Android 4.2 Gets Malware Scanning Baked In — Sort of
One of the advantages of locking down devices and only allowing apps to be installed through a “walled garden” of an app store is the ability to (theoretically) pre-screen every line of code in every app that’s submitted, which virtually guarantees that your platform will be “malware free”.
Of course neither Apple nor Microsoft pre-screen every line of code in every app in their respective app stores, but who’s counting, right?
Google does things differently. Rather than approving every single app before it’s listed in their Play Store, Google includes it automatically — letting the free market respond to any apps that don’t do what they’re supposed to. However, users can sideload apps onto many (most?) Android-powered smartphones and tablets, bypassing the Play Store entirely — though this functionality is turned off by default.
It shouldn’t take a rocket scientist to figure out that eventually someone is going to game that system and start releasing malware apps for Android. Unfortunately that’s not some unknown point in the future. It’s already happened.
To be fair, Google does routine malware scanning on apps that are submitted to the Play Store. Luckily, Google is quick to respond and can remotely uninstall apps from your Android when they identify something that’s made it through to your phone from their store. This isn’t the case when you sideload apps. If you do that, you’re on your own.
Until now… well, until “soon”
Android 4.2 “another flavor or Jelly Bean” includes a new feature: malware detection!
Hiroshi Lockheimer, Android’s VP of Engineering, recently spoke with ComputerWorld about a new feature in Android 4.2 that compares everything that you’ve installed on your phone or tablet with a database of known threats. This is essentially an extension of the malware scanning that Google is already doing for apps that are included in the Play Store — but applies to sideloaded apps as well.
Some of you may be thinking, as am I, that this could reveal sensitive information about what you have installed on your device. While that may be true, Google has pledged to “do no evil”, so we’ll just have to trust them. If you don’t, you can always “disagree” to letting Google check your apps.
Even if you don’t opt-in to Google’s new feature, they’ve tried to simplify your installations by including an improved app permission schema. Additionally, Android 4.2 automatically blocks apps from sending premium text messages in the background — which could save you a bundle of hard-earned cash.
Now we just need to get “a new flavor of Jelly Bean” onto more devices!
Source and image credits: ComputerWorld