by Bill Snyder

Android: Not So Insecure After All

Feb 03, 20123 mins

Symantec recants its scary Android malware warning, as Google's new app security system, called Bouncer, makes the Android Marketplace more secure. Do security companies hype their warnings?

Android has been beaten up quite a bit lately, with major security companies warning that the Android Marketplace is insecure, and potentially rife with malware. McAfee in particular has been singing that tune for months, and in late January the even larger Symantec issued an alarming warning about infected Android apps.

It’s hard to know how many potential customers have been scared off by these warnings. But Google, the parent of the Android operating system and overseer of the Marketplace, has noticed, and this week announced a major effort to stamp out infected apps.

As JR Raphael, a writer at our sister publication Computerworld, explained, the system is codenamed “Bouncer” and it automatically scans apps in the Market for potentially malicious software. It digs into each app’s code to look for known malware, analyzes the app’s actions to identify unusual behaviors, and compares the app to previously analyzed programs to detect any known threats.

Bouncer also scans the developer’s account for signs of past problems, a smart addition to a security program. McAfee and other companies (and writers like me) have warned consumers not to download apps from unknown publishers, so this gives some assurance that a little-known publisher is safe, an advantage for the consumer and honest coders trying to get established.

I can’t speculate on how effective these measures will be. And it is important to note that Bouncer has been running unannounced for several months while malware has slipped past. But it does appear that Google is stepping up its efforts to secure the Android Marketplace, and that’s the responsible thing to do. 

In a blog posted today, McAfee’s Jimmy Shah called Bouncer, “a good first step,” though he did add that more measures need to be taken to protect the platform.

Apple, of course, has long exercised very tight control over apps that are sold on iTunes, and that’s a very big reason why the iOS is generally seen as much more secure than Android. I wouldn’t say that Android is now as secure as iOS, but the playing field has gotten a bit more level. 

Symantec Backs Down

Security companies obviously have a vested interest in spotting malware here, there and everywhere. That’s not to say those companies aren’t trustworthy  — most, including McAfee and Symantec certainly are  — but since they’re selling anti-malware and other security products, they’re not about to hold down demand.

Late last month Symantec issued a rather alarming warning about a piece of Android malware called Counterclank. The rogue app, alleged Symantec, attaches itself to 13 different arcade games and apps with suggestive names like “Sexy Girls Photo Game.” (Symantec posted more details on its blog, which you can read here.) It has the potential to steal data and trick your device into carrying out commands such as dialing expensive phone numbers over and over again, says Symantec.

Pretty scary, but as it turned out, not true.

Symantec now says the code in question comes from an aggressive ad network that provides revenue to the smartphone programs. The apps do things like deliver intrusive ads and place ad-related bookmarks on your phone. Not cool, but hardly the terrifying threat that garnered widespread publicity.

Yes, be careful out there, but be skeptical as well.