November 3, 2012 10:36am
For years, security teams, anti-virus companies and, most publicly, Apple, have accused Google’s Android of being vulnerable to remote hacking and malware. That Google doesn’t vet individual apps in its Play Store doesn’t help the situation, as they have a “hands-off-until-necessary” policy.
In Android 4.2, the situation has changed for the better. Google now includes a malware scanner with the OS, verifying that every app — sideloaded or downloaded from Google Play — is free of viruses and code exploits. Google already uses server-side malware checking on the Play Store, so this is another level of protection.
The process is opt-in — it will ask your permission to proceed when first sideloading a third-party app — but after that all the work is done server-side. It matches the app’s unique signature with Google’s database of known “clean” apps; if there is a match between something forbidden on their side, it will not let you install it on your side. When the app’s safety is dubious or unknown, Google errs on the side of caution, instructing the user to take care without explicitly preventing the install. It’s a system that works very well in theory, as long as Google’s database is up to date.
Google has also added a feature to Android’s security back-end that alerts users whenever an app tries to send a SMS message. Most Android malware takes advantage of the relatively insecure SMS shortcode system known as USSD. By blocking unauthorized SMS messages, Android 4.2 can keep users from being remotely controlled, keylogged, or wiped.
While the on-device malware protection is only built into Android 4.2, users with older versions still benefit from Google Play’s server-side protection. Just remember what mom always said: be careful what you sideload.