Get news 
- May 23, 2012 14:00 PM Join us for a conversation between Carla Wolfe, one of the main characters in this story, and Chris ...
- May 23, 2012 14:00 PM Jon Arnold’s presentation will review the trends and drivers that have brought us to the present s ...
- May 23, 2012 14:00 PM Join Bank Systems & Technology, Netop, and Forrester Research for a free one-hour webcast that explo ...
Loading Carousel Data, Please wait ..
BYTE Technologists
BYTE Categories
BYTE Newsletter
Keep up with all the BYTE News and Reviews
Google's Bouncer Ejects Malware From Android Market
Category: Tablets, Smartphones
Google, which has always maintained that the Android Market, although not immune to malware, was not heavily affected by it, revealed Thursday it has been using a technology called Bouncer to monitor apps for malware. Although only saying that Bouncer has been in use "for a while now," Google said it saw a 40% reduction in the number of potentially malicious apps downloaded from the market between the first and second halves of 2011. Bouncer removes apps that it identifies as containing malware, spyware, or trojans.
More Insights
Webcasts
- Thriving in a Multi-Platform World: Integrating Mobile Device Management into Your Overall Security Strategy
- CTO to CTO: Scott Davies, VMware, and Jim Davies, Mitel, Give Voice to the Virtual Desktop
White Papers
- The Best Way to Build a Cloud
- Virtualizing Tier 1 Applications: A Critical Step on the Journey Toward the Private Cloud
Reports
More >>Google is quick to point out that the significant reduction in potentially dangerous applications occurred in the same time frame that anti-virus vendors made a lot of noise, well covered in the media, about the huge growth in malware-infected applications coming straight from the Android Market to users' devices. It's no secret that Google does not think well of anti-virus vendors, which it has called "charlatans" for selling anti-virus software. Google has said anti-virus software is a worse blight than the malware itself.
Bouncer looks at applications in the Market and in developer accounts, searching for known code or behaviors that seem suspicious, and comparing new apps against previously uploaded versions. Additionally, apps are run on what is likely--Google doesn't say--an Android simulator in the Google Cloud to look for behaviors that are not obvious from the code analysis.
Red-flag behaviors result in the app being pulled from the Market, and can also result in the developer's account being closed for repeated malicious behavior. Google also has the capability to remove an app from a user's device via its Remote Application Removal feature. This feature has been rarely used to this point, with Google only commenting on its use in removing a test app that a security researcher uploaded to the market.
Google cautions users to look at the permissions that an app requests, and if the requests seem suspicious, to stop the installation. Of course, this means users have to understand the permissions being granted, and for most non-technical users, this is an onerous requirement. So far, nothing has been released via the Market that can't be removed by simply uninstalling the offending app. Should that change, then Google's offhand approach to protecting users might see a change.
Related Reading
 |
To upload an avatar photo, first complete your Disqus profile. | View the list of supported HTML tags you can use to style comments. | Please read our commenting policy. |
COMMENTS
Tune In to BYTE
Related Webcasts
- Thriving in a Multi-Platform World: Integrating Mobile Device Management into Your Overall Security Strategy
- CTO to CTO: Scott Davies, VMware, and Jim Davies, Mitel, Give Voice to the Virtual Desktop
- What Impact Will Windows 8 Have on the Tablet Market?
- SMB Server Guide: Meeting Email, Virtualization, and Business Application Challenges
- Videoconferencing: Business & the Big Picture
Whitepapers
In this paper you will learn the five trends shaping
the future of enterprise mobility. Learn how the rise of social media as
a business application, the lurring between work and home, the emergence
of new mobile devices, the demand for tech savvy employees and changing
expectations of corporate IT will fundamentally change the workplace.
In a survey of more than 1,700 information workers
(iWorkers) in North America, notebooks, desktops, and smartphones were
found to be “must-have” devices, while tablets, slates, and netbooks
were relegated to “nice-to-have” status, according to a commissioned
study conducted by Forrester Consulting on behalf of Dell and Intel.
Upcoming Events
Oct 20: Becoming a Security Detective - Gathering and Analyzing Security Intelligence in the Enterprise
In this all-day virtual event, experts will offer detailed insight in how to collect security intelligence in the enterprise, and how to analyze and study it in order to efficiently identify new threats as well as low-and-slow attacks such as advanced persistent threats. Register today!
Platinum Sponsors: ArcSight, NetIQ, Proofpoint, Thawte
Gold Sponsor: Q1 Labs
October 6: InformationWeek 500 Virtual Event: The Need for Speed
At the 2011 InformationWeek 500 Virtual Conference, C-level executives from leading global companies will gather to discuss how their organizations are turbo-charging business execution and growth.
Platinum Sponsor: ArcSight, Workday
Gold Sponsor: IBM
Aug 25: InformationWeek & Dark Reading present: How Security Breaches Happen and What Your Organization Can Do About Them
Attendees will get insights on how to prevent breaches from happening, how to research and identify the source of a breach, and how to remediate a compromise as quickly and efficiently as possible.
Platinum Sponsor: ArcSight, NetIQ, Thawte
Gold Sponsors: Lumension, NetGear, GFI
Silver Sponsor: Motorola
July 28: InformationWeek & Symantec present: Infrastructure at Risk -- Taking Decisive Action to Secure Your Critical Data Assets
Join the editors of InformationWeek and leading security experts from Symantec for an in-depth look at the current threats faced by large and small organizations, and the implications for your business, your customers, and even your country. You'll hear how today's threat landscape is changing drastically, and learn the latest countermeasures and best practices to keep your company's precious data assets out of the hands of determined cybercriminals.
July 27: Electronic Health Records -- Moving from Concept to Reality
At this InformationWeek Healthcare Virtual Event, we will talk with healthcare practitioners, IT professionals and other industry experts about issues surrounding EHR selection, deployment and use.
Platinum Sponsor: HP, Intel, GBS, Geotrust, NextGen
Silver Sponsor: Proofpoint
On-Demand: InformationWeek & Interop present: Business Mobility Unleashed
In this virtual event, the leaders behind InformationWeek Business Technology Network and Interop zero in on the top mobile technologies and techniques you'll need to understand and master to ensure your organization thrives in the wireless world.
Platinum Sponsors: Alcatel-Lucent, APC
Gold Sponsor: HP
Silver Sponsor: Emerson Network Power
Bronze Sponsor: Skybot
On-Demand: Cybersecurity Best Practices
In this half-day virtual event, experts assess the state of cybersecurity in government and present the latest strategies for creating a more secure, attack-proof IT infrastructure. This event will help CISOs and other information assurance professionals in federal, state, and local government stay on top of the latest developments in the field.
Platinum Sponsor: GeoTrust
Gold Sponsor: Bit9
On-Demand: Data Center Transformation
Data centers are undergoing incredible transformations that create
both opportunities and challenges for IT professionals. Server virtualization enables rapid provisioning,
more efficient use of resources, and improved disaster recovery. That trend will continue with storage and network virtualization,
allowing IT pros to further abstract -- and optimize -- data center resources.In this virtual event, you will learn how prepare your organization for a data center transformation.
Platinum Sponsors: AMD, APC, Cisco, Eaton, SunGard
Gold Sponsor: Emerson Network Power
On-Demand: Cloud Computing Roadmap: Controlling the Cloud - Managing, Optimizing and Integrating Cloud Services with Your Existing IT Infrastructure
In this virtual event, you'll learn how to craft your own strategy for successfully embracing and integrating new cloud computing capabilities without derailing or destroying your current IT roadmap.
Platinum Sponsors: ArcSight, GoToAssist, SunGard, thawte
Gold Sponsor: Symform
Silver Sponsor: Skybot
On-Demand: Plugging the Leaks -- Finding and Fixing the IT Security Holes in your Enterprise
In this virtual event presented by Dark Reading and InformationWeek, you'll find out how criminals target the flaws in your IT environment, and you'll get some insight on the best methods for finding and fixing your vulnerabilities -- before you're hit by malware or unauthorized access.
Platinum Sponsors: NetIQ, Novell, thawte, Webroot
Gold Sponsors: ArcSight, Bit9, OpenText
Silver Sponsor: Application Security, Core Security, Lumension
The 2011 Informationweek 500 Conference will be held at the beautiful St. Regis Monarch Beach Resort, Dana Point, CA. Mark your calendars for September 11-13, 2011.
InformationWeek Healthcare IT Leadership Forum
Related Reports
Related Whitepapers
