Android 4.2 was announced along with the LG Nexus 4 and Nexus 10 by Google. This new version of Android succeeded Android 4.1 to bring some new features to the mix. Along with a few cosmetic tweaks to the system, Android 4.2 also brought something known as the Malware Scanner built into the system. This apparently, would scan sideloaded apps (apps which aren’t downloaded from the Play Store) for malware and reduce Android malware in general. But it has now come to light that the feature isn’t all that efficient. According to a computer science professor named Xuxian Jiang at the North Carolina State University, the anti-malware scanner built into the system does a bad job at preventing malware. Stating that third party anti-virus apps in the Play Store do a better job at preventing malware than what Google’s internal scanner does. That’s a shocking revelation, and a big blow to Google which appeared all set to kick the malware ghost out of the Android system. While Mr. Jiang appreciated Google’s efforts to bring a malware scanner into the system, its performance didn’t really show pleasing results.
Out of the 1,260 sample malware tested by Mr. Xiang on the Nexus 10, Google’s scanner could only detect only 193. This is a total detection rate of about 15.32%. The main reason for the failure of Google’s internal malware scanner is due to its heavy dependency on cryptographic hash signatures, which is basically how malicious apps are detected on Android 4.2. So basically, this won’t stop the developers from going over these limitations and getting their app through undetected. It is rather shameful that third party anti-virus applications are outperforming Google’s offering, but realistically speaking, Google didn’t quite announce this app scanner on a large scale. So it could well be in its early stages. And as Mr. Xiang rightly stated, this app scanner still has plenty of room for enhancements. Google has recently acquired app scanning client VirusTotal. This service too is believed to have surpassed Google’s internal scanner in terms of performance. So in the future, we should possibly see Google integrate VirusTotal with Android so as to make malware scanning more efficient.
Remember this is almost a non-issue if you’re getting your apps off the Google Play Store. The issue is pertaining to those users who often sideload apps from third party sources which don’t have proper clearances from the Play Store. In fact, it has been reported that malware coming out of the Google Play Store only accounts for 0.5% of all the malware. There’s reason to worry though, as all those claims of malware existing in Android are still fresh. And Google will have to act fast to fix this soon. For now it seems like users are better off with anti-virus apps like Kaspersky and Avast to keep their Android devices free from malware, instead of relying on Android 4.2’s internal scanner.