Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Google App Verification Service Detects Only 15% of Infected Apps

samzenpus posted about a year and a half ago | from the low-expectations dept.

Android 99

ShipLives writes "Researchers have tested Google's app verification service (included in Android 4.2 last month), and found that it performed very poorly at identifying malware in apps. Specifically, the app verification service identified only ~15% of known malware in testing — whereas existing third-party security apps identified between 51% and 100% of known malware in testing."

cancel ×

99 comments

Sorry! There are no comments related to the filter you selected.

It's a placebo (3, Funny)

Shaman (1148) | about a year and a half ago | (#42242409)

Much like Windows Defender. Or in the case of Window 8, Window Defender.

Re:It's a placebo (1, Insightful)

Anonymous Coward | about a year and a half ago | (#42242613)

First post bashes Windows 8 in completely unrelated story, modded +5 Funny already... yup, this is Slashdot. Looks like no one wants to talk about the malware problem on android, so let's bash Windows 8 instead!

Re:It's a placebo (0, Troll)

Anonymous Coward | about a year and a half ago | (#42242625)

You mad bro?

Re:It's a placebo (-1)

Anonymous Coward | about a year and a half ago | (#42242879)

MY RAVEN WAS EQUIPPED WITH THE FOLLOWING
HIGH
06 x Cruise Missile Launcher I
01 x SMALL TRACTOR BEAM 1
01 x SALVAGER I

MEDIUM
04 x LARGE SHIELD EXTENDERS
01 x 'HYPHNOS' ECM
01 x MEDIUM SHIELD BOOSTER

LOW
01 x EMERGENCY DAMAGE CONTROL
01 x ARMOR KINETIC HARDENER I
01 x ARMOR THREMIC HARDENER I
02 x WARP CORE STABILIZER I

DRONES
02 x WARRIOR I DRONES
03 x HAMMERHEAD I DRONES
UPGRADES 01 x ROCKET FUEL CACHE PARTINTION I 01 x BAY LOADING ACCELERATOR I

Re:It's a placebo (1)

Anonymous Coward | about a year and a half ago | (#42242993)

No he's merely pointing out that if any story on slashdot appears to cast android/google or FOSS in a bad light, then you can guarantee that the thread will fill up with trolls trying to stop the conversation even getting started.

These are hard core linux fanatics doing this. Don't be fooled

Re:It's a placebo (-1, Offtopic)

HaZardman27 (1521119) | about a year and a half ago | (#42242659)

Or, it being the first post means that constructive comments on the story take some time and will be posted soon. Yes, the Slashdot community is largely anti-Microsoft; if you can't deal with that perhaps you would enjoy an MSDN community more.

Re:It's a placebo (-1)

Anonymous Coward | about a year and a half ago | (#42242773)

Looks like no one wants to talk about the malware problem on android

What malware problem?

Hurr, Leenucks duesnt hav malwar lololololololololol

Re:It's a placebo (1)

Anonymous Coward | about a year and a half ago | (#42247047)

What malware problem?

The malware problem malware solution vendors are selling solutions to.

The "Researchers" responsible for this claim are/is Xuxian Jiang, head of NQ Mobile Security, "Powerful protection for your phone." http://en.nq.com/ [nq.com] .

Traditional malware protection vendors are like buggy-whip polish sellers (made from pure snake oil!). As Windows goes through its death throes, they're dropping off the carcass and looking for a healthy host to hook their parasitic little jaws into..

Hence the spate of Android malware accusation. Real Android malware is vanishingly rare, but you'll struggle to find genuine statistics amongst all the money-driven fear mongering.

Re:It's a placebo (-1)

Anonymous Coward | about a year and a half ago | (#42242775)

AC replies, bashes OT post, contributes nothing.

recurse;

Re:It's a placebo (0)

poetmatt (793785) | about a year and a half ago | (#42242925)

windows is fading out of relevance, but never let a lazy microsoft troll poo poo on the bashing of an irrelevant OS!

I wonder what trolls are going to move to in the next year or two?

http://communities-dominate.blogs.com/brands/2012/12/android-won-windows-lost-now-what-the-battle-of-the-century-is-decided-microsoft-relegated-to-ever-s.html [blogs.com]

Re:It's a placebo (-1)

Anonymous Coward | about a year and a half ago | (#42243091)

Desktops aren't going anywhere any time soon and Microsoft and Apple are so far ahead of Linux in that area that it's not even worth discussing any more.

Re:It's a placebo (0)

poetmatt (793785) | about a year and a half ago | (#42243589)

Android (linux) is so far ahead of Microsoft and Apple in sales that your trolling is comedy.

Re:It's a placebo (-1)

Anonymous Coward | about a year and a half ago | (#42244103)

When looking at global marketshare for all devices (tablet, mobile, and desktop), Windows still comes in with 83% market share [netmarketshare.com] . Windows 8, released only 45 days ago, already runs on 25% more devices than the leading Android version (Gingerbread). In fact, it's set to surpass all of Android (coming in at a total of 2.45%, including Kindle Fire) very shortly. Only 10 days after release, Windows 8 surpassed all of Android in web traffic [neowin.net] . So yes, Android sells a lot. But so does Windows, even today in this "post desktop" world everyone keeps insisting is upon us.

Honestly, I don't like comparing desktop to mobile, and lumping tablets, phones, and desktops/laptops into the same market share category; it feels very apples to oranges. But if you insist on asking the question "Is Microsoft/Windows still relevant given Android's success?" the answer is still a resounding "Yes."

Finally, you can call Android as "Linux" all you want, but the fact is that Android is successful on phones for all the reasons Microsoft Windows is on Desktops, and has nothing to do with the merits of FOSS software. It has broad corporate support (read: warranties), ample marketing, a thriving app ecosystem, and can be sold direct to customers on a variety of hardware platforms. The fact that Android is free and open source means nothing to the consumer. Absolutely nothing.

Re:It's a placebo (1)

Citizen of Earth (569446) | about a year and a half ago | (#42246477)

When looking at global marketshare for all devices (tablet, mobile, and desktop)

You forgot to count "servers".

Re:It's a placebo (5, Insightful)

Anonymous Coward | about a year and a half ago | (#42242969)

What malware problem?

You mean the "problem" where a user downloads an .apk from a warez site, sideloads it into their phone, the phone tells them "hey, this program is requesting permission to look at everything on your phone's internal storage, send information to who-knows-what internet server, and make phone calls and send SMS messages on your dime, are you sure you want to go through with installing this" and the the user clicks "okay"?

That "problem"? I'm not seeing the issue, here. I mean, at some point it becomes the user's fault.

Re:It's a placebo (-1)

Anonymous Coward | about a year and a half ago | (#42243149)

Well, yes. I expect my computer to just work, I am entitled to that which I paid for. If Android can't just work then I have no reason to leave the Apple ecosystem.

Re:It's a placebo (2)

swillden (191260) | about a year and a half ago | (#42243843)

Well, yes. I expect my computer to just work, I am entitled to that which I paid for. If Android can't just work then I have no reason to leave the Apple ecosystem.

So what will you do when your Apple device doesn't just work?

http://www.forbes.com/sites/adriankingsleyhughes/2012/07/06/first-ios-malware-hits-app-store/

Incorrect use of word "Malware" (1)

SuperKendall (25149) | about a year and a half ago | (#42247579)

So what will you do when your Apple device doesn't just work?

And then you link to a story about ONE app that uploaded an address book somewhere. That was it.

How is that Malware? At best it's spyware. And it wouldn't even be able to do that under iOS6 without asking for permission to access contacts.

Meanwhile probably 25 of Android software is scraping your contacts but who cares about that? It's just expected on Android that most apps will violate you somehow I guess.

Re:Incorrect use of word "Malware" (0)

Anonymous Coward | about a year and a half ago | (#42249074)

That's okay, you keep redefining words and making stuff up.

Meanwhilst, we'll keep laughing at you.

Re:It's a placebo (0)

Anonymous Coward | about a year and a half ago | (#42249780)

What do you do in the (incredibly rare) instance your Apple device doesn't work? support.apple.com for starters. Or call AppleCare ($20 max for out-of-warranty tech support). And most importantly to Apple's current success--take it to an Apple store, if you have one near you. This convenience is often overlooked when it comes to tech newbs and neophytes purchasing decisions. Don't know how to use your shiny iPhone? Take it to an Apple store and they'll spend as much time with you as you want, for free...and they won't even try to cycle you out (like turning tables at a restaurant) because they are not commissioned.

Re:It's a placebo (1)

thetoadwarrior (1268702) | about a year and a half ago | (#42243525)

Except there are valid reasons to enable the ability to get external software until google builds in access to amazon and other sources. Also it naive to assume just because it is in google's store that it's safe and thanks to vague security warnings and an all or nothing approach google teaches uses to disregard safety.

Re:It's a placebo (2)

CastrTroy (595695) | about a year and a half ago | (#42244187)

It's ok to sideload stuff from Amazon, and other markets, but that doesn't mean it shouldn't raise some red flags when the app asks for permissions it doesn't need. Also, if You're download a 99 cent app from a warez site, you are a cheapskate, and are almost asking to get conned. That's less than a cup of coffee, or a chocolate bar at most places.

Re:It's a placebo (-1)

Anonymous Coward | about a year and a half ago | (#42244287)

Coffee and chocolate bars are expensive, man. I have only a few dollars left and I don't have any source of income. I can't just go wasting it away like that.

Re:It's a placebo (1)

thetoadwarrior (1268702) | about a year and a half ago | (#42244575)

Apparently you missed the submission last night with the guy complaining about an app costing something like $3. Not that I'm a skin flint but most people are when it comes to mobile software which is no surprise. if you buy some budget range Android phone (which I suspect are the majority of Android phones sold) then you're not exactly the sort to splash out cash on apps.

Re:It's a placebo (0)

Anonymous Coward | about a year and a half ago | (#42246861)

You are cheapskate.. or you're stuck stuck in China where any Google service works intermittently at best.. or you signed a 2-year contract with a Nazi mobile provider who filters all the useful apps from your Play store.. or you're in one of many countries where Google Play doesn't offer any local payment methods.. or.. well, there are many legitimate reasons really. The one cheapskate I ran into today is you, because you didn't take a moment to try and see the world from other people's perspectives.

Re:It's a placebo (0)

Anonymous Coward | about a year and a half ago | (#42244397)

Apple has a 'walled garden' approach to their app store.

This is because it's centralized under them and they are zealots when it comes to controlling things internally.

So they do - and it keeps the total number of infected apps to single digits. I'm aware of 1.

I'm not saying Google is 'bad' or this makes Apple 'good'.

But it is safer. The user tends to be stupid, this is a cell phone and everyone has them.

Re:It's a placebo (0)

Anonymous Coward | about a year and a half ago | (#42244729)

Except that no other company has access to their entire application database, and they make it stupidly hard for anyone to have a look at a good number of applications in bulk.

So consider this:

Consider the "only malware" that was available in the app store was detected only by ... oh wait, it wasn't. The author came out and said "HEY LOOK AT ME! VIRUS!!!!111". Add in the flashlight tethering app of a few years ago, which was detected by the store review.... OH WAIT, it was only banned after the news spread like wildfire.

So don't worry, closing your eyes and hiding under the blanket makes the evil scary monsters go away.

Of note: I have a friend who can't update her i phone, and nobody can tell her why (even the techs in store). It's past warranty, so she can't just replace it without charge. Separately, her friend constantly complains about battery life - so much so, she has an external battery sled. Neither are jail broken (she thinks it's dangerous).

I wonder if they got infected with something.

Re:It's a placebo (1)

mapkinase (958129) | about a year and a half ago | (#42244487)

> "hey, this program is requesting permission to look at everything on your phone's internal storage, send information to who-knows-what internet server, and make phone calls and send SMS messages on your dime, are you sure you want to go through with installing this"

You might not believe me, but this is not a definition of malware. Malware does "mal" with the "ware" you provided.

Re:It's a placebo (0)

Anonymous Coward | about a year and a half ago | (#42245231)

Except that there is no built-in granular control on what to grant or not grant when it comes to permissions. Google app permissions are all or nothing, even on things that don't make sense*. If you don't agree to the permissions, go fish. I have no such issue in BB. I can grant or revoke individual permissions after the app is installed. If it doesn't work after that, it comes right off.

* I found three flashlight BB apps that will not work without Internet access. The camera/camcorder I understand, because the flashlight is associated with that side of the hardware, but Internet?! Really?

Re:It's a placebo (1)

maccodemonkey (1438585) | about a year and a half ago | (#42247323)

What malware problem?

You mean the "problem" where a user downloads an .apk from a warez site, sideloads it into their phone, the phone tells them "hey, this program is requesting permission to look at everything on your phone's internal storage, send information to who-knows-what internet server, and make phone calls and send SMS messages on your dime, are you sure you want to go through with installing this" and the the user clicks "okay"?

That "problem"? I'm not seeing the issue, here. I mean, at some point it becomes the user's fault.

I'm confused. Are you a Windows or Android apologist?

Re:It's a placebo (1)

mutified (2792691) | about a year and a half ago | (#42250801)

So, you believe that since someone is stupid they deserve to have their possession stolen? This is important because I know you're not the smartest guy and therefore you deserve the same thing. Good Luck with that attitude.

Re:It's a placebo (1)

thetoadwarrior (1268702) | about a year and a half ago | (#42243473)

Except he has a point. He's relating android to MSE which also ranks poorly against the alternatives. The problem is people will trust the freebie from google (or MS) because they assume they would do everything to protect their software which is untrue if they're giving it away for free.

Re:It's a placebo (1)

Anonymous Coward | about a year and a half ago | (#42245085)

He's relating android to MSE which also ranks poorly against the alternatives.

It depends on what you want in your AV. According to the testing firm, MSE scores well in detecting and blocking widespread and recent infections, which in their tests represent over 270,000 samples. MSE scored poorly in detecting zero day exploits, which represented 100 samples. MSE also scored better than average in system impact and false positives. For those that scored higher on detecting malware, you also see higher system impact and false positives. MSE had the lowest system impact of any AV solution by a wide margin. So if you're a careful user and you want protection from malware with minimal system impact, MSE is simply the best choice for you.

Re:It's a placebo (0)

Anonymous Coward | about a year and a half ago | (#42244329)

When the first post bashes Microsoft? FUNNY!

When the first post praises Microsoft? OMG SLASHDOT IS OVERRUN WITH MICROSOFT SHILLS!!!!!

Re:It's a placebo (0)

Anonymous Coward | about a year and a half ago | (#42249758)

No, it is a placebo. It makes people feel better about it when it does nothing at all. The one Window joke was also funny. So +5 it is.

Re:It's a placebo (-1, Offtopic)

marylinfelton45 (2792231) | about a year and a half ago | (#42244433)

up to I looked at the draft ov $8598, I be certain that my neighbour woz like actualie erning money in there spare time from their computer.. there sisters neighbour started doing this 4 less than 19 months and as of now cleared the depts on there condo and got a great new Subaru Impreza. I went here..WWW.GoogleJob1.MEL7.COM

Re:It's a placebo (1)

Xacid (560407) | about a year and a half ago | (#42250210)

Meh. I figure you're joking but the decade-old meme is getting, well, old.

As far as the free antivirus solutions go for PC, it's one of the top three fairly consistently on the reviews I've come across. And with Windows 8 - it's automatically installed and running in the background so the n00b end-user we all love to complain about should be less of a vector than usual. This is typically regarded as a good thing for most sane folks.

So yeah, a little more than just a placebo.

the methods are probably patented (0)

alen (225700) | about a year and a half ago | (#42242443)

chances are that Lookout and others have already patented their methods and google should just use their work for free and then call them patent trolls and how their inventions are totally obvious

Re:the methods are probably patented (0)

neokushan (932374) | about a year and a half ago | (#42242591)

You've got a (fairly-low) 6-digit user ID, yet you're trolling like a common AC. You seem to have some sort of vendetta against Google. Maybe you should just...drop whatever silly little issue it is that you have with them and just get on with life?

Re:the methods are probably patented (0)

Anonymous Coward | about a year and a half ago | (#42242783)

Yea, why should anyone scrutinize an ad network with a HUGE reach into geeks daily lives, they're our friends!

Re:the methods are probably patented (0)

Anonymous Coward | about a year and a half ago | (#42242939)

I don't know if some nonsense troll speculating about something that won't happen in the near future qualifies as "scrutiny" of Google's even more unrelated ad network.

But you both get an A for effort.

Re:the methods are probably patented (1)

poetmatt (793785) | about a year and a half ago | (#42242943)

umm, you realize that a ton of troll accounts were created in the 175k-230k UID range, right?

He basically forgot to click the Anon box.

Re:the methods are probably patented (1)

neokushan (932374) | about a year and a half ago | (#42243083)

Actually no, I did not realise that. My own user ID is a good reflection upon when I joined Slashdot. Was there some sort of botting incident or something that happened before then?

Re:the methods are probably patented (0)

Anonymous Coward | about a year and a half ago | (#42243335)

Actually no, I did not realise that. My own user ID is a good reflection upon when I joined Slashdot. Was there some sort of botting incident or something that happened before then?

No, that's before the tacosnotting rings were broken up. Those were dark days.

Re:the methods are probably patented (1)

mrbester (200927) | about a year and a half ago | (#42243391)

Damn. That explains a lot.

Re:the methods are probably patented (1)

poetmatt (793785) | about a year and a half ago | (#42243595)

hahaha :) a ton != all.

Re:the methods are probably patented (0)

Anonymous Coward | about a year and a half ago | (#42243087)

I may be reading too much into it, but the post from alen seems to be more pointed at the current state of patents and Apple vs. Google. Then again maybe that just the angle I prefer to view.

Software libre is the answer (-1)

Anonymous Coward | about a year and a half ago | (#42242505)

App store full of malware?
Better to stick to Free-as-in-Freedom software.

Re:Software libre is the answer (-1)

Anonymous Coward | about a year and a half ago | (#42242873)

And Apple!

LOL.

Personal experience says otherwise (-1)

Anonymous Coward | about a year and a half ago | (#42242527)

You’ve got to be kidding me. I’ve been further even more decided to use even go need to do look more as anyone can. Can you really be far even as decided half as much to use go wish for that? My guess is that when one really been far even as decided once to use even go want, it is then that he has really been far even as decided to use even go want to do look more like. It’s just common sense.

No problem here (1)

vlm (69642) | about a year and a half ago | (#42242559)

Whew luckily no problem here, my motorola defy has so much crapware in the rom, almost as bad as a windows PC, that is so out of date that it's all got updates (now wasting twice the memory) that I don't have to worry about "apps" because I have no space to download apps after installing a very basic set of apps (dropbox, kindle reader, tunein radio, evernote, runkeeper, that kind of can't live without it stuff)

Probably google would make a heck of a lot more money forcing mfgrs to make it possible for users to download apps, than they would by trying to make clean apps that I can't afford to download anyway.

Re:No problem here (2, Insightful)

schitso (2541028) | about a year and a half ago | (#42242581)

The solution. [cyanogenmod.org]

Re:No problem here (0)

Anonymous Coward | about a year and a half ago | (#42242851)

How exactly is a rooted ROM a solution to malware problem? It is not like it doesn't run the same apps as any other ROM ...

Re:No problem here (2)

h4rr4r (612664) | about a year and a half ago | (#42242987)

Because his complaint is really the crap that was in the ROM his provider installed. Not malware.

There are two solutions for this, the first being do some research before buying a smartphone the other being install a ROM that does not include this sort of bloatware.

Re:No problem here (1)

schitso (2541028) | about a year and a half ago | (#42247705)

Exactly. Thank you.

Re:No problem here (1)

h4rr4r (612664) | about a year and a half ago | (#42242767)

Perhaps you should look in a mirror for who to blame on that purchase? Next time do a little research.

Re:No problem here (1)

Anonymous Coward | about a year and a half ago | (#42242945)

Awesome. Everyone has to vet their own app purchases. Perhaps read the source code too.

Just like you verify & test the wiring harness in every car you buy, right?

No, it's not a huge fucking redundant waste of time or anything, right?

Re:No problem here (1)

h4rr4r (612664) | about a year and a half ago | (#42243009)

Way to not read the GP at all.

He is discussing bloatware that came with his phone, not malware he bought later. Had he bought a device with 4.0+ he could disable it, but that would not get him the space back either. If you are about to tell me about some uninstall updates button and no disable, press that button and you shall receive the disable button.

Typical Stupid AC, if you had some brains maybe you could figure out how to get an account.

False positive rate? (4, Interesting)

gman003 (1693318) | about a year and a half ago | (#42242585)

I wonder, what's the false positive rate on these "third-party" systems? It's easy to make a system that detects 100% of malware as malware - just deny everything.

Re:False positive rate? (1)

Cenan (1892902) | about a year and a half ago | (#42243959)

Exactly. And it's not even a rookie mistake, the guy is an assoicate professor, yet there is a whole angle of his research missing. Might be just a rush to get it done before anyone else?

We've known virus scanners don't work since. (2, Insightful)

i kan reed (749298) | about a year and a half ago | (#42242647)

What? 2000, maybe? More specifically, they're part of the test cases of virus writers, who develop until they are circumvented. Why would anyone imagine they do anything useful?

15% detection rate? (4, Funny)

Revotron (1115029) | about a year and a half ago | (#42242657)

McAfee would kill for that.

Re:15% detection rate? (3, Funny)

h4rr4r (612664) | about a year and a half ago | (#42242753)

So be careful not to live next to him, he has already shown he will do it.

Re:15% detection rate? (0)

Anonymous Coward | about a year and a half ago | (#42243291)

So be careful not to live next to him, he has already shown he will do it.

You ruined the joke, but what killed it deader than Reiser's wife is that three mods thought explaining the joke was funny.

Re:15% detection rate? (0)

Anonymous Coward | about a year and a half ago | (#42242843)

No , that was for the 15% purity rate, not the detection rate.

Re:15% detection rate? (1)

helix2301 (1105613) | about a year and a half ago | (#42250178)

I had an iPhone and I hated all the app restrictions. I am willing to deal with a little malware to have more open source phone. Plus 15% is not bad we have so many Virus ridden machines come in the store and they have Avast, Nortain or McAfee I really thing virus and malware detection is BS anymore.

I don't want/need this on my phone. (5, Insightful)

DavidClarkeHR (2769805) | about a year and a half ago | (#42242669)

Well, it's a good thing there are 3rd party options.

I don't want/need additional bloat on my phone - I don't install random apps, and I'm quite comfortable wiping the phone to update it. Sure, I'll use a scanner if/when I start installing random things, but it's basic online hygene. I don't install random programs on my computer, but I do use a 3rd party antivirus because of all the browsing I do. That isn't something I do on my phone, and when it is, I will take the appropriate precautions.

Re:I don't want/need this on my phone. (0)

BasilBrush (643681) | about a year and a half ago | (#42246685)

I don't want or need it either. I have an iPhone.

Iphone? HA. (0)

Anonymous Coward | about a year and a half ago | (#42248295)

I don't want or need it either. I have an iPhone.

... and virtually no flexibility. Browser choice? HA. Oh wait, you can jailbreak? Congrats, there goes your warranty. Honestly, apple users are starting to protest just a little too hard to be credible.

Bias? (5, Interesting)

Anonymous Coward | about a year and a half ago | (#42242683)

The "researchers" tested the service a few days after it's release, and compared it with other similar apps that had months, if not years time to polish and get up to date?

Will they follow up in 6 months? Doubtful, since the results would put Google near the lead, and this article looks like anti-Google.

What happened to researchers these days? Where's the objectivity?

Re:Bias? (0)

93 Escort Wagon (326346) | about a year and a half ago | (#42243007)

The "researchers" tested the service a few days after it's release, and compared it with other similar apps that had months, if not years time to polish and get up to date?

In other words... its functionality was reviewed in a similar manner to iOS Maps?

Re:Bias? (0)

gagol (583737) | about a year and a half ago | (#42243555)

It is a shame this post was from AC, it will fall under threshold unless we give it a deserved bump. Thank you!

Re:Bias? (2)

Cenan (1892902) | about a year and a half ago | (#42244075)

Your premise is wrong. Why should any kind of antivirues algorithm/software be excused for being "new"? You're either capable of detecting malware or you don't release. You aren't supposed to "learn on the job" with malware detection

Re:Bias? (1)

rh2600 (530311) | about a year and a half ago | (#42244883)

Why not? For all we know their detection may be bayesian based and still has "learning" to do in the field. Maybe this learning can take place in a matter of days with a sampling size as large as Android's. I think a trade-off of some start-up time in return for a system that can cope better with new attempts to circumvent its detection the better. FWIW this article is a beat-up - Google have multiple layers to their malware detection, and they've only tested one layer.

Re:Bias? (1)

tooyoung (853621) | about a year and a half ago | (#42244169)

The "researchers" tested the service a few days after it's release, and compared it with other similar apps that had months, if not years time to polish and get up to date?

Would you apply this logic to all products and services, including those made by Apple, Sony, and Microsoft? How long should a service be available before a review or study is acceptable?

Re:Bias? (0)

Anonymous Coward | about a year and a half ago | (#42244375)

Don't know about him, but others do.

iOS6 maps threads had their fair share of "they're still young and you're comparing them to years of experience of Google, Nokia and MS" and "Why WP7 is a flop" reviews had "You're too hasty to bury it, remember when Android and iOS were new entrants?"

Or maybe... (4, Insightful)

GeLeTo (527660) | about a year and a half ago | (#42242745)

The malware developers test and try to circumvent the Google scanner and don't bother with third-party security apps. If Google buys an app with 100% detection rate and uses it in their scanner, guess what the detection rate will be a few months later.

Re:Or maybe... (0)

Anonymous Coward | about a year and a half ago | (#42242885)

I'll play! eh, 100%.

Re:Or maybe... (1)

tandr (108948) | about a year and a half ago | (#42243085)

115% ? ... because of false positives

Re:Or maybe... (1)

legrimpeur (594896) | about a year and a half ago | (#42243251)

so the "walled garden" has at least one advantage?

Re:Or maybe... (0)

Anonymous Coward | about a year and a half ago | (#42244761)

Nope, still 0.

There's a big scary warning when you enable off-market installs, specifically stating that ZOMG BADTHINGS, DELETED INFOS, BRICKED DEVICES. If the user is too stupid to read, then that's their problem.

Plus, this specific implementation of walled garden only hides that there may be malware. Charlie Miller had to come out and yell to the world, otherwise his app and his developer certificate would still be on the market today.

But, it's 100% at reporting your apps to Google (1)

GodfatherofSoul (174979) | about a year and a half ago | (#42242807)

n/t

Re:But, it's 100% at reporting your apps to Google (0)

Anonymous Coward | about a year and a half ago | (#42242883)

...just like the Play Store?

This is not a bad thing. (0)

Anonymous Coward | about a year and a half ago | (#42242839)

Can't expect something that operates in this manner to have a high detection rate - it's another layer that provides a benefit. It's a win in my book. The failing of this system, IMO, is that it requires user intervention. As we all know, and has been shown with the advent of technology for the masses, people will just click "ok" to get past warning messages - without reading them. It's a start, though!

That's OK (0)

Anonymous Coward | about a year and a half ago | (#42242995)

Because we all 'know' that business is about making money, the 'effort' on Google's part would seem counterproductive anyway, right?

Infected? (1)

rumith (983060) | about a year and a half ago | (#42243099)

I wonder if this is the correct term: "infected" means that the author had written a benign application, while an attacker somehow got control over his distribution channel and modified the app to his needs. Meanwhile, I believe that in a significant number of cases cheap apps are written and distributed by malicious authors. So yep, they're dangerous, and no, they're neither infected nor otherwise modified.

Explain. (1)

LoudMusic (199347) | about a year and a half ago | (#42243671)

So who detected the remaining 85% in order to give us this statistic of 15% detection rate? And why isn't that being used instead?

Re:Explain. (4, Informative)

Cenan (1892902) | about a year and a half ago | (#42244117)

All the samples fed to the various detectors were infected, that's the problem with this "research", they lack a control group.

Re:Explain. (0)

Anonymous Coward | about a year and a half ago | (#42246199)

Uhhh... Let me work that out for you. Lets say we have 100 samples. 15 were detected. That is a 15% detection rate.

Actual detection? (2)

bickerdyke (670000) | about a year and a half ago | (#42243861)

Does any of the mentioned "existing third party products" really DETECT malware? Or do they only check apks against lists of manually compiled checksums?

Why "only"? (1)

allo (1728082) | about a year and a half ago | (#42244353)

It detects 15% of malicious apps, which would otherwise go undetected. Thats better than not having this service.

Re:Why "only"? (1)

godel_56 (1287256) | about a year and a half ago | (#42246367)

It detects 15% of malicious apps, which would otherwise go undetected. Thats better than not having this service.

But looking at the alternatives (from TFA) even lowly ClamAV detected 51%, and two of the commercial programs detected 100% of the malware samples (looks like Avast and Symantec).

If you're beaten by ClamAV, well man, that is embarrassing. Oh, and Clam is free as well.

Re:Why "only"? (1)

allo (1728082) | about a year and a half ago | (#42246709)

clamAV is a scanner, analysing files. the google service is afaik like a dns rbl ... it just checks for known bad hashes. Flip a bit, and it won't recognize the virus.

Re:Why "only"? (1)

godel_56 (1287256) | about a year and a half ago | (#42247317)

clamAV is a scanner, analysing files. the google service is afaik like a dns rbl ... it just checks for known bad hashes. Flip a bit, and it won't recognize the virus.

Users aren't concerned with how it works, only if it works, and to some extent how much it costs. The Google service may actually be harmful by giving a false sense of security to noob users.

Re:Why "only"? (1)

hobarrera (2008506) | about a year and a half ago | (#42256697)

Not really, because it gives users a false sense of security - they belive the apps have been scanner, but they've been scanner rather poorly.

Re:Why "only"? (1)

allo (1728082) | about a year and a half ago | (#42259659)

still better than not scanned.

Re:Why "only"? (1)

hobarrera (2008506) | about a year and a half ago | (#42261805)

Not really.
If you tell users that apps have been scanned, they install them with a [false] sense of security, beliving that the scanning process is protecting them.
If you tell them stuff isn't scanned, they'll probably tend to be slightly more careful (lots will still screw up though).

Re:Why "only"? (1)

allo (1728082) | about a year and a half ago | (#42263063)

Google does not tell its scanning. It just does it, and alerts the user, if its malware-positive. If its negative, the user gets no message at all.

What one found (0)

Anonymous Coward | about a year and a half ago | (#42247829)

100 percent.

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>