AAPL Stock: 110.38 ( + 0.8 )

Printed from

Google: we've scanned for Android viruses since 2011

updated 04:50 pm EST, Thu February 2, 2012

Google details Bouncer and says

Google's Android engineering VP Hiroshi Lockheimer has detailed a process of screening for malware at Android Market that it has quietly been running for the past year. Known as Bouncer, it automatically scans both incoming and existing apps for recognizable malicious code. The routine also runs the apps themselves and checks for hostile behavior in practice, hoping to catch apps with suspicious behavior.

The mobile OS developer also went on the defensive, reacting to a since-retracted Symantec claim that millions of Android devices might have malware infections. Google pointed to Android Market having a 40 percent drop in "potentially-malicious" apps over 2011. This was around the same time that companies were claiming Android malware was growing, Lockheimer said.

He reiterated some of the common tropes of Android's security measures, including sandboxing, an explanation of app permissions before downloading an app, and Google's ability to remotely pull apps if they're found to cause a problem later.

While potentially challenging the opinions of McAfee, Lookout, and other companies that have described a swell of Android spyware and viruses, the comments also gloss over genuine problems Google has had. Bouncer now appears to have been partly ineffective, since it allowed malicious apps multiple times over the course of 2011 that wasn't caught until days later and possibly thousands of infected devices. As described, it can't catch zero-day exploits and could still let scam apps through the store until it's too late.

Permissions have similarly been a regular point of criticism. Much like Windows Vista's over-aggressive security prompts, Android's permissions have often been criticized for not being clear and important enough to make users pay attention. They only catch certain instances of suspicious activity and won't find instances where calls, messaging, or other behavior was already expected.

Although Lockheimer noted that "no security approach is foolproof," there has yet to be an instance of genuinely malicious apps on the iOS App Store, where Apple requires active human approval rather than automatic screening. What code has existed has so far either been a deliberate experiment from a security expert or limited to jailbroken devices, where the OS' usual defenses have been lowered.

by MacNN Staff



  1. Paul Huang

    Joined: Dec 1969


    So very funny

    I don't know how to laugh anymore.

Login Here

Not a member of the MacNN forums? Register now for free.


Network Headlines

Follow us on Facebook


Most Popular


Recent Reviews

Polk Hinge Wireless headphones

Polk, a company well-established in the audio market, recently released a new set of headphones aimed at the lifestyle market. The Hin ...

Blue Yeti Studio

Despite being very familiar with Blue Microphones' lower-end products -- we've long recommended the company's Snowball line of mics ...

ZTE Spro 2 Smart Projector

Home theaters are becoming more and more accessible these days, but maybe you've been a bit wary about buying a home projector. And h ...


Most Commented