Google outlines Bouncer service for Android malware, touts lack thereof

Recent incidents in which the Android Market has been accused of hosting massive malware outbreaks have been responded to by Google today with a brand new system code-named Bouncer. With this new system, a completely non-invasive and potentially developer effort-free system will continue to build on Android's security system blocking out all malicious software, especially here and now in the Android Market. This comes at a time when security group Symantec has changed their tune after a week of screaming about malware that the object they found wasn't malicious at all in the first place.

Symantec aside, Google is indeed bumping up their efforts to keep the Android Market clean with Bouncer as well as reinforcing through words the security that's already in place and has been for some time with Android. Bouncer sits at the heart of the Android Market and checks for malicious software once an app is uploaded, checking it for known viral bits as well as codes that show that it was built by a known malicious developer or has hidden codes made to mess with users in any way at all. Each app is run on Google's cloud infrastructure and actually tested out so that simulations can show how the application really truly works. Google also mentioned that Android malware downloads have decreased between the first and second halves of 2011:

"We saw a 40% decrease in the number of potentially-malicious downloads from Android Market. This drop occurred at the same time that companies who market and sell anti-malware and security software have been reporting that malicious applications are on the rise. While it's not possible to prevent bad people from building malware, the most important measurement is whether those bad applications are being installed from Android Market – and we know the rate is declining significantly." – Hiroshi Lockheimer, VP of Engineering, Android

uspicious talk there, ladies and gentlemen! In addition, Google mentions that Android as a software sitting on all of your phones right now has Sandboxing features which keep a malicious bit of software contained in one area of your phone if it does exist, first of all. Second there's a screen between you downloading and you installing your applications one by one that asks whether you want to give that app permission to touch your device in many different ways – that's all on you. Third, malware removal is simple on an Android device, from the Android Market being able to remotely remove malware from your device to your own ability to see into the guts of your Android device if need be and take the malicious software out yourself. So stay safe, Android users, Google has your back!

[via Google]