Mall cops in the Android Market
If you want to develop an app for Android-based phones, Google says “go for it.” There’s really nothing stopping you from writing the code and getting your app into the Android Market, unlike Apple’s App Store, which runs each app through a series of tests and guidelines. Because of this policy Google has been burned with malware-infected apps spreading through its store. It’s just come to light, however, that there’s a virtual pit bull, who goes by the name Bouncer, roaming the aisles of the Android Market trying to protect us from the bad guys. In a blogpost yesterday, Android VP of engineering, Hiroshi Lockheimer, writes, “once an application is uploaded, the service immediately starts analyzing it for known malware, spyware and trojans. It also looks for behaviors that indicate an application might be misbehaving, and compares it against previously analyzed apps to detect possible red flags.” And according to Lockheimer, it’s working. “The service has been looking for malicious apps in Market for a while now, and between the first and second halves of 2011, we saw a 40% decrease in the number of potentially-malicious downloads from Android Market.”
Bouncer sounds like a good idea, but as always, don’t let your guard down. For every Bouncer scanning for malware, there’s a crook trying to feed him a poisoned t-bone.