Wednesday, May 29, 2013

Failure of Bouncer

In a previous posting, I mentioned Bouncer, Google's service within the Google Play Store that is supposed to keep out malware.  This is important, because the Play Store does not vet new apps to the level that Apple's App Store does, meaning that Google Play becomes one of the biggest vectors for malware to get into Android phones.

Well, per a recent article at ArsTechnica, someone figured out how to get around this.  I discovered this thru an article at TechRepublic.

Apparently how they did it was upload an app to Google that was ok, which was checked by Bouncer.  Then they uploaded a new version of that app, this one with the malware.  Now, I have to wonder why Bouncer didn't re-check it.  Wouldn't that malware app be different (different size, atleast a new update date), and thus Bouncer would re-examine it?  Seems its not setup that way.  Certainly a new upload, if its not a new size, should trigger a recheck.

Apparently some 9 million user got it.  Upsy.

Check out the article at TechRepublic.  I thought it had some pretty good points, similar to what I've been saying, on the need for better security stance when it comes to Android.  A big part is that we need to get more people to install AV software (ok, they are really anti-malware, but still) on their phones.  Stop giving people the impression these devices are totally secure, and take practical security in mind.

No comments:

Post a Comment