Slashdot Mirror

← Back to Stories (view on slashdot.org)

Two-Thirds of Android Antivirus Apps Are Total BS (tomsguide.com)

Posted by BeauHD on from the waste-of-time-and-money dept.

An anonymous reader quotes a report from Tom's Guide: Austrian antivirus-testing lab AV-Comparatives tested 250 antivirus apps in Google Play against 2,000 malware samples. They found that only 80 of the apps could stop even a minimal amount of malware. "Less than one in 10 of the apps tested defended against all 2,000 malicious apps, while over two-thirds failed to reach a block rate of even 30 percent," the lab said in a press release. To make sure you're protecting your Android device properly, stick to apps from well-known antivirus companies. Basically, AV-Comparatives said, most Android antivirus apps are phony, and many of them seemed to have been created only to display ads or promote a developer's career. "The main purpose of these apps seems to be generating easy revenue for their developers, rather than actually protecting their users," the AV-Comparatives report said.

40 of 67 comments (clear)

  1. App Store is enough by The+New+Guy+2.0 · · Score: 1

    As long as you're using your smartphone's official App Store, there's nothing that an antivirus has to do... bad code is recalled by the store, and there's little way to get around the rules of the store.

    1. Re:App Store is enough by Anonymous Coward · · Score: 1

      As long as you're using your smartphone's official App Store, there's nothing that an antivirus has to do... bad code is recalled by the store, and there's little way to get around the rules of the store.

      Right. That's why every AppStore that has ever existed has been filled with malware.

      Bad code gets removed . . . eventually. After it has been downloaded a few million times.

    2. Re: App Store is enough by astrofurter · · Score: 1

      The overwhelming majority of apps in the Google Play Store are straight up malware.

    3. Re: App Store is enough by kurkosdr · · Score: 1

      Source?

    4. Re: App Store is enough by astrofurter · · Score: 1

      Source: my own two eyes

    5. Re:App Store is enough by The+New+Guy+2.0 · · Score: 1

      Antivirus can only recall bad code when a signature is distributed.

  2. Fair Value of Antivirus for Andriod by The+New+Guy+2.0 · · Score: 1

    (Cost of incident) times (frequency the incident has happened)... equates to unknown times zero... antivirus is currently worthless.

    1. Re:Fair Value of Antivirus for Andriod by Krishnoid · · Score: 1

      In all fairness, the other third of the antivirus apps also keep dangerous animals at bay.

  3. Re:Less than 1 in 10? by The+New+Guy+2.0 · · Score: 1

    We really need to get antivirus down to a charity level of business... too many illegitimate stabs at profit going on here.

  4. the Google Play app store by FudRucker · · Score: 1, Informative

    is a shithole of junkware, anything good is buried under a thousands of shitware that is not worth bothering to download, Google should be ashamed of Google Play for allowing it to become just a HUGE pile of shitware

    --
    Politics is Treachery, Religion is Brainwashing
    1. Re:the Google Play app store by aybiss · · Score: 1

      Strangely though, I never feel the need to install thousands of apps to find that out, and love the apps that I know are good and have had installed on every phone for like 10 years now.

      --
      It's OK Bender, there's no such thing as 2.
    2. Re:the Google Play app store by brunes69 · · Score: 1

      Yeah, because the iTunes store is not also full of shitware...

      Have you ever tried searching for "Flashlight" on iTunes? How many apps are there? Tons of them are loaded with ads.

      Its the same Junkware on Apple store as Google store.

    3. Re:the Google Play app store by dcw3 · · Score: 1

      Have you ever tried searching for "Flashlight" on iTunes?

      Um, no because my fucking iPhone comes with a built in flashlight and I normally search for apps in the App Store, not iTunes. But to the overall point of the article, how many iPhones, iPads, iEtc., have ever had a problem with malware compared to Android?

      --
      Just another day in Paradise
  5. In what way were any good? by SuperKendall · · Score: 3, Interesting

    I am highly suspicious there is even a single AV app that is of any use, even if not actively harmful.

    --
    "There is more worth loving than we have strength to love." - Brian Jay Stanley
    1. Re: In what way were any good? by Lije+Baley · · Score: 1

      The remaining third of them were "complete B.S."

      --
      Strange things are afoot at the Circle-K.
    2. Re: In what way were any good? by Anonymous Coward · · Score: 1

      Frontline (that thing you put on your cat) stopped just as many viruses as most antivirus software. A&T basic OS updates do better than google itself

    3. Re:In what way were any good? by ctilsie242 · · Score: 4, Interesting

      I don't understand how AV can be of use on a phone, unless it was running as root. If it is running as just another unprivileged UID, it isn't going to do much.

      AV on computers may be justified to tick off checkboxes. On phones with mobile operating systems, the real security needs to be at the app stores.

      I wish Google could do a two tier security model:

      Tier 1 -- default tier, all apps are curated, scanned by Google's AI for potential mischief, and for an app developer to have an app in Tier 1, they must agree to more stringent requirements, and are put on notice that it doesn't take much for them to have their app chucked from the tier. This is what Amazon does with their Android app store.

      Tier 2 -- This is what would be the present state of the Google Play Store.

      From here, phones should default to only allow Tier 1, and just like sideloading, tell the user that they don't just walk into Mordor if they want to use Tier 2.

      This way, there can be a wide variety of apps, but users have a trustworthy source that is actively curated, and where there is zero mercy shown for developer shenanigans.

    4. Re:In what way were any good? by brunes69 · · Score: 2

      - Google already does "Tier 1" as you have it above.

      - The purpose of AV apps on Android is to protect you when you allow sideloading. If you use the Amazon app store, or the Aptoide app store, or want Fortnite, then you have to allow sideloading. Enabling sideloading opens up more possibility for attack vectors, especially if it is chained with another bug in Chrome or Firefox to let a web page silently install an app somehow. The way they work is they insert themselves as a new app install handler (Android allows this). Before the sideloaded APK is opened, it is scanned by the AV app.

    5. Re:In what way were any good? by kurkosdr · · Score: 2

      This. Thank you The Android sandboxing that prevents a random application from making deep modifications to the OS or from accessing privileged information is the exact same sandboxing that prevents antivirus software from being able to scan the deeper operating system. Think of Android as a non-admin Windows session where UAC prompts fail by default or a sudo-less Desktop Linux session. There is no way you can install a antivirus from that session. Most of these Android "AVs" just fetch a list of installed software (using the appropriate OS APIs) and compare against a blacklist, charging an obscene mark up for the "service". Which BTW the Play Store also does for free on GMS-enabled phones. Android AVs are a scam

    6. Re:In what way were any good? by drinkypoo · · Score: 1

      Tier 1 -- default tier, all apps are curated, scanned by Google's AI for potential mischief, and for an app developer to have an app in Tier 1, they must agree to more stringent requirements, and are put on notice that it doesn't take much for them to have their app chucked from the tier. This is what Amazon does with their Android app store.

      Isn't ES File Explorer still on the Amazon App Store? That's shady AF

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
  6. Re:Less than 1 in 10? by Anonymous Coward · · Score: 1

    Android is the "total BS" - 2/3 of the antivirus apps on the platform being BULLSHIT = the platform is ~2/3 BULLSHIT. Whatever you feel about AV software, fine, but this isn't even an attempt at the problem. It's a complete charade.

    And with the loose permissions on that platform, no doubt some of these anti-malware apps are closer to malware than they are AV.

  7. Re:Less than 1 in 10? by Anonymous Coward · · Score: 3, Informative

    So does that mean of the 2000, that 200 were OK? Care to give us a list?

    The answer to your questions, including the full list, are in the first link from the summary. Please, learn to use your left mousse button before posting on slashdot.

    The good ones, according to the article from the second link, are:

    Twenty-three apps did detect all malware samples AV-Comparatives threw at them, including Tom's Guide's top three picks: Bitdefender Mobile Security, Norton Mobile Security and Avast Mobile Security.

    Our sixth-place pick, Psafe DFNDR, was also in the 100-percent category, although AV-Comparatives noted that DFNDR used Avast's antivirus engine and had not updated itself to run properly on Android 8 Oreo and later. Lookout Mobile Security, our No. 5 pick, was a little behind the others with 99.6 percent. (Google's own Play Protect antivirus software did poorly, with a detection rate of only 69 percent.

  8. Re: Less than 1 in 10? by Anonymous Coward · · Score: 2, Insightful

    most Android antivirus apps are phony, and many of them seemed to have been created only to display ads

    And this is surprising . . . . . why?

    This is what happens when you create an environment based on "give everything away for free and make money from advertising".

  9. Two-Thirds of ALL Android Apps are total BS by Anonymous Coward · · Score: 2

    and that's being extremely generous

  10. Lets go make some $$$$ by wolfheart111 · · Score: 1

    Money Honey :)

    --
    [($)]
  11. that they found 250 to test in the first place.. by Anonymous Coward · · Score: 2

    ..ought to clue anyone in that the vast majority of them are absolutely bogus. there's probably less than a couple dozen legitimate developers of consumer 'antivirus' products, total, globally, with the resources to even have half a chance at developing and maintaining an 'anti malware' app for android that actually works.

  12. Re:Less than 1 in 10? by drinkypoo · · Score: 2

    We really need to get antivirus down to a charity level of business...

    It's possible to scan files on an Android device with ClamAV, a couple of different ways. As long as you get a rootable device, you can access enough files to make it worth scanning.

    --
    "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
  13. Viruses not the problem by The+Evil+Atheist · · Score: 4, Insightful

    Viruses haven't been a problem for a long time. Not when apps keep asking for permissions for things they shouldn't need, and trick/confuse the user into volunteering their personal data.

    --
    Those who do not learn from commit history are doomed to regress it.
    1. Re: Viruses not the problem by astrofurter · · Score: 1

      Most apps - including the useful ones - are malware. Android appears to have been designed with the goal of making it easy to data rape users.

  14. What is an Android virus? by reanjr · · Score: 1

    All the apps have very explicit permissions. Google blocks malware at the source at the Play Store when it is identified. I've never felt at all compelled to run antivirus on Android. What is the value?

  15. A bit harsh by godel_56 · · Score: 2

    The top 25 programs tested scored a hundred per cent detection rate and there were more below that in the high nineties, so the negative judgement is bit harsh. Moreover the ones that passed are all the usual suspects like Kaspersky, Avira, Avast etc which anyone with any knowledge would be more likely to buy, rather than some weird unknown brand.

    The moral is to stick with the established brands that you know.

  16. Itâ(TM)s all bs by highinthemountains · · Score: 1

    Considering that I have seen machines in my shop with every brand of antivirus on them, I tell my customers that if antivirus really worked, I wouldnâ(TM)t be in business. If itâ(TM)s a reputable antivirus and available for free, why pay for it? Whatâ(TM)s the real value of pay for antivirus? One day itâ(TM)s $9.95, the next itâ(TM)s $39.99 and the day after itâ(TM)s $79.99. Which tells me that itâ(TM)s value is whatever the market will bear.

  17. Fraud by found404 · · Score: 1

    When will Google rain down hell and fury at this nonsense? When will our own government take action against this reckless and fraudulent activity? In the age where there is no accountability in tech or simply no accountability anywhere... this is just another example of the shitshow we're all living through.

    1. Re:Fraud by Anne+Thwacks · · Score: 1
      When will Google rain down hell and fury at this nonsense?

      After they have sold all the ice from a frozen hell.

      --
      Sent from my ASR33 using ASCII
    2. Re:Fraud by dcw3 · · Score: 1

      Do we really want the government dictating more online shit? How'd that work out for Net neutrality? How'd that work out for healthcare? How'd it work out for the partisan shit show that we've had for the last couple decades?

      --
      Just another day in Paradise
  18. Miserable state of AV engines by Anonymous Coward · · Score: 1

    A colleague of mine has a "hobby" of fuzzing various antivirus engines with his custom tools designed mostly to test our own products. The amount of crashes, busyloops and other nasty failures he's able to trigger simply by almost blind fuzzing is amazing. He does tell of his findings to the AV engine vendors, but they tend to become mysteriously unresponsive after couple dozen crash reports in a week, or still finding crashes after several iterations of fixes...

    On this basis it's not hard to think that a highly resourceful attacker might actually consider AV engine an attack surface instead of an effective defence...

  19. How to avoid neednig AV products on Android by DrXym · · Score: 1, Insightful

    Don't download warez or other questionable software onto your phone, you idiots.

  20. Re:Less than 1 in 10? by rickb928 · · Score: 1

    OTOH, you apparently didn't read even the summary. And are too lazy to read the article.

    OTOH, you are an AC.

    --
    deleting the extra space after periods so i can stay relevant, yeah.
  21. Re: Less than 1 in 10? by rickb928 · · Score: 1

    The open market for what?

    For advertising, well, yeah, it's a wild market.

    For information? Well, this article is proof that an open market works. Else, you would never have known that these apps do nothing but display ads.

    And of course we all know advertising is purely for our benefit and edification, right?

    Just don't try to play dumb with us. You're actually dumber than you know in that.

    --
    deleting the extra space after periods so i can stay relevant, yeah.
  22. Actually 90% are garbage by neo-mkrey · · Score: 1

    It's right there in TFS -- only 1 in 10 sussed out all the malware.