researchers highlighted exponential increases in the number of malicious applications detected on the Android Market.



According to one report, threats jumped up 472 percent between August 2011 and October 2011. Others warned of a growing epidemic on Android due to the open nature of the official application store and third-party stores.



Android's open nature has hindered its uptake among enterprise users as IT departments have shied away from creating potential security issues by adopting the platform. In contrast, Apple's iOS has seen steady growth in the enterprise market, in part because of its focus on ironclad security.



A recent survey from Forrester Research suggested that Apple could see as much as a 50 percent increase in global corporate IT spending on its devices. Apple's CFO Peter Oppenheimer revealed during a quarterly earnings conference call last month that "nearly all" of the top companies in the Fortune 500 now support both iPhones and iPads.



[ View article on AppleInsider ]

«1

Comments

  • Reply 1 of 28
    Quote:

    Lockheimer was quick to point out, however, that the new scanner does not? ?disrupt the user experience.



    "? because Android does that already."



    At any rate, good for them. Now they get to deal with whining from the pirates that will claim Google is now "Big Brother", meaning there will be fewer of them to bother us about Apple.
  • Reply 2 of 28
    jd_in_sbjd_in_sb Posts: 1,484member
    FAIL. Either the door is open to malware or it is closed. With Bouncer the door remains wide open because malware architects will simply get better at avoiding detection.
  • Reply 3 of 28
    They've got "antivirus" checking signatures and with heuristics running on their marketplace. How well did that work for PCs? And is that the only place people get their software for Android (no? really?)
  • Reply 4 of 28
    dunksdunks Posts: 1,240member
    Dear Google,



    The paradigm has shifted.



    The cat and mouse game is no longer best practice.



    Stay your course and you will be left behind.



    Sincerely,

    Me
  • Reply 5 of 28
    chris_cachris_ca Posts: 2,543member
    Quote:
    Originally Posted by AppleInsider View Post


    Google has added a behind-the-scenes service, codenamed Bouncer, to scan for malware on applications on the Android Market in an effort to counter the notion that its mobile operating system is insecure, the company revealed on Thursday.



    Then why add 'Bouncer' if it was already secure?

    Quote:

    Lockheimer admitted that the service has been in effect "for a while now."



    So it wasn't just added? This is just smoke and mirrors?

    Quote:

    Lockheimer also pointed out several security features built into Android that make malware less disruptive. For instance, Android uses a "sandboxing" technique to put up virtual walls between applications and other software.



    Shades of a walled garden, eh?

    Quote:

    Lastly, Android Market is capable of remotely removing malware from devices.



    So google can simply remove anything they want, at anytime from anyone/everyone's android device?

    Kinda like "big brother"...
  • Reply 6 of 28
    nagrommenagromme Posts: 2,834member
    It?s not enough of course, but it?s good step as far as it goes. (But why did it take all these years to do even this much?)
  • Reply 7 of 28
    MacProMacPro Posts: 18,215member
    So Android's garden isn't walled, it just has barbed wire between some bushes.
  • Reply 8 of 28
    Google adds "Bouncer" malware detector... That's gonna be one busy bouncer! Let's follow "Bouncer" as he begins doing his job!

    /

    /

    /
  • Reply 9 of 28
    drdoppiodrdoppio Posts: 1,132member
    LOL at the ignoramuses posting about things they have not experienced. Virus threats are a fable that serves one good purpose: it scares the dumbest of users and forces them to learn at least some basics about the OS, so that they don't bother us with stupid complaints all of the time.



    It is very symptomatic that "a growing number of security firms have warned of a malware epidemic on Android" at the same time as there was a 40% drop. Without spreading fear these useless companies would soon go out of business.



    And those who think that Google is making anything like a walled garden can think twice next time they want to run a Python script on their iDevice.
  • Reply 10 of 28
    Quote:
    Originally Posted by williamh View Post


    They've got "antivirus" checking signatures and with heuristics running on their marketplace. How well did that work for PCs? And is that the only place people get their software for Android (no? really?)



    Well for Windows based PCs I am pretty sure there was not a place where the users where getting 70% of their programs from one downloadable location at any point in time. So this is the first time something like this has been done. Second Google wants to say that the market is secured. Remember you have to agree and acknowledge that you want to allow third party apps. If some one agrees to it they know the risk.



    Quote:
    Originally Posted by Chris_CA View Post


    So google can simply remove anything they want, at anytime from anyone/everyone's android device?

    Kinda like "big brother"...



    No only a malicious app that was downloaded from the market. Not any personal files that you place on the device yourself. Or anything from other application sources like the Amazon store. So in reality it allows it to delete rogue apps. Nothing special.
  • Reply 11 of 28
    Quote:
    Originally Posted by DrDoppio View Post


    LOL at the ignoramuses posting about things they have not experienced. Virus threats are a fable that serves one good purpose: it scares the dumbest of users and forces them to learn at least some basics about the OS, so that they don't bother us with stupid complaints all of the time.



    It is very symptomatic that "a growing number of security firms have warned of a malware epidemic on Android" at the same time as there was a 40% drop. Without spreading fear these useless companies would soon go out of business.



    And those who think that Google is making anything like a walled garden can think twice next time they want to run a Python script on their iDevice.



    Paragraph 1: it's not Android! Users are just stupid.



    Paragraph 2: It's not Android! It's a conspiracy.



    Paragraph 3: It's not Android! Well, even if it was, it's better than a stupid iPhone.



    Sheesh! All over the map. Google deserves better apologists than this.



    Oh, btw, have fun connecting to remote networks with the built-in Cisco VPN on your Android phone. Oh what? You don't have that? Mmmmm... life sure is hard in this walled garden. Still, it keeps the riff-raff out.
  • Reply 12 of 28
    Quote:
    Originally Posted by inkswamp View Post


    Paragraph 1: it's not Android! Users are just stupid.



    Paragraph 2: It's not Android! It's a conspiracy.



    Paragraph 3: It's not Android! Well, even if it was, it's better than a stupid iPhone.



    Sheesh! All over the map. Google deserves better apologists than this.



    Oh, btw, have fun connecting to remote networks with the built-in Cisco VPN on your Android phone. Oh what? You don't have that? Mmmmm... life sure is hard in this walled garden. Still, it keeps the riff-raff out.



    Paragraph one is what iOS users have been saying for a while...and it is true though stupid should be replaced with ignorant. Just like anyone can run a windows machine virus free without a single virus as long as they avoid doing stupid shit and get everything from trusted sources. For a mobile device for the masses, I don't see anything wrong with Apple's method...a lot of people don't obviously...as they are smart enough to recognize the general ignorance of the general populace...everyone else is pushing "Teh 3Dz and the MHZ" where as Apple is pushing "You need this, it just works, it does what you want."



    Genius really.



    Paragraph two is true...hence why they identify threats...and use percentage as opposed to numbers because 479% sounds a whole lot worse than, there was 1 now there's 5....kinda like how the inverse was used during the "antennaegate" issue by Steve Jobs himself..."we admit there is an increase in user antenna complaints, but it's only 3 out of 100 as opposed to 1 out of 100" Imagine had he said "we had a 300% increase in user complaints" sounds a lot worse right?



    Paragraph three he's just pointing out how this is nothing like a walled garden...nothing at all...especially considering you can STILL sideload out of the box.



    Now...get over yourself.
  • Reply 13 of 28
    drdoppiodrdoppio Posts: 1,132member
    Quote:
    Originally Posted by inkswamp View Post


    Paragraph 1: it's not Android! Users are just stupid.



    I can say that again: users who get viruses are stupid.



    Quote:

    Paragraph 2: It's not Android! It's a conspiracy.



    I know this is a tinfoil hat theory, but it's just too logical to ignore. AV companies have a very strong financial incentive to spread rumors. You don't ask your hairdresser if you need a haircut.



    Quote:

    Paragraph 3: It's not Android! Well, even if it was, it's better than a stupid iPhone.



    You're oversimplifying it; it is Android, but it is a good thing. I use scripting languages for various things in my phone. Those are not an option on Apple's devices.



    Quote:

    Sheesh! All over the map. Google deserves better apologists than this.



    There would be no need for apologists if it wasn't for the constant bashing by uninformed people who have no interest in Android other than propping up their own insecurities.



    Quote:

    Oh, btw, have fun connecting to remote networks with the built-in Cisco VPN on your Android phone. Oh what? You don't have that? Mmmmm... life sure is hard in this walled garden. Still, it keeps the riff-raff out.



    AnyConnect is available for free on most stock devices and all rooted ones. Nice try though.
  • Reply 14 of 28
    Quote:
    Originally Posted by AppleInsider View Post


    Google has added a behind-the-scenes service, codenamed Bouncer, to scan for malware on applications on the Android Market in an effort to counter the notion that its mobile operating system is insecure, the company revealed on Thursday.



    Eating their own words! So much have been written by pro-googlers about the Open nature of Android. Now we know that it is like a Bar where doors are open but Bouncers are present. I will prefer my closed door home - peaceful and comfortable.



    Quote:
    Originally Posted by AppleInsider View Post


    Google apparently runs each application on its cloud infrastructure, simulating how it will run on an Android device in order to detect malicious behavior. The company also monitors new developer accounts to keep an eye out for repeat offenders.



    Lockheimer admitted that the service has been in effect "for a while now." The post touted a 40 percent decrease in the number of "potentially-malicious downloads" from the Android Market between the first and second halves of 2011.



    Mr. Eric Smidt, your comment please. It appears that you do monitor the offenders after letting them enter the Market. Apple on the other hand, does not let offenders enter at all.



    While this will be good for Android, it will show how empty and hollow the whole "Open vs Close" propaganda by Google was. Many people take the "Open" side without using a little common sens.



    Quote:
    Originally Posted by AppleInsider View Post


    The report put forth download rates, rather than the number of malicious applications, as the "most important measurement."



    That's the most important measurement. It shows how many devices are infected. What is the point of using the number of Malicious apps if none are downloaded and devices are not infected.



    Quote:
    Originally Posted by AppleInsider View Post


    Lastly, Android Market is capable of remotely removing malware from devices.



    Looks like a big breach of privace. Anyway, those pro-googler (and Google itself) regularly turn their eyes off when the facts are not supporting them.
  • Reply 15 of 28
    drdoppiodrdoppio Posts: 1,132member
    Quote:
    Originally Posted by Tsun Zu View Post


    Eating their own words! So much have been written by pro-googlers about the Open nature of Android. Now we know that it is like a Bar where doors are open but Bouncers are present. I will prefer my closed door home - peaceful and comfortable.



    So you are unhappy that Google will remove your malware from the Market, or what?



    Quote:

    Mr. Eric Smidt, your comment please. It appears that you do monitor the offenders after letting them enter the Market. Apple on the other hand, does not let offenders enter at all.



    This is the wrong forum to address Mr Schmidt.



    Quote:

    While this will be good for Android, it will show how empty and hollow the whole "Open vs Close" propaganda by Google was. Many people take the "Open" side without using a little common sens.



    Google still lets you use alternative markets and publishes the source of the OS. Tightening security at their own marketplace is hardly a reason to think Android is not open.



    Quote:

    Looks like a big breach of privace. Anyway, those pro-googler (and Google itself) regularly turn their eyes off when the facts are not supporting them.



    It is not a breach of privacy since Google already has a full list of all apps you install through the Market; that's how you update them and move them if you change your device. Educate yourself before you start trolling.
  • Reply 16 of 28
    d-ranged-range Posts: 396member
    Quote:
    Originally Posted by DrDoppio View Post


    LOL at the ignoramuses posting about things they have not experienced. Virus threats are a fable that serves one good purpose: it scares the dumbest of users and forces them to learn at least some basics about the OS, so that they don't bother us with stupid complaints all of the time.



    Technically you are right, virus threats are a fable and irrelevant in the discussions about Android security and the way the Android Market works. Malware that steals private information or secretely sends text messages and such, copy-cat applications, and bottom-of-the-barrel quality applications that trick people into buying them without offering any kind of useful functionality, actually are side-effects of the way the Android Market works. If you really think there' isn't a lot of stuff like that floating around the Android Market, you are in denial.



    But again, you are right about virus threats, which would be the least of my worries if I were using an Android phone. This automatically makes this whole 'Bouncer' thing more or less useless, as it is not going to catch malware disguised as legit apps, copycat apps, or apps that don't actually do anything. You need QA for that, real people actually trying out whether applications perform as promised.



    Quote:
    Originally Posted by DrDoppio


    It is very symptomatic that "a growing number of security firms have warned of a malware epidemic on Android" at the same time as there was a 40% drop. Without spreading fear these useless companies would soon go out of business.



    So you have one side in this story saying there is a huge problem, and one side saying there isn't a problem at all, yet at the same time introducing measures against an apparently non-existing problem, and quoting figures showing a drop in said non-existing problem.



    As usual, truth appears to be somewhere in the middle. No, your phone is not going to be infested with malware within minutes after you start using it, but yes, there is a lot of shit going on in the Android Market, which could potentially mean you will download and install and possibly pay for something that doesn't work, or works in ways you did not install it for.



    Quote:

    And those who think that Google is making anything like a walled garden can think twice next time they want to run a Python script on their iDevice.



    Running a Pyhton script on your phone, really... .



    If that's the best you can come up with, I'll stick with my walled garden. If I want to run Python scripts, I'll just use my computer. It's a phone, not a geek toy that can some useless tricks my computer does a million times better.



    You'll probably disagree and fabricate some kind of hypothetical use case to support your argument. In that case, I'd like to refer you to http://www.saurik.com/id/5
  • Reply 17 of 28
    drdoppiodrdoppio Posts: 1,132member
    Quote:
    Originally Posted by d-range View Post


    <...>

    So you have one side in this story saying there is a huge problem, and one side saying there isn't a problem at all, yet at the same time introducing measures against an apparently non-existing problem, and quoting figures showing a drop in said non-existing problem.

    <...>



    What, have you never checked for monsters under the bed to placate a sleepless child?



    Quote:

    Running a Pyhton script on your phone, really... .

    ...



    Yes, I do run scripts (it's Python, not Pyhton, and is only one of many languages I use) -- what's your problem with that? That's hardly the only reason to prefer Android, but it is both a stark difference in philosophy and something that is a possible security threat, so I found that example appropriate in the context. Could your response have been any less mature?
  • Reply 18 of 28
    Quote:
    Originally Posted by AbsoluteDesignz View Post


    Paragraph three he's just pointing out how this is nothing like a walled garden...nothing at all...especially considering you can STILL sideload out of the box.



    Now...get over yourself.



    Heh. I love how Android users think they have sooooo much more freedom than what Apple offers. You don't really. Of if you do, it's by a tiny degree. It's just everyone buying into all the "free and open" marketing memes. The proof is the simple fact that jailbreaking/rooting is just as popular with Android users as it is with iOS users. If Android represented all this freedom and not being walled in as you claim, why all the rooting? And why have some OEMs been making it more difficult to root these devices? That doesn't sound very free to me.



    See, you're in a walled garden too. You just don't want to see it.



    Quote:
    Originally Posted by DrDoppio View Post


    AnyConnect is available for free on most stock devices and all rooted ones. Nice try though.



    Wasn't aware of that. Bravo, then. Android finally caught up with iPhone 1.
  • Reply 19 of 28
    Quote:
    Originally Posted by d-range View Post


    Running a Pyhton script on your phone, really... .



    Don't you love that?



    I've been programming computers since I was a kid. I've been doing professional web development and system admin work for the last 15+ years. I'm no stranger to computers and geeky stuff, but for the life of me, I can't imagine why I'd ever want to run scripts (or do computer-like management of processes and files) on my phone. There are times and places for technical complexity, and my phone isn't one of them.
  • Reply 20 of 28
    sockrolidsockrolid Posts: 2,788member
    Quote:
    Originally Posted by AppleInsider View Post


    [...] Google's post comes as a growing number of security firms have warned of a malware epidemic on Android. The mobile operating system gained notoriety last year as an insecure platform. Researchers highlighted exponential increases in the number of malicious applications detected on the Android Market. [...]



    I set the over/under on the percentage of Android Market apps that will be removed because they are "potentially malicious software" at 33%. And I'll take the over. Any takers on the under?
Sign In or Register to comment.