If your name's not down, you're not coming in...

Google’s Bouncer adds new security layer for Android

Chris Mayer

Google publicly confirm that Bouncer has been covertly scouting the Android market for month

After vehement critical attacks, as well as literal ones, Google
has formalised their battleplan for the war on Android malware –
publicly revealing a new security agent, Bouncer.

Hiroshi Lockheimer, VP of Engineering at Android,
detailed more about the new service
which aims to clamp down on
the frankly virulent malware that has plagued Android’s Market for
the past year, due to the rapid adoption of the platform.

The technology provides automated scanning of Android Market for
potentially malicious software, crucially without disrupting the
user experience of Android Market performancewise. Nor does it
require developers to go through an application approval process, a
la Apple or Microsoft, although some might still advocate this
further for better security. This appears to be ‘the Google way’ of
doing it.

Lockheimer discussed how the process worked within his
announcement saying:

Once an application is uploaded, the service immediately starts
analysing it for known malware, spyware and trojans. It also looks
for behaviours that indicate an application might be misbehaving,
and compares it against previously analysed apps to detect possible
red flags.

He added that every application was already put through a
rigourous process to check for security flaws, running on Google’s
cloud infrastructure and also simulated to see how it would run on
an Android device. New developer accounts are analysed to keep out
repeat-offender developers – hence the name Bouncer.

It appears that this tactic has paid off, with Lockheimer
reporting ‘a 40% decrease in the number of potentially-malicious
downloads from Android Market’ since Bouncer was deployed in the
second half of 2011. This is more impressive given that the
majority within the industry are reporting that malware is on the

The Android platform has grown astronomically, as Lockheimer
notes ‘device activations grew 250% year-on-year, and the total
number of app downloads from Android Market topped 11 billion’.

It appears that Google has finally got a grip on the malware
problem that was spiralling out of control, at least for now.
However Lockheimer admits that whilst they are striving towards a
secure market, ‘no security approach is foolproof’.

Either way, this formal announcement is sure to ward off some of
the harshest critics of Android’s biggest problem and reassure
developers that their applications are safe with the green droid
getting a nightstick to wield. The community’s backing is needed
too for a neighbourhood watch scheme of sorts.

comments powered by Disqus