Android 4.2 security includes advanced anti-malware protection, just as previously rumored

November 2, 2012

    Before Google unveiled Android 4.2 Jelly Bean, we saw a variety of leaks and reports that detailed potential new features for the company’s new Android OS version. Among them, one story detailed potential new security features for Android 4.2 devices that could offer users better protection against malware apps, among other things.

    Now, a new article from Computer World confirms that some of those rumored security features are indeed in place in Android 4.2, as Google is trying to make sure that end users will not experience any malware-related issues on devices that will run the latest Jelly Bean version.

    The new security system is apparently built into Android 4.2 and runs quietly under the hood, providing real-time responses when new applications are installed, especially apps that are coming from other sources than the Google Play Store.

    The system will scan the app you want to install and compare it against a large database of apps to determine whether it contains any malicious code. Everything happens as you prepare to install the app – and the service is “completely opt-in” meaning you can choose not to have it run automatically on your device – and in case the system detects anything in the code that appears to be harmful, it will prevent you from installing the app.

    Android 4.2 basically incorporates the same anti-malware security features that are already built into the Play Store:

    “We view security as a universal thing,” Android VP of Engineering Hiroshi Lockheimer tells [Computer World]. “Assuming the user wants this additional insurance policy, we felt like we shouldn’t exclude one source over another.” […]

    “We have a catalog of 700,000 applications in the Play Store, and beyond that, we’re always scanning stuff on the Web in terms of APKs that are appearing,” Lockheimer says. “We have a pretty good understanding of the app ecosystem now, whether something’s in the Play Store or not.” […]

    “The server does all the hard work,” Lockheimer explains. “The device sends only a signature of the APK so that the server can identify it rapidly.” […]

    (Incidentally, Lockheimer tells [the reporter] the new functionality is not related toGoogle’s recent acquisition of VirusTotal, a startup focused on online malware scanning; rather, it’s based completely on the app-scanning technology announced for the Play Store back in February.)

    In addition to identifying malicious apps before they’re installed – or at least attempting to do so – the system will also warn users when they’re about to send SMS messages to premium numbers, thus letting them to allow or cancel the text. Assuming malware apps do get installed on Android 4.2 devices, and assuming their monetization scheme involves quietly sending such costly texts to short numbers, the feature could save users spending money they don’t know they’re actually spending.

    LG Nexus 4

    Naturally, these new security features come with a new “improved app permissions screen,” from where you’ll be able to monitor what goes on with the apps that are installed on your device. Unfortunately though, it’s just Android 4.2 devices that will actually get these new security features.

    What do you think about these confirmed Android 4.2 security features? Is there anything else you’d want Google to include to better protect devices from unwanted attacks?

    Comments

    • http://profiles.google.com/mjsoctober Michael Schmidt

      Devs should have to explain in their app description, or on the permissions page, in the Play Store exactly what their app is doing with each permission requested. Some devs do this, but they are a minority. There might be a completely valid reason for an app to want a particular permission, but it might not be obvious, and some of those permission descriptions can be kind of scary to a noob.

    • RaptorOO7

      I agree, Google needs to set and enforce basic rules when it comes to accessing permissions.

      Of course now that the new Nexus devices are out, how long before we will see Android 4.2 updates for the current phones, say the Galaxy Note 2 or are we all screwed since CES 2013 is not far away and its all hands on deck for those launches (err vaporware)

    Popular

    Latest