It looks like the care-free days of malware miscreants running amuck in the Android Marketplace may soon be over, as Google has hired a Bouncer to give those pesky viruses the bum’s rush. In a move that falls under the “Its about Time” category, Google is attempting to bring an end to the veritable viral free-for-all in its app market by installing a new security system—aptly named Bouncer—that will reportedly, “scan incoming apps and scrutinize developers in order to weed out software that may contain malicious code.”
There’s no question that mobile malware has been a growing concern over the past year, particularly for Android, which has the dubious distinction of being the most popular target for underhanded developers and their malicious code.
By installing this invaluable level of mobile security Google will undoubtedly make all of our Android mobile devices a little more safe and secure, and will hopefully have much of the malicious malware hearing the phrase I’m sure many of have heard while attempting to get into that one exclusive club, “You’re not on the list.” But will it be enough to keep Android users safe?
Historically Google has seemingly not concerned itself overmuch with the threat of malware in its free open source Android platform. Perhaps due to the naïveté that all developers hold to Google’s own “Don’t Be Evil” philosophy or perhaps due to simple ignorance or ineptitude, Android has turned into a breeding ground for viruses and other malicious code.
While Android users have had to suffer this malware for several years now—with my first report on Android malware written way back in 2010—you just knew that Google simply couldn’t continue to run such a shoddy operation when faced with the rigorous screening process its closest competitor Apple puts its developers through before they can sell software at the latter’s App Store.
But will Bouncer keep all of us Android users safe, or will it simply let in the good looking malware and the ones willing to slip it a fifty like every other bouncer in the world? From initial analysis, there is some consensus that Bouncer may be just what the Android Marketplace needs to beef up its security.
As I mentioned, Bouncer works like a Marketplace door man, analyzing each app as it’s uploaded to the Market, scans it for potential threats, trojans, or spyware and runs a background scan on the developer to see if any previous malicious history has been reported. If the app or the developer fails any of these tests they will be turned away.
Should the app pass this initial scan and be loaded into the Marketplace, Bouncer will run a simulation of the software on Google’s cloud infrastructure, allowing it to assess any latent threats that might appear when activated on an actual Android mobile device. Finally, Bouncer will maintain a standard of security by running repeated scans on existing apps, just to make sure nothing has slipped by its watchful gaze.
But the question remains, is Google’s reactive Bouncer software as effective as Apple’s proactive—and quite draconian—developer approval process? Say what you will about Apple’s annoying standards, the company has found a way to limit malicious malware by stopping threats before they ever hit the store. Google’s Bouncer, on the other hand, is nothing more than an antiviral watchdog, and if there’s one thing we’ve learned over the years about antivirus software, hackers and spammers will always find a way to stay one step ahead.