Google's Bouncer Ejects Malware From Android Market - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Mobile // Mobile Devices
04:53 PM
Connect Directly

Google's Bouncer Ejects Malware From Android Market

Meet Bouncer, a technology Google has been using to continuously scan and test apps in the Android Market for malicious behavior.

Google, which has always maintained that the Android Market, although not immune to malware, was not heavily affected by it, revealed Thursday it has been using a technology called Bouncer to monitor apps for malware. Although only saying that Bouncer has been in use "for a while now," Google said it saw a 40% reduction in the number of potentially malicious apps downloaded from the market between the first and second halves of 2011. Bouncer removes apps that it identifies as containing malware, spyware, or trojans.

Google is quick to point out that the significant reduction in potentially dangerous applications occurred in the same time frame that anti-virus vendors made a lot of noise, well covered in the media, about the huge growth in malware-infected applications coming straight from the Android Market to users' devices. It's no secret that Google does not think well of anti-virus vendors, which it has called "charlatans" for selling anti-virus software. Google has said anti-virus software is a worse blight than the malware itself.

Bouncer looks at applications in the Market and in developer accounts, searching for known code or behaviors that seem suspicious, and comparing new apps against previously uploaded versions. Additionally, apps are run on what is likely--Google doesn't say--an Android simulator in the Google Cloud to look for behaviors that are not obvious from the code analysis.

Red-flag behaviors result in the app being pulled from the Market, and can also result in the developer's account being closed for repeated malicious behavior. Google also has the capability to remove an app from a user's device via its Remote Application Removal feature. This feature has been rarely used to this point, with Google only commenting on its use in removing a test app that a security researcher uploaded to the market.

Google cautions users to look at the permissions that an app requests, and if the requests seem suspicious, to stop the installation. Of course, this means users have to understand the permissions being granted, and for most non-technical users, this is an onerous requirement. So far, nothing has been released via the Market that can't be removed by simply uninstalling the offending app. Should that change, then Google's offhand approach to protecting users might see a change.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Can Cloud Revolutionize Business and Software Architecture?
Joao-Pierre S. Ruth, Senior Writer,  1/15/2021
10 IT Trends to Watch for in 2021
Cynthia Harvey, Freelance Journalist, InformationWeek,  12/22/2020
How CDOs Can Build Insight-Driven Organizations
Jessica Davis, Senior Editor, Enterprise Apps,  1/15/2021
White Papers
Register for InformationWeek Newsletters
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you.
Flash Poll