Slashdot Mirror

← Back to Stories (view on slashdot.org)

Google App Verification Service Detects Only 15% of Infected Apps

Posted by samzenpus on from the low-expectations dept.

ShipLives writes "Researchers have tested Google's app verification service (included in Android 4.2 last month), and found that it performed very poorly at identifying malware in apps. Specifically, the app verification service identified only ~15% of known malware in testing — whereas existing third-party security apps identified between 51% and 100% of known malware in testing."

7 of 99 comments (clear)

  1. False positive rate? by gman003 · · Score: 4, Interesting

    I wonder, what's the false positive rate on these "third-party" systems? It's easy to make a system that detects 100% of malware as malware - just deny everything.

  2. 15% detection rate? by Revotron · · Score: 4, Funny

    McAfee would kill for that.

  3. I don't want/need this on my phone. by DavidClarkeHR · · Score: 5, Insightful

    Well, it's a good thing there are 3rd party options.

    I don't want/need additional bloat on my phone - I don't install random apps, and I'm quite comfortable wiping the phone to update it. Sure, I'll use a scanner if/when I start installing random things, but it's basic online hygene. I don't install random programs on my computer, but I do use a 3rd party antivirus because of all the browsing I do. That isn't something I do on my phone, and when it is, I will take the appropriate precautions.

    --
    - Nec Impar Pluribus, or so I'm told.
  4. Bias? by Anonymous Coward · · Score: 5, Interesting

    The "researchers" tested the service a few days after it's release, and compared it with other similar apps that had months, if not years time to polish and get up to date?

    Will they follow up in 6 months? Doubtful, since the results would put Google near the lead, and this article looks like anti-Google.

    What happened to researchers these days? Where's the objectivity?

  5. Or maybe... by GeLeTo · · Score: 4, Insightful

    The malware developers test and try to circumvent the Google scanner and don't bother with third-party security apps. If Google buys an app with 100% detection rate and uses it in their scanner, guess what the detection rate will be a few months later.

  6. Re:It's a placebo by Anonymous Coward · · Score: 5, Insightful

    What malware problem?

    You mean the "problem" where a user downloads an .apk from a warez site, sideloads it into their phone, the phone tells them "hey, this program is requesting permission to look at everything on your phone's internal storage, send information to who-knows-what internet server, and make phone calls and send SMS messages on your dime, are you sure you want to go through with installing this" and the the user clicks "okay"?

    That "problem"? I'm not seeing the issue, here. I mean, at some point it becomes the user's fault.

  7. Re:Explain. by Cenan · · Score: 4, Informative

    All the samples fed to the various detectors were infected, that's the problem with this "research", they lack a control group.

    --
    ... whatever ...