• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Google unveils 'Bouncer' security service for Android Market

Bateluer

Bateluer

Lifer
http://googlemobile.blogspot.com/2012/02/android-and-security.html

Today we’re revealing a service we’ve developed, codenamed Bouncer, which provides automated scanning of Android Market for potentially malicious software without disrupting the user experience of Android Market or requiring developers to go through an application approval process.

The service performs a set of analyses on new applications, applications already in Android Market, and developer accounts. Here’s how it works: once an application is uploaded, the service immediately starts analyzing it for known malware, spyware and trojans. It also looks for behaviors that indicate an application might be misbehaving, and compares it against previously analyzed apps to detect possible red flags. We actually run every application on Google’s cloud infrastructure and simulate how it will run on an Android device to look for hidden, malicious behavior. We also analyze new developer accounts to help prevent malicious and repeat-offending developers from coming back.
Click to expand...

Android Market malware has been one of the most overblown stories of the year, but this is a good move from Google, I think.
 
Bateluer said:
Android Market malware has been one of the most overblown stories of the year, but this is a good move from Google, I think.
Click to expand...

It's definitely over-hyped, and I think part of the problem is that Google seems to have a fairly lax approval process, but that's another story. Unfortunately, I don't think that something like is going to be effective. If will be able to detect the low-hanging fruit, but it's not going to provide protection from anyone serious about sneaking something into their app store.

I'm not even sure why they bothered to announce any of the details of how their security works. It serves no benefit and only provides clues about how to best circumvent the system.
 
any negative press about Android is always overblown, didn't you know that?

but negative press about Apple is... truth (According to AndroidPolice)

anyhow, this is interesting moving forward. a good step. not sure how effective it is.
 
Mopetar said:
It's definitely over-hyped, and I think part of the problem is that Google seems to have a fairly lax approval process, but that's another story. Unfortunately, I don't think that something like is going to be effective. If will be able to detect the low-hanging fruit, but it's not going to provide protection from anyone serious about sneaking something into their app store.
Click to expand...

Why wouldn't it provide protection? It's not like most of these malicious apps are coded by so-called "talented" hackers. Most of the time we're looking at script kiddies just throwing in the latest trojan to a stolen app.
 
soccerballtux said:
awesome, yet another thing that wants to run in the background on Android.
Click to expand...

Isn't this a server-side addition, meaning it's running on google servers constantly monitoring and testing apps uploaded by devs to the android market, and not an app an end-user would install on their devices?
 
tdawg said:
Isn't this a server-side addition, meaning it's running on google servers constantly monitoring and testing apps uploaded by devs to the android market, and not an app an end-user would install on their devices?
Click to expand...

Correct. There's nothing downloaded, installed, or otherwise ran on the end user's phone.
 
Honestly if your that worried about security run droidwall and LBE privacy.

And dont sideload dodgy Chinese apps.
 
Mopetar said:
It's definitely over-hyped, and I think part of the problem is that Google seems to have a fairly lax approval process, but that's another story. Unfortunately, I don't think that something like is going to be effective. If will be able to detect the low-hanging fruit, but it's not going to provide protection from anyone serious about sneaking something into their app store.
Click to expand...

To be fair even Apple's stringent approval process won't stop someone skilled from sneaking something into the App Store. It wasn't that long ago that someone did just that as a proof of concept.
 
Patranus said:
If it was overblown then google wouldn't have pushed out this new service.
Click to expand...

Media coverage (online blogs, fanboys) can create a perception of a mountain where a mole hill exists. Google just as likely introduced this service to ease the public's minds and readjust the perception of the issue.
 
tdawg said:
Media coverage (online blogs, fanboys) can create a perception of a mountain where a mole hill exists. Google just as likely introduced this service to ease the public's minds and readjust the perception of the issue.
Click to expand...
Like I said, any negative press about Apple iOS is far more overblown than about Android. Anytime there's negative press about Android though, the phandroids here say it's no big deal, and "overrated." To the OP, everything is overblown and a non issue. Malware, fragmentation, etc. Fragmentation is the reason why 6 months after a phone's release (SGS2), when CM7.1 dropped, it wasn't even fully working. I'm not complaining about the CM team, but I'm saying development is an issue because so much resources are used trying to develop for every phone.
 
Last edited:
Puddle Jumper said:
To be fair even Apple's stringent approval process won't stop someone skilled from sneaking something into the App Store. It wasn't that long ago that someone did just that as a proof of concept.
Click to expand...

I remember not too long ago an Apple dev put in unauthorized tethering in his game or app and it went to market without an issue. It took a while for them to notice and eventually pull it, but anybody who still had it on their phone could still use it. Since it was an official app you didn't need to be jailbroken to use it.
 
DLeRium said:
Like I said, any negative press about Apple iOS is far more overblown than about Android. Anytime there's negative press about Android though, the phandroids here say it's no big deal, and "overrated." To the OP, everything is overblown and a non issue. Malware, fragmentation, etc. Fragmentation is the reason why 6 months after a phone's release (SGS2), when CM7.1 dropped, it wasn't even fully working. I'm not complaining about the CM team, but I'm saying development is an issue because so much resources are used trying to develop for every phone.
Click to expand...

Heh, custom rom development doesn't even factor into the fragmentation equation because the user base is next to non-existent next to the total Android user base. Manufacturers (Motorola) releasing two dozen different devices and fragmenting their resources isn't related to Android, its just the manufacturer being stupid.

Fragmentation would imply that app developers are having a difficult time developing for Android. Clearly, not the case. And when big name companies trumpet the fragmentation angle, big name app developers quickly refute them.

Malware has been overblown because despite the blogs and iFanatics whining about it, nothing has actually happened over it. For all the press its gained, and people love to attack the big guy for anything they can, the average user isn't a complete idiot. They can tell that the app with broken English, half in Chinese, advertising nudity and bikini stripping live wallpapers is probably a bad idea to download. Maybe iOS users aren't smart enough to know not to download that . . .
 
Puddle Jumper said:
To be fair even Apple's stringent approval process won't stop someone skilled from sneaking something into the App Store. It wasn't that long ago that someone did just that as a proof of concept.
Click to expand...

That's the point. Apple most likely uses several static analysis tools similar to this in order to determine whether or not an app is trying to do something malicious or violates other guidelines. The problem is that static analysis is not capable of detecting all possible attack vectors and in many cases will generate a lot of false positives. Even if you have someone manually check every line of code, there are still a lot of ways to sneak something past a reviewer.

There's no such thing as guaranteed protection. There's always going to be a new privilege escalation exploit out there and even if there weren't there's no way to stop people from acting like idiots and providing the permissions for something malicious to run.

I think it would have been much better for Google to remain silent about this. They've tipped their hat and it's going to alert some would-be-malcontents about changes in security. It's much better to catch these criminals unaware and try to catch them than it is to just flag their app and get rid of it. They'll immediate know something is up and just try something else.

No one's app store is completely safe, nor will any ever be completely safe. However, this seems more like a PR move than anything else. It would be better PR if they would implement these changes and then announce that they've arrested several people putting malware on the Android store.
 
Mopetar said:
It would be better PR if they would implement these changes and then announce that they've arrested several people putting malware on the Android store.
Click to expand...

Sounds good, but remember the people putting malware on the Market are young script kiddies. We're not talking about large, organized developers here.
 
Bateluer said:
Sounds good, but remember the people putting malware on the Market are young script kiddies. We're not talking about large, organized developers here.
Click to expand...

Given the rapid growth of the smartphone market, it won't be long before someone with the backing of a major organization starts targeting these devices, especially if they start to become used as payment methods.
 
Hahaha, check out this quote from McAfee on Wired. (via Dianne Hackborn)

“The official Android Market is the smaller target,” McAfee mobile security researcher Jimmy Shah told Wired in an interview. “That’s the area we’ve seen the least malware in thus far.”
Click to expand...
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top