AAPL Stock: 117.81 ( -0.22 )

Printed from

Google: we've scanned for Android viruses since 2011

updated 04:50 pm EST, Thu February 2, 2012

Google details Bouncer and says

Google's Android engineering VP Hiroshi Lockheimer has detailed a process of screening for malware at Android Market that it has quietly been running for the past year. Known as Bouncer, it automatically scans both incoming and existing apps for recognizable malicious code. The routine also runs the apps themselves and checks for hostile behavior in practice, hoping to catch apps with suspicious behavior.

The mobile OS developer also went on the defensive, reacting to a since-retracted Symantec claim that millions of Android devices might have malware infections. Google pointed to Android Market having a 40 percent drop in "potentially-malicious" apps over 2011. This was around the same time that companies were claiming Android malware was growing, Lockheimer said.

He reiterated some of the common tropes of Android's security measures, including sandboxing, an explanation of app permissions before downloading an app, and Google's ability to remotely pull apps if they're found to cause a problem later.

While potentially challenging the opinions of McAfee, Lookout, and other companies that have described a swell of Android spyware and viruses, the comments also gloss over genuine problems Google has had. Bouncer now appears to have been partly ineffective, since it allowed malicious apps multiple times over the course of 2011 that wasn't caught until days later and possibly thousands of infected devices. As described, it can't catch zero-day exploits and could still let scam apps through the store until it's too late.

Permissions have similarly been a regular point of criticism. Much like Windows Vista's over-aggressive security prompts, Android's permissions have often been criticized for not being clear and important enough to make users pay attention. They only catch certain instances of suspicious activity and won't find instances where calls, messaging, or other behavior was already expected.

Although Lockheimer noted that "no security approach is foolproof," there has yet to be an instance of genuinely malicious apps on the iOS App Store, where Apple requires active human approval rather than automatic screening. What code has existed has so far either been a deliberate experiment from a security expert or limited to jailbroken devices, where the OS' usual defenses have been lowered.

by MacNN Staff



  1. Paul Huang

    Joined: Dec 1969


    So very funny

    I don't know how to laugh anymore.

Login Here

Not a member of the MacNN forums? Register now for free.


Network Headlines

Follow us on Facebook


Most Popular


Recent Reviews

Ultimate Ears Megaboom Bluetooth Speaker

Ultimate Ears (now owned by Logitech) has found great success in the marketplace with its "Boom" series of Bluetooth speakers, a mod ...

Kinivo URBN Premium Bluetooth Headphones

We love music, and we're willing to bet that you do, too. If you're like us, you probably spend a good portion of your time wearing ...

Jamstik+ MIDI Controller

For a long time the MIDI world has been dominated by keyboard-inspired controllers. Times are changing however, and we are slowly star ...


Most Commented