Another reason you want Android 4.2: built-in malware detection

Daniel Bader

November 3, 2012 10:36am


For years, security teams, anti-virus companies and, most publicly, Apple, have accused Google’s Android of being vulnerable to remote hacking and malware. That Google doesn’t vet individual apps in its Play Store doesn’t help the situation, as they have a “hands-off-until-necessary” policy.

In Android 4.2, the situation has changed for the better. Google now includes a malware scanner with the OS, verifying that every app — sideloaded or downloaded from Google Play — is free of viruses and code exploits. Google already uses server-side malware checking on the Play Store, so this is another level of protection.

The process is opt-in — it will ask your permission to proceed when first sideloading a third-party app — but after that all the work is done server-side. It matches the app’s unique signature with Google’s database of known “clean” apps; if there is a match between something forbidden on their side, it will not let you install it on your side. When the app’s safety is dubious or unknown, Google errs on the side of caution, instructing the user to take care without explicitly preventing the install. It’s a system that works very well in theory, as long as Google’s database is up to date.

Google has also added a feature to Android’s security back-end that alerts users whenever an app tries to send a SMS message. Most Android malware takes advantage of the relatively insecure SMS shortcode system known as USSD. By blocking unauthorized SMS messages, Android 4.2 can keep users from being remotely controlled, keylogged, or wiped.

While the on-device malware protection is only built into Android 4.2, users with older versions still benefit from Google Play’s server-side protection. Just remember what mom always said: be careful what you sideload.

Source: Computerworld

  • Jay Hack

    LOOKOUT is always the first app any Android user should download. It includes this function and is free. (Not to mention being able to track it if lost or stolen)

    • priceIsRight

      Well that’s google for you:
      Selling you terror in order to get more data from you.
      Or in other words “safety” in exchange for privacy!

      Now Google will know EXACLTY what apps you have even if you have a backup of an app that you bought before (sideload).

      This may sound evil but this is exactly what you get with EVERY ecosystem; all you have to do is choos who you want to loose your privacy with: Apple, MS or Google.

      ..And that is the main reason why I am so mad about LAzaridis taking RIM to the gorund: I used to loose my privacy to a Canadian company; now thanks to Lazaridis all my data is in another country.

    • Tech

      Not like you are working on Next world revolutionary research that you worried about your idea being stolen, they only collect your interested in data so they can compile ads in that order for you.

    • lol

      I’m not willing to believe conspiracy theorists who can’t even spell. Go away, please and thank you.

  • Woof

    There is Sophos Mobile Security as well.

  • simone

    Lookout cannot even detect the smallest threat. its only good for finding your lost phone. zoner antivirus is the best free mobile protection out there now.

  • Tom

    The idea that the average Android user needs anti-virus is a myth promoted by the anti-virus companies.

    People who bypass the app store need anti-virus – but they are advanced users who know they need it. Average users just use the Play store.

    Have you ever known of an Android user getting a virus (in the play store)? It happens, but the cases are so rare and Google is able to shut them down so quickly that it is not a realistic threat to the average user.

  • MER1978

    For users that don’t side load anything aka probably like 99% of android users.. is this update really all that big of a deal when they are already scanning on the play store server side?

  • Nathaniel James

    ANDROID > IPHONE

    • priceIsRight

      Not in this case!
      MS=ANdroid=Apple

      They all try to control the ecosystem, keep your life in their servers CLOUD anyone??

      There should be a movie called the loss of privacy and the murder of SD Cards!
      Is all about keeping your data and forcing you to get data plans.

  • Dylan K

    Lol @ everyone complaining about Google forcing us to buy data plans. If you don’t have one and you side load an app you’re either a) near a computer that has Internet because you need to connect your phone/microSD or b). Already have a data plan and you don’t care about the extra few KB per app loaded for one time verification. Either way, I side load a few app here and there but only from sources I research first. Never had anti virus on my phone, and after 4.2, never will.

  • 5Gs

    iphone < android

  • Derp

    Sideloading your mom since 05′

  • MonkeyPaw

    Android Jellybean is safe, as long as you don’t install Internet Explorer 10

  • carlton

    damn, that nexus is the best looking android handset yet.

  • Alex

    What a shame.

  • SHOGUN

    NQ Mobile Security is the best one and it’s free in the Playstore.

    No way in hell would I want Google to know what apps have been side loaded.

  • Alpha

    You don’t need antivirus if you spend the extra 30seconds to read the permissions and use your spidey sense. Why would some bubble game require the ability to READ all your contacts, READ/WRITE SMS, make phone calls, read/write email, discover accounts AND control wifi? If these permissions don’t set off your BS alarm, I don’t know what will.

    Just because it’s “free” wrapped in a colourful cloned app doesn’t mean it’s harmless.

  • Alison

    I am new to smartphone. I plan to get a Nexus 4 and get the smallest data plan possible.
    – Can I just use Wifi to download games/apps from the Play store?
    – Will the clouds chewing my data bandwidth even if I am not UL/DL from it?
    – Will the GPS software keep using the data bandwidth 24/7 even if I am not using the software?

    I appreciate any advice.

    • Matthew

      - Yes you can certainly download apps via wifi. Just keep in mind some games like to have you connected so they can upload data etc, so be mindful if you step out of wifi areas.

      – the cloud will not affect your data granted you cut syncing access from specific accounts. you will have control over this, but you must take the time to find every route, by default much is synced to the cloud

      – gps will not affect your data bandwidth granted you have it off, otherwise apps requesting pulls from gps that you have on will always be relocating as you move about