Google’s Bouncer adds new security layer for Android
Google publicly confirm that Bouncer has been covertly scouting the Android market for month
After vehement critical attacks, as well as literal ones, Google has formalised their battleplan for the war on Android malware – publicly revealing a new security agent, Bouncer.
Hiroshi Lockheimer, VP of Engineering at Android, detailed more about the new service which aims to clamp down on the frankly virulent malware that has plagued Android’s Market for the past year, due to the rapid adoption of the platform.
The technology provides automated scanning of Android Market for potentially malicious software, crucially without disrupting the user experience of Android Market performancewise. Nor does it require developers to go through an application approval process, a la Apple or Microsoft, although some might still advocate this further for better security. This appears to be ‘the Google way’ of doing it.
Lockheimer discussed how the process worked within his announcement saying:
Once an application is uploaded, the service immediately starts analysing it for known malware, spyware and trojans. It also looks for behaviours that indicate an application might be misbehaving, and compares it against previously analysed apps to detect possible red flags.
He added that every application was already put through a rigourous process to check for security flaws, running on Google’s cloud infrastructure and also simulated to see how it would run on an Android device. New developer accounts are analysed to keep out repeat-offender developers – hence the name Bouncer.
It appears that this tactic has paid off, with Lockheimer reporting ‘a 40% decrease in the number of potentially-malicious downloads from Android Market’ since Bouncer was deployed in the second half of 2011. This is more impressive given that the majority within the industry are reporting that malware is on the rise.
The Android platform has grown astronomically, as Lockheimer notes ‘device activations grew 250% year-on-year, and the total number of app downloads from Android Market topped 11 billion’.
It appears that Google has finally got a grip on the malware problem that was spiralling out of control, at least for now. However Lockheimer admits that whilst they are striving towards a secure market, ‘no security approach is foolproof’.
Either way, this formal announcement is sure to ward off some of the harshest critics of Android’s biggest problem and reassure developers that their applications are safe with the green droid getting a nightstick to wield. The community’s backing is needed too for a neighbourhood watch scheme of sorts.