Home

Share this Story

Google to Update “Verify Apps” Feature, Will Bring Continuous Monitoring Even After App Installation

Verify Apps

Introduced in Android 4.2, then rolled back to later versions of Android down to Android 2.3, the built-in Verify Apps feature works to detect shady applications that users sideload onto devices. As of right now, the program checks newly installed applications, then basically goes to sleep until a new app is sideloaded.

According to a Googler who spoke with Computer World, a universal update is on its way, bringing continuous monitoring for an even more secure Android experience. 

Once a new app is installed after the update, Verify Apps will continue working to make sure nothing shady is going on in the background. The system works with Google’s servers to cross check a list of threats Google is aware of. Once the system verifies that there is no threat, it’s back to sleep mode until a new app arrives.

Android Lead Security Engineer Adrian Ludwig spoke with CW, and stated the following.

We’re constantly updating what we’re aware of, so being able to detect those things where we’ve improved our coverage is valuable. We want to make sure that if that were to happen, a user would be made aware of it after the fact.

At this point, there really is a collection of services that we’re starting to think about as the Google security services for Android. We want to make sure there is no single point of failure within our platform so users can be protected.

CW reports that the update should hit all devices through a Google Play Services update, meaning it won’t be held back by OEMs or carriers. Be on the lookout over the next couple of weeks, and let us know if you spot the update on your device.

Good on you, Google.

Via: Computer World
  • James Monday

    Sounds good…as long as there is no impact to battery life or privacy invasion

  • Raven

    I just hope that they don’t suddenly decide that certain ad blocking and video streaming apps that have been pulled from Google Play are “shady” or “bad” and remove them without our consent.

    • Cowboydroid

      Easy fix…turn off the setting.

  • K

    I wonder if anything fishy will be picked up in regards to xposed…seeing as how I’ve seen a couple of write-ups expressing security concerns with it.

    • trwb

      What security concerns are there with xposed?

      • Adrynalyne

        It can be used for malicious purposes. Rooting has always brought that risk though.

        • trwb

          I see, the security concerns may be with the modules themselves. That’s why I do research on developers before using their products. But is there a real way to tell if a custom rom for example is “safe”. I have been kind of weary of anything root lately.

          • Adrynalyne

            You have to be pretty Android savvy (on the inner workings ) to be able to tell if a rom is safe.

            I will say this: most of the AOSP based roms out there are not even remotely safe because they use a signature made public. Google never intended people to use it, but they do anyway.

          • trwb

            Thanks for the info. So if I am using a N5 for instance I should probably switch to a Google Stock based rom?

          • Adrynalyne

            Maybe. I’d ask the developer if they are signing the ROM package and contents with their own keys. If they say no, I’d be leery of using it.

            CM has their own workaround for this, so this would be mainly for AOSP based Roms.

          • trwb

            Thanks man. I’ll have to do some more research. CM is basically safer to use then I take it? I have been using Roms for a long time but I have become suspicious of some if these n5 Roms lately.

          • Adrynalyne

            Yes, CM is safer as long as it was built by an official maintainer. You never know otherwise.

          • trwb

            Sounds good, thanks again for all the info.

      • K

        Google “xposed framework security” to get some examples. One xda dev I already know doesn’t use it and recommends others against using it. I still use it though since I love GravityBox but there’s always that potential for harmful stuff to occur

        • trwb

          Yea I stopped using xposed myself. Caused conflicts with the rom I am using. I am not a fan of xposed anyways.

  • gpaine

    Can someone help me understand? Does this mean sideloading is over???

    • K

      No. Google just wants to make this sideloads safer in the long run

      • gpaine

        Yay ok. Thanks!

  • The Narrator

    Good Guy Google

    • Franklin Ramsey

      It would be funny if it started blocking the Verizon Bloat apps.

      • The Narrator

        I wish

  • gambit07

    Complete tangent here, but is anybody else having issues with VZW? Haven’t been able to send or receive texts for the past few hours in Michigan.

    • jeff manning

      nope

    • http://androidforums.com/members/kwest12.html kwest12

      Yes, I’ve been effing around with my phone for about an hour now. Wiped everything and it’s booting back up now… I’m near Buffalo, NY.

    • http://androidforums.com/members/kwest12.html kwest12

      Yep. I have been having issues for about an hour (Buffalo, NY area). I just wiped my phone and it’s rebooting. I’ll let you know.

    • Menger40

      Verizon SMS is working fine for me in southern Wisconsin, just tested.

    • Franklin Ramsey

      My girlfriend said she has been having problems the last hour and a half but it seems to be working now.