Android May Get Built-In Malware Scanner
Google is often accused of not taking Android security seriously enough. That may be about to change.
The latest edition of the Google Play app for Android hints at future built-in malware-scanning abilities, according to analyses by the AndroidPolice website and Britain's Sophos Labs.
Among the user prompts found in the source code are "Allow Google to check all apps installed to this device for harmful behavior?", "Google recommends that you do not install this app" and "I understand that this app may be dangerous."
The actual anti-virus software isn't yet part of the Google Play app, but Sophos' Graham Cluley speculates it may be introduced with Android 4.2, which other sources say will be code-named "Key Lime Pie."
AndroidPolice's Rob Amadeo thinks user prompts indicate three separate functions.
"There is something called 'App Check' that will allow Google to inspect every app you've already downloaded, and a doorman-style app blocker that will warn you if an app is suspicious," Amadeo wrote in a blog posting. "It also sounds like they will have a 'shut up and download it' button, for people that like to live on the edge."
If Google is indeed planning to build a malware scanner into Android, it can't be too soon.
When Android debuted in the fall of 2008, anyone could plunk down $25 for a developers' license and upload anything to the Android Market, as the app store was originally called. Google relied on users to inform it of malware, rather than the other way around.
Scammers quickly found they could stuff malicious code into fake or pirated versions of popular apps — "Angry Birds" has been a common target — and rely on gullible users to install it themselves.
Since then, Google has slowly tightened the screws, banning dubious developers from Google Play and, earlier this year, installing a server-side malware scanner called Bouncer.
However, Google Play is still nowhere near as tightly monitored as Apple's iTunes App Store. Google doesn't examine pre-release apps as closely as Apple does, and doesn't prevent them from modifying their code after installation.
Unlike Apple, Google also makes it easy for Android users to install apps from "off-road" app stores, many of which are loaded with the same sort of Trojanized apps that once plagued the Android Market (and still haunt Google's Chrome Web Store).
A handset-based, built-in client-side malware scanner would go far toward cleaning up the messy Android ecosystem. There are already several good third-party Android malware scanners out there (Sophos' is free), and TechNewsDaily recommends that every Android user install one.
But a built-in malware scanner would raise the security baseline for all Android devices and, presumably, have access to parts of the operating system that third-party apps can't get to.