Google's Android Market 'Bouncer' - Does it offer enough protection?

Google's Android Market 'Bouncer' - Does it offer enough protection?

Summary: A small step in the right direction.

SHARE:

On Thursday Google revealed a new security feature for the Android Market store that's designed to protect Android users from malware. But does the service go far enough?

The new service, called 'Bouncer,' is designed to quietly and automatically scan the entire Android Market (and all new apps uploaded) for malware.

Hiroshi Lockheimer, VP of engineering for Android, explains how it works:

The service performs a set of analyses on new applications, applications already in Android Market, and developer accounts. Here’s how it works: once an application is uploaded, the service immediately starts analyzing it for known malware, spyware and trojans. It also looks for behaviors that indicate an application might be misbehaving, and compares it against previously analyzed apps to detect possible red flags. We actually run every application on Google’s cloud infrastructure and simulate how it will run on an Android device to look for hidden, malicious behavior. We also analyze new developer accounts to help prevent malicious and repeat-offending developers from coming back.

Lockheimer also revealed that this service has already been operational 'for a while now' and that between the first and second halves of 2011 Google saw a 40% decrease in the number of potentially-malicious downloads from Android Market.

But is this enough? BitDefender's chief threat researcher Catalin Cosoi doesn't think so, and believes that malware writers will find a way to circumvent the screening mechanism:

Also, based on our experience with malware analysis, malware writers will seek a way around security. For instance, in the PC malware world, we use virtual machines to analyse behavior of different samples we discover. Obviously, in time, malware writers added different routines to detect if the virus runs in a real computer or in a virtual environment, and they modified their software to act legit when running in a control environment. We might see the same phenomenon here, as Bouncer is a service that will emulate all apps uploaded on the Android Market. Not to mention that the Android API offers the possibility to detect if the app runs in an emulator or directly on the devices. So there is a high chance that we’ll see apps behaving correctly when used on a simulator and turning malicious when used on the mobile device.

Another more immediate problem with 'Bouncer' is that the service doesn't scan for what's known as 'greyware,' a category that includes things such as spyware, adware, and aggressive ad platforms. This stuff isn't technically malware, but it's also not desirable to have it installed on your handset either (it's annoying and can suck bandwidth).

I see 'Bouncer' as a small step in the right direction. Google could (and in my opinion, should) do more to protect Android users from the ever increasing number of threats that they face.

[poll id="751"]

Related:

Topics: Hardware, Android, Google, Mobile OS, Mobility, Security, Smartphones

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

19 comments
Log in or register to join the discussion
  • RE: Google's Android Market 'Bouncer' - Does it offer enough protection?

    How much you want to bet the 19% are the typical Apple Shills.
    slickjim
    • The timeless art of deflection ...

      nt
      Rabid Howler Monkey
      • RE: Google's Android Market 'Bouncer' - Does it offer enough protection?

        @Rabid Howler Monkey Nice try buy I have nothing to deflect, just pointing out the obvious and contrast, I count you one of them!
        slickjim
    • RE: Google's Android Market 'Bouncer' - Does it offer enough protection?

      @Peter Perry
      Who protects the users from Google? All Google apps and service are spyware. Google has admitted it.
      jorjitop
  • RE: Google's Android Market 'Bouncer' - Does it offer enough protection?

    I think that as long as people continue to not research and/or not pay attention to what they are downloading there will never be enough protection. The only surefire way to not get malware is to only install what you know is safe.
    shodiwarmic
    • RE: Google's Android Market 'Bouncer' - Does it offer enough protection?

      @shodiwarmic

      And how do they know what is safe? A trusted marketsite would be a big help. This is a good first step.
      msalzberg
      • RE: Google's Android Market 'Bouncer' - Does it offer enough protection?

        @msalzberg You mean a walled garden don't you?

        There are free application scanners out there and this article documents the steps Google is taking to combat this.

        Bottom line, you guys just don't like Android!
        slickjim
      • RE: Google's Android Market 'Bouncer' - Does it offer enough protection?

        @Peter Perry<br><br>Right. There are free virus scanners and malware scanners and spyware scanners for PCs also, never thought I would ever see the day when it becomes requirements on phones. But this is the "open source" way. Instead of companies doing everything in their power to protect innocent users, proponents of "open" is telling them they are on their own. You do the vetting yourself!
        dave95.
      • RE: Google's Android Market 'Bouncer' - Does it offer enough protection?

        @Peter Perry<br><br>Yes, I mean a walled garden. People want to use their devices, not administrate them.<br><br>When we fuel up our car, we don't worry about whether or not the fuel is contaminated; we assume that the gas is good. We don't need to get involved in the screening and testing of the gas.<br><br>When we buy food at the supermarket, we assume (not always correctly) that the food has been screened, and that we are safe from disease (again, not always correctly). We don't get involved in the testing of the products.<br><br>We don't check the radiation from our microwaves, and we don't test the quality of our water. We assume the electricity is coming into our houses at the correct voltage and frequency. We turn on our TVs and assume that we won't have wildly inappropriate programming pushed on us without our explicit permission.<br><br>This is the way we live. This is the way we want to live. We want our phone to be just another appliance. We just want to use it.<br><br>Now, it's all well and good for geeks to tell Grandma that she should do her research before she buys that app that lets her get football scores, but that's just not the way it works in the real world.<br><br>How about this: Google sets up a walled market, and an unwalled one. Everyone sees the walled one, and then must explicitly go to the unwalled one. <br><br>By the way, I've never used Android for more than one minute at a time. I neither like nor dislike it. Don't project your platform hating issues onto me.
        msalzberg
      • RE: Google's Android Market 'Bouncer' - Does it offer enough protection?

        @msalzberg

        "Yes, I mean a walled garden. People want to use their devices, not administrate them."

        I guess you don't shred your old mail either huh?

        "When we fuel up our car, we don't worry about whether or not the fuel is contaminated; we assume that the gas is good. We don't need to get involved in the screening and testing of the gas."

        Hello? Ethanol? Yes your gas is contaminated!

        "When we buy food at the supermarket, we assume (not always correctly) that the food has been screened, and that we are safe from disease (again, not always correctly). We don't get involved in the testing of the products."

        I guess you never eat Fast Food either huh?

        "We don't check the radiation from our microwaves, and we don't test the quality of our water. We assume the electricity is coming into our houses at the correct voltage and frequency. We turn on our TVs and assume that we won't have wildly inappropriate programming pushed on us without our explicit permission."

        Interesting because parts of the country probably have radiation coming in from Japan... Parts of it were affected from Chernobyl as well but they never told us that and now we have a higher incidence of certain cancers in the North Eastern US.

        Also, I stopped watching regular TV when Ricky Schroeder ended up bare assed on NYPD Blue (Yeah, I never wanted to see that stuff either).

        "This is the way we live. This is the way we want to live. We want our phone to be just another appliance. We just want to use it."

        Ignorance is bliss I guess!

        "Now, it's all well and good for geeks to tell Grandma that she should do her research before she buys that app that lets her get football scores, but that's just not the way it works in the real world."

        I never said, they should do that but the Symantec Software is Free and Now Google is doing what you want but still you're not happy.

        "How about this: Google sets up a walled market, and an unwalled one. Everyone sees the walled one, and then must explicitly go to the unwalled one."

        Umm, Amazon setup the walled market and Google has the unwalled market.

        "By the way, I've never used Android for more than one minute at a time. I neither like nor dislike it. Don't project your platform hating issues onto me."

        Well, I have used the iPhone for 4 and 4s for a combined 4 months... Before that I had several months with the iPads... My dislike for the platform is very much rooted in experience.
        slickjim
      • RE: Google's Android Market 'Bouncer' - Does it offer enough protection?

        @Peter Perry<br><br>"Contaminants." I don't think the word means what you think it means. A compound deliberately and specifically blended in by the gas company is not a contaminant. When you put the fuel in your car, is still runs as designed.<br><br>Fast food? I eat 'way too much. What's your point? I, and millions of others, go into fast food restaurants all the time. I highly doubt that many people worry about food borne illnesses when they go there, otherwise they'd eat somewhere else. And where could they go to be free of that worry? Somewhere, somehow, there's a process that frees us of that worry.<br><br>I have no idea what Chernobyl and Japan have to do with our use of microwave ovens or other appliances. Can you give me an idea of what you're talking about? <br><br>I'm glad for you that you've stopped watching TV. Personally, I only watch "Top Gear" on BBC America and "Antiques Roadshow" on PBS. I hear tell that there are millions of others who still watch, though, so once again I don't see your point.<br><br>"Ignorance is bliss." You, my friend, are also ignorant about much of the things you use. That's not an insult, it's the way it is. <br><br>What's the size of the headers over your windows? Do you know? If not, you're ignorant of a very important safety consideration.<br><br>Do you have GFCI or arc sensing breakers in your house? Do you know how they work and why they exist? If not, you're ignorant of an every-day ordinary device that could save your life.<br><br>Did you buy a 40 watt stereo rather than a 30 watt stereo thinking it would be louder? If so, you're ignorant.<br><br>Does your smoke detector work via a photo electric sensor, or by ionization? <br><br>I could go on. These are things that surround us every day, and we never give them a second thought. Why do you feel that our phones can't work like that? <br><br>My suggestion still holds: A walled Android marketplace, and an unwalled one. Does the Google marketplace have a warning that it may have apps that contain malware? If not, how are unsophisticated users supposed to know?

        Anyway, it's nice to see you admit that you hate Apple's products. It's not often that an Apple-hater actually say so. Usually they pretend to be NonZealots.
        msalzberg
  • Clearly not as we see the android market still hosting viruses, malware,

    spyware, adware, etc. Although google is ok with adware and apps that change your browser homepage, delete your shortcuts and add their own, etc. As long as the apps leave android in a state where it can shove unsolicited ads in your face and connect to google services that can read your email and docs and track what websites you visit google is happy.
    Johnny Vegas
    • RE: Google's Android Market 'Bouncer' - Does it offer enough protection?

      @Johnny Vegas And to think, Bing is copying Google to a T!

      As for Adware and Spyware, show me where all of this stuff has happened on Android! I know it has happened on Windows.
      slickjim
      • You must be in Egypt

        @Peter Perry Constantly in fandroid denial.

        Seriously, you must be really clueless (self imposed) if by now you haven't read the THOUSANDS of news articles about Android malware .... and the very first mobile phone botnet.

        Pick a respectable news source ... the information is there and very visible.
        wackoae
      • RE: Google's Android Market 'Bouncer' - Does it offer enough protection?

        @wackoae You know full well that Peter Perry is one of the biggest fandroids around and will turn a blind eye to anything negative in regard to Android. Of course anything similar that comes out about Apple and he is all over it. <br><br>I think this is a good first step for Google and I am glad to see they are doing it. They are trying to ride a fine line where they can keep their users safe yet still claim opennessss. Nothing is perfect, not Android or Google, not iOS or Apple but we all when they try to get closer to perfection.
        non-biased
  • RE: Google's Android Market 'Bouncer' - Does it offer enough protection?

    Google is way short and years late. They have lost control of their app environment and will never get it under control.
    clues@...
  • RE: Google's Android Market 'Bouncer' - Does it offer enough protection?

    "Yes, I mean a walled garden. People want to use their devices, not administrate them.

    When we fuel up our car, we don't worry about whether or not the fuel is contaminated; we assume that the gas is good. We don't need to get involved in the screening and testing of the gas.

    When we buy food at the supermarket, we assume (not always correctly) that the food has been screened, and that we are safe from disease (again, not always correctly). We don't get involved in the testing of the products.

    We don't check the radiation from our microwaves, and we don't test the quality of our water. We assume the electricity is coming into our houses at the correct voltage and frequency. We turn on our TVs and assume that we won't have wildly inappropriate programming pushed on us without our explicit permission.

    This is the way we live. This is the way we want to live. We want our phone to be just another appliance. We just want to use it.

    Now, it's all well and good for geeks to tell Grandma that she should do her research before she buys that app that lets her get football scores, but that's just not the way it works in the real world.

    How about this: Google sets up a walled market, and an unwalled one. Everyone sees the walled one, and then must explicitly go to the unwalled one.

    By the way, I've never used Android for more than one minute at a time. I neither like nor dislike it. Don't project your platform hating issues onto me."


    OH really? Get a clue you sheep!

    When I go to the gas station I get to choose what grade of gas I want. I always go premium but if you go low grade it may make your engine ping or leave guess what??? Contaminants! But I'm not forced into a certain grade I get to choose.

    When I go to the supermarket I get to choose what type of apples, bread, meats, etc... That I want to buy. There isn't only one option in each category. Oh yeah and I always wash my fruit and cook my meat for fear of contamination. It's just what I do. Now if I wanted to be risky I could go with unwashed fruit or not cook my red meat (kind of like installing a shady application). You see how that works???

    When I watch TV I want to see and hear explicit material. I am old enough to handle it and if I don't want to watch or hear I can change the channel. I like the choice though, thanks.

    We do research everyday with every single decision we make. I shouldn???t have to tell anyone to make sure they know what they are doing before they do it. Get an education or get an iPhone.

    It's the way I live buddy. I don't do anything I don't want to do. And I want to have choices instead of someone making them for me. I am in control. You obviously have no control and need someone to make decisions for you. Your weakness in life shows in your argument.

    And one last thing that may serve you well in life. NEVER ASSUME ANYTHING!
    kbz
    • RE: Google's Android Market 'Bouncer' - Does it offer enough protection?

      @kbz

      Engines don't ping because of contaminants. If your engine is pinging, it's because you using a grade of gas with a lower octane rating the engine requires.

      If you're putting in a higher octane than required, the engine won't ping, but you're wasting money.

      I'd suggest you do more research, buddy.
      msalzberg
  • Check app review

    This is the main issue while downloading any app from android market. So , we should always go checking of people who are using the app. This will help to download the correct app for your device.
    Android k