More

Android Market's 'Bouncer' Security Service Aimed At Fighting Growing Malware Threat

Android Market

First Posted: 02/ 2/2012 7:50 pm Updated: 02/ 3/2012 5:34 pm

Inspiring
 Funny
 Obsolete
 Scary
 Must-Have
 Amazing
 Innovative
 Nerdy


By Gerry Shih

SAN FRANCISCO (Reuters) - Google Inc has been quietly policing its online store for months now in an acknowledgement of malware's growing threat to its increasingly popular Android mobile software.

The new sheriff in town is Bouncer: a security service Google put in place to scan new apps as developers load them onto Market, its applications store.

Bouncer sweeps apps for potentially malicious behavior and also analyzes new developer accounts to prevent "repeat-offenders" from distributing their wares, Google says. Those heightened efforts are paying off, it added.

"While it's not possible to prevent bad people from building malware, the most important measurement is whether those bad applications are being installed from Android Market - and we know the rate is declining significantly," Hiroshi Lockheimer, a vice president of engineering at Google's Android unit, wrote in a blog post Thursday.

With the implementation of Bouncer, Google noticed a 40 percent drop in the number of "potentially malicious downloads" from Android Market at a time when the proliferation of malware was beginning to become a problem, according to Lockheimer.

Lookout, a security research firm, published a report in December estimating that more than $1 million had been stolen from Android users in 2011 as a result of malicious software downloads, and said that figure could rise dramatically.

Lookout's cofounder, Kevin Mahaffey, lauded Google's moves.

"It is great that Google is working with the Android community to provide an alternative to a manual curation process, allowing developers to innovate quickly while also increasing the baseline level of security for Android users," Mahaffey said.

Bouncer marks a new direction for Google, which until now has trumpeted its laissez-faire approach to managing the apps market - as opposed to Apple Inc, which famously subjects apps to a rigorous evaluation process before they can be downloaded.

The freedom of the Android market - and developers' preference for its openness - has helped boost the platform's swift growth and sharpen its competition with Apple's iOS mobile platform. In December, less than three years after it was launched, Android Market reached 10 billion total downloads.

"The reason that Android is kind of cool is you can do anything you want and there's no overlord," said Charlie Miller, a security consultant with Accuvant who made news last year when he smuggled malware onto Apple's App Store to demonstrate its vulnerability.

"But Google is doing the smart thing," Miller said, "Malware was getting to be a bit of a problem and it's better to take care of it now instead of letting get out of control."

(Reporting By Gerry Shih; Editing by Richard Chang)

Related on HuffPost:

FOLLOW HUFFPOST TECH

By Gerry Shih SAN FRANCISCO (Reuters) - Google Inc has been quietly policing its online store for months now in an acknowledgement of malware's growing threat to its increasingly popula...
By Gerry Shih SAN FRANCISCO (Reuters) - Google Inc has been quietly policing its online store for months now in an acknowledgement of malware's growing threat to its increasingly popula...
Related News On Huffington Post:
 

Filed by Ramona Emerson  | 

More in Technology...


 
 
  • Comments
  • 55
  • Pending Comments
  • 0
  • View FAQ
Comments are closed for this entry
View All
Favorites
Recency  | 
Popularity
photo
smoknjoe
97 Fans
03:40 AM on 02/05/2012
Thank you, Google! I have a funny feeling a lot of "free" apps will be disappearing. :)
Permalink  |
This user has chosen to opt out of the Badges program
photo
Krek
510 Fans
01:54 PM on 02/03/2012
"The reason that Android is kind of cool is you can do anything you want and there's no overlord,"

I'd rather have a set up like that, even with the threat of malware, than having no choice at all.
Permalink  |
photo
HUFFPOST SUPER USER
theveggiedude
my body is a temple, not a living graveyard
261 Fans
 
02:11 PM on 02/03/2012
But there is an overload today, and its name is Bouncer. It's about time, and we all knew they would implement at least some of what Apple has been doing all along.
Permalink  |
This user has chosen to opt out of the Badges program
photo
Krek
510 Fans
02:37 PM on 02/03/2012
Bouncer is only for Google Market apps. You can still sideload apps from other trustworthy developers. You can't do that ootb on iOS (or WP7 for that matter).
Permalink  |
StinkyPete0279
45 Fans
11:37 AM on 02/04/2012
No there's not. Amazon's app store, GetJar, sideloading...don't you ever get tired of being wrong?
Permalink  |
icposse2000
132 Fans
12:58 PM on 02/03/2012
When a vice president of engineering on the Android team says that "malware was beginning to become a problem" you can bet it was much farther along than that. We'll see whether bouncer has any long-term effect or whether the malware authors learn what it scans for and the cat and mouse game continues.
Permalink  |
This user has chosen to opt out of the Badges program
dweston82
27 Fans
01:05 PM on 02/03/2012
It will still be a while until we allow Android devices on our networks.
Permalink  |
photo
perpetualsanity
82 Fans
12:52 PM on 02/03/2012
iOS any day. Keep your malware.
Permalink  |
photo
AJH1993
8 Fans
 
01:59 PM on 02/03/2012
Customization any day. Keep your boring UI and iTunes BS
Permalink  |
Blup
65 Fans
02:17 PM on 02/03/2012
A customized phone isn't all that special if your data is being looted.
Permalink  |
photo
joebaggadonuts
Civilization: Evolutionary pathway of choice.
967 Fans
12:17 PM on 02/03/2012
It's false pride that allows google to design a program for enforcement of policies, and then when those policies are enforced by the program, assume the metrics showing that it has reduced the bad behavior the policies were designed to enforce went down. What went down were the activities which transgressed the metrics the policy was designed to improve. If you follow this, read Taleb's Black Swan and get rid of insane reliance on dangerous statistics.
Permalink  |
photo
soundping
America: Love it or leave it !
599 Fans
12:02 PM on 02/03/2012
At least their not charging for this.
Permalink  |
AnonymousByChoice
5 Fans
11:57 AM on 02/03/2012
Thankfully I don't have to deal with this nonsense on my iPhone. Or my Mac.
Permalink  |
Archontruth
9 Fans
12:01 PM on 02/03/2012
No, you just have to suck from the Apple teat and accept that you don't really own your music or content even once you've paid for it.
Permalink  |
nschomer
Scientifically Progressive Libertarian Socialist
183 Fans
12:16 PM on 02/03/2012
Unfortunately that's the business model that is taking hold. Try buying a PC game today, you don't actually get a disk with the game on it, you get a rental from steam that takes 3 hours to download.
Permalink  |
photo
JasonMcl
8(Na) + 8(Na) = BACHMAN
317 Fans
12:11 PM on 02/03/2012
Yeah, you can use anything that Apple has pre-selected for you without all that burden of personal responsibility or choice.
Permalink  |
photo
Paul McMenamy
7 Fans
12:30 PM on 02/03/2012
Apple has made my life better, in dramatic ways. I know, I am not as smart or educated as you are. I am thankful for that.
Permalink  |
photo
HUFFPOST SUPER USER
theveggiedude
my body is a temple, not a living graveyard
261 Fans
 
02:14 PM on 02/03/2012
With 500 million apps at my disposal, I don't feel your pain. That's plenty of personal responsibility and choice I need to have, thank you.
Permalink  |
This user has chosen to opt out of the Badges program
photo
Sixtyplusfour
151 Fans
11:57 AM on 02/03/2012
Google Inc is the biggest malware threat to the Internet their spy apparatus is everywhere
as the company announced several weeks ago.
Permalink  |
photo
HUFFPOST SUPER USER
GOP Lie Detector
Shining A Light on Lying Republicans
336 Fans
 
12:08 PM on 02/03/2012
Conspiracy nut alert. Yea....did you hear Mr. google can see through your TV too? Better sell all your non-apple stuff. The rest is under control by "the Google"
Permalink  |
photo
HUFFPOST SUPER USER
JCurley
Suddenly it makes sense! Nothing makes sense.
260 Fans
12:52 PM on 02/03/2012
What he said is not entirely false.
Permalink  |
photo
Rokgoo
looking for the right side of the left
90 Fans
11:53 AM on 02/03/2012
Bouncer's software engineer on day, malware writer at night, this is a common type of job creation in this field ;-)
Permalink  |
photo
jabreal00
84 Fans
11:37 AM on 02/03/2012
Once the bad guys seriously ramp up efforts to thwart any kind of policing Android market will become the equivalent of a digital ghetto. Myspace turned into digital ghetto with profligate spam, malware and creeps. People fled en masse. Unless Google seriously clamp down, word will spread of these increasing malware and people will flee to iOS or Windows based phones.
Permalink  |
Archontruth
9 Fans
12:03 PM on 02/03/2012
Except that the Windows Mobile OS is still a steaming pile of s**t, and with Apple you're trading the possibility of malware for the certainty of ridiculous DRM and a corporate attitude that you don't really own your music and content even when you've paid for it.
Permalink  |
photo
HUFFPOST SUPER USER
theveggiedude
my body is a temple, not a living graveyard
261 Fans
 
02:08 PM on 02/03/2012
I own all the music I have bought from iTunes. There is no DRM on it. Where do you get your information?
Permalink  |
photo
jabreal00
84 Fans
03:56 PM on 02/03/2012
Your statement is either a bold-face lie or you are severely misinformed. Apple sells DRM-free music tracks for the last 3-4 years. They are AAC format so it cannot be univerally played on all devices like MP3. However, people can share songs without any problems. Android market place will be like Myspace in one to two years.
Permalink  |
photo
JasonMcl
8(Na) + 8(Na) = BACHMAN
317 Fans
12:18 PM on 02/03/2012
Yeah, something needs to be done about people being able to install whatever they want, all willy-nilly, on the devices they own. We need a closed system with an authority designed to protect people from themselves and their ability to choose available software for our platform that does not have our explicit approval!

Afterall, we saw how poorly the PC market did in the last 2 decades with its crazy open development ideas... Remember when Y2K shut down all of them for good? I'll bet if we had closed development that would never have happened.
Permalink  |
photo
HUFFPOST SUPER USER
Post31
Good grief!!!
224 Fans
 
11:19 AM on 02/03/2012
Googles lies are adding up.
Permalink  |
Mystigo
16 Fans
11:12 AM on 02/03/2012
Wow, wainbows and uincawns faw evwyone.
Permalink  |
photo
HUFFPOST SUPER USER
gfs5541
575 Fans
 
10:58 AM on 02/03/2012
And remember, Android is FREE and OPEN.
Permalink  |
Archontruth
9 Fans
12:05 PM on 02/03/2012
To legitimate developers, yes. To criminals, no. Do you also run your computer without virus protection because it would limit the "freedom" of your internet connection?
Permalink  |