There’s been a lot of discussion surrounding Android’s security, or lack thereof, due to a spate of malicious apps that have previously circulated in the Android Market. Most recently, a claim by Symantec estimated that 13 apps containing a Trojan horse called “Android.Counterclank” may have infected anywhere from 1 million to 5 million users. This, apparently, did not sit well with Google. The search giant announced today a new tool called Bouncer that aims to help detect nefarious apps. Let the duel between Google and hackers begin.
Bouncer is designed to automatically scan the Android Market “for potentially malicious software without disrupting the user experience of Android Market or requiring to go through an application approval process.” According to Google, the service will analyze new applications as they become available for malware, spyware and trojans. In addition, previous Android Market applications and developer accounts will be scanned by Bouncer. What about updates to apps?
Well, Bouncer has been designed to look for behaviors that indicate an app might be operating in a malicious way. To test this, Google simulates every application in its cloud infrastructure to understand how it’ll run on an Android device. If any red flags are raised, Bouncer promises to catch malware before it spreads.
Google says the service has been running for a while now. Compared to the first half of 2011, the Mountain View-based company said there was a 40 percent decrease at the tail end of last year. “While it’s not possible to prevent bad people from building malware, the most important measurement is whether those bad applications are being installed from Android Market – and we know the rate is declining significantly.”
With Android gobbling up a huge chunk of the mobile market, any step toward a more secured Android Market is a step in the right direction. Despite its flaws, Google is actively working toward squashing malicious apps before they can even be downloaded. Google is, however, still proceeding with the utmost caution, “No security approach is foolproof, and added scrutiny can often lead to important improvements. Our systems are getting better at detecting and eliminating malware every day, and we continue to invite the community to work with us to keep Android safe.”