I won’t say that malware isn’t a problem for Android, but certainly not as big as the press would like you to believe. Even a little is still a problem, and thankfully Google feels the same way. Today Google revealed a new service called Bouncer, which automatically scans the Android Market for potential malicious software. It happens behind the scenes and developers won’t have to go through any application approval process.
When an application us uploaded, Bouncer will immediately start scanning it for known malware, spyware, and trojans. This goes beyond a scan because Bouncer will run every application on Google’s cloud infrastructure and simulate how it will run on an Android device in an attempt to look for any hidden or malicious behavior. New developer accounts will be analyzed further and more often to prevent repeat offenders.
This service has actually been running for a while now. Google claims a 40% decrease in the number of occurrences in the second half of 2011 as opposed to the first half.
Google goes on to say that they originally designed Android to make mobile malware to be less disruptive. For example, when it comes to PCs, malware has the potential to misuse information, but with Android it’s a lot harder to do. Android’s built-in security features include:
- Sandboxing: The Android platform uses a technique called “sandboxing” to put virtual walls between applications and other software on the device. So, if you download a malicious application, it can’t access data on other parts of your phone and its potential harm is drastically limited.
- Permissions: Android provides a permission system to help you understand the capabilities of the apps you install, and manage your own preferences. That way, if you see a game unnecessarily requests permission to send SMS, for example, you don’t need to install it.
- Malware removal: Android is designed to prevent malware from modifying the platform or hiding from you, so it can be easily removed if your device is affected. Android Market also has the capability of remotely removing malware from your phone or tablet, if required.
I never saw malware as being a big concern, but like I said, even the smallest amount of malware is an issue and thanks to Google, we can rest easy knowing Bouncer is working 24/7.
source: google mobile blog