Google gives Android apps a security booster shot

Google gives Android apps a security booster shot

Summary: The Android team announced that it will be rolling out an upgrade consisting of always-on monitoring, intended to ensure all apps are operating securely.


Online security is being buzzed about more than ever in the wake of the unprecedented Heartbleed bug discovered this week.

While not entirely related, Google's latest security announcement is a long time coming anyway given that Android is repeatedly skewered by security researchers for being a prime target for mobile malware.

The Android team announced that it will be rolling out an upgrade consisting of always-on device monitoring, intended to ensure all apps are operating securely, even after installation.

Building upon the existing "Verify" apps warnings, Android security engineer Rich Cannings noted in a blog post on Thursday that the platform has already been used more than four billion times to check apps since last year.

While acknowledging ever-present, serious threats to the Android ecosystem (and connected devices at large), Cannings suggested that the program has been successful thus far.

Because potentially harmful applications are very rare, most people will never see a warning or any other indication that they have this additional layer of protection. But we do expect a small number of people to see warnings (which look similar to the existing Verify apps warnings]) as a result of this new capability. The good news is that very few people have ever encountered this; in fact, we’ve found that fewer than 0.18% of installs in the last year occurred after someone received a warning that the app was potentially harmful.

The extra security service layer is now available to devices running Android 2.3 and higher via Google Play.

Image via the Official Android blog

Topics: Security, Android, Google, Mobility, Web development

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • constant on device monitoring

    A dataminer's wet dream.
    • sounds just like every windows virus scanner....

      • no idea

        I don't use a virus scanner, but last time I looked Google didn't make one.

        They do make a browser for Windows, which also has a phone home feature (closed source of course), after all data needs to be mined, otherwise no revenue.
        • speaking of virusscaners

          I know of one that once flagged the browser discussed (Google Chrome) as malware. I remember there was quite some discussion about this, when in fact the diagnosis was actually 100% correct :)
          • Matter of opinion, not fact.

            Personally, I think IE is malware. And I remember when there was a virus scanner that even identified Windows as a virus - and deleted or quarantined the files such that a reboot failed.

            So in that case, the diagnosis was also 100% correct.
          • That's funny

            considering it didn't actually flag Windows as malware, just a few system files.

            But we can trust you to twist that story to suit your agenda.

            At the very least, IE does not phone home in the same way as Chrome, and contrary to chrome the user actually can disable any phone home feature in the browser. These phone home features are actually there to provide additional security, unlike in Chrome where their sole purpose is data mining.
          • Errr....

            Ever heard of a "false positive"? That is not a Microsoft goof but the idiots who developed the detection software for that software [would be surprised if it was Avast!].
          • Yup

            Consider Chrome Browser one big piece of malware. Still raking in more vulnerabilities reported than any other web browser. See
  • constant on

    Does this mean this app will suk up your data and bandwidth?
    • No.

      This feature is actually there for quite some time already since Jellybean or Ice cream sandwich (I can't remember which). It just does some checks with Google to see if that app was flagged as malicious and when somebody does flag and app as malicious and proven to/by Google this feature will automatically remove the malicious app.