back to article Freebie Android anti-malware scanners flunk tests

Many free-of-charge antivirus products fail to protect Android smartphone against malware effectively, leaving users with a false sense of security as a result. Tests by antivirus testing lab AV-Test.org revealed that the best freebie Android anti-virus scanner, Zoner Antivirus, caught 32 per cent of 160 recent Android threats …

COMMENTS

This topic is closed for new posts.
  1. ed2020

    ...leaving users with a false sense of security as a result...

    I'd argue the same can be said of most free and paid-for AV software for any OS. Nothing's going to have a 100% detection rate and anything less than 100% is going to leave many users with a false sense of security.

    Having said that ~10% detection rate is absolutely pathetic. The publishers should be done under the Trade Descriptions Act.

  2. Silverburn
    Meh

    One can't help but feel...

    ...that the open nature of android has made it it's own worst enemy, thus requiring AV tools in the first place.

    That sound you hear is the Fandroids sharpening their downvotes, completely ignoring the possibility that I might actually have a point.

    For balance, it should be noted that at least Droid users are aware that malware exists; IOS users still have the "it won't happen to me" attitude.

    1. Marcelo Rodrigues
      FAIL

      Yeah, right

      Because the closed nature of Windows turned it into a fortress, with no malware whatsoever...

      1. GitMeMyShootinIrons

        A different kind of closed.

        The difference is architectural. Windows is a closed, proprietary platform, but you can install what you want on it. In an application sense, Windows as a platform is very 'open'.

        iOS is a closed, proprietary platform with a walled-garden approach to apps. The AppStore is tightly policed, so massively reducing the likelihood of malware - on the flipside, the walled garden can be considered as 'closed'.

  3. Anonymous Coward
    FAIL

    Android Malware Scanners?

    Come on get real... Android Malware "problem" is being vastly over-exaggerated.

    The bottom line is if you have left that "allow non-marketplace apps" tickbox unticked, and you quickly check the app permissions and download count before installing, then you have nothing to fear.

    The only people saying otherwise are those trying to sell you an app to protect you. Of course they aren't allowed to make scanners for iOS, as Apple control that, and it suits Apple to pretend there are no Malware problems on iOS (but there have been plenty of occurrences of stuff slipping pas their all seeing eye).

    1. Anonymous Coward
      Anonymous Coward

      Fandroid Alert: Shitpeas

      Plenty of occurances of stuff slipping past the non-seeing eye on android too...thus the requirement for scanners, and the premise for the article. Especially relevant when those scanners have the performance of chocolate teapots.

      Typical fandroid/fanboi response; underplay the significance (You just need to X,Y & Z and its not a problem), then divert attention by blaming "the other side" for having the same issue, but somehow it's much worse.

      Personally, I'm worried by that fact my scanner is f* all use, whether I download marketplace-only apps or not.

    2. Dr. Vesselin Bontchev
      Boffin

      "Android Malware "problem" is being vastly over-exaggerated."

      Percentage-wise, the Android Malware problem is growing faster than any other malware problem. While there are no viruses for this platform yet, the number of new Trojan horses discovered has reached in the range of several per day (on average). Given that there were just a handful in existence about a year ago, this is tremendous growth. And it is just a matter of time until a full-fledged worm appears. (We have botnets already.)

      "The bottom line is if you have left that "allow non-marketplace apps" tickbox unticked, and you quickly check the app permissions and download count before installing, then you have nothing to fear."

      You are very much mistaken here. First of all, there have been several cases of malware appearing on the "official" marketplace (and Google had to pull it very fast). Second, there are ways to bypass the permissions protection by using already existing apps. For instance, a malicious app might not request the permission to access the Internet, yet still do so by using an already installed browser app that can act as a server.

      "The only people saying otherwise are those trying to sell you an app to protect you."

      The test was of FREE protecting apps, in case you haven't noticed. The results sound about right, too - in the AV business, when you get a free anti-virus program, you usually get what you pay for. (Sadly, the opposite is not necessarily true - buying a paid AV program doesn't guarantee you quality.)

      I wholeheartedly agree with your remark about iOS, though.

    3. sandman

      Maybe not too exaggerated

      I'm not really sure that the folks on this forum (myself included) really have much idea about the usage patterns of the average totally non-techie phone user. I would suspect that many users will see an app they like the look of, download it, click YES in any dialogue box and then suffer the consequences. It was hard enough persuading PC users in one company I worked for not to just download and install whatever they fancied, despite draconian threats, up to and including dismissal. I'm not sure that a hell of a lot of phone users are any different.

      1. eulampios

        une différence

        I would mostly agree with you, that the problem of Android stores does exist. However, there is a huge difference between the threats on Android and Ms-like OS's. People commenting here as always come from the latter, they are blind to it this subtlty.

        Once again, the difference, is that on Android EVERY app is running under a distinct (virtual ) user with its own set of privileges. The set of privileges are stated before the installation. Hence when you install an app to play non-network games which want to access Internet, text messages, contacts and call placing, you might wonder why? And say "no" to it. If an app is using a vulnerability to access a service via an undocumented way, it is a different story.

        I am not an Android fan, do not own one. I would rather have a real GNU/Linux phone, otherwise there's too much to cross-compile on it to my own liking :)

    4. heyrick Silver badge

      Quickly check app permissions?

      No, you don't want to do this quickly, you want to do this CAREFULLY. Example - MoboPlayer, a nice video playback tool.

      Permissions - usual rubbish: full internet access, access storage, control audio, read phone state... then when you tap on More and scoll down, you see the interesting permission "Discover known accounts".

      I have installed this as MoboPlayer deals with stuff that other stuff either won't touch or messes up. But "Discover known accounts"? Why? I've emailed the author, no reply.

      That said, the Android permissions system is somewhat broken. YOU, the user, don't get any say in what you are willing to let an app access, you accept or you don't. Why is "indentity" lumped in with phone state? I've only ever seen "full internet access" - so to permit in-app advertising, you are expected to let it access whatever it wants? I could go on, but I think you get the point...

      1. Charles 9

        It's their way or the highway.

        Basically, most conscientious app developers want the say. Especially those reliant on ad revenues. Otherwise, there's no money in it for them, so no incentive to put the app up, so no app. Over on the other side, Apple does the same thing to the developers. Just as developers want the final say or they won't publish, so Apple wants the FINAL final say or they won't vet your app.

        As for people jabbing Windows, you're looking at the wrong angle. Closed APP, but open PLATFORM. Same story here. And the main reason Apple can keep the walled garden closed is because they control the walls--both App and Platform are CLOSED in the Apple ecosystem.

    5. Anonymous Coward
      Anonymous Coward

      Android Malware "problem" is being vastly over-exaggerated ???

      ROTFLMAO!

      Enjoy living in your dream world while you can.

      You ain't seen nuthin' yet.

  4. Anonymous Coward
    Anonymous Coward

    I wonder if the Smsung Security App they just released on the Samsung market is any good.

  5. Tchou
    Pirate

    In other words...

    ... Will you pay for the app damn it! If we want to beat Apple AppStore we have to play with real cash! We're no amateurs! Understood?

    1. we all know how irritating it is having to interact with the shopkeeper in any way Silver badge

      Not only...

      ... do you need a Google account to get onto the android market, but you also need to enter a phone number. What's all that about? I don't mind having a Google account, because I can use my android phone via Wifi and log on. But if I have to give them a phone number as well well I don't think so. If I can't use their service anonymously I choose... NOT to use their service.

  6. Alastair Dodd 1
    FAIL

    muh???

    without including one of the most popular (lookout) for less than good reasons this survey seems rubbish. Just another paid for by AV companies attempt to push people into buying products they don't need to.

  7. Anonymous Coward
    Anonymous Coward

    Microsoft patent

    160 viruses eh? Well I think we can see why so many Android manufacturers are signing patent deals with Microsoft.

    Maybe Android's fragmentation isn't so bad after all. One virus might not fit all ;)

  8. Anonymous Coward
    Anonymous Coward

    "deliberately attempting to infected freshly cleaned devices"

    Either you've got your verb tenses badly mangled, or this test took place in a time-machine travelling from future to past. Someone send for Dr. Dan Streetmentioner!

  9. Stuart Halliday
    Facepalm

    Gee so many AV android apps missed out. I wonder why?

    Maybe they would have made the commerical apps look bad?

    If you're gonna do a review at least use some of the most popular about app detectors?

    Even ES Security Manager was missing.

  10. Anonymous Coward
    Anonymous Coward

    Shame they didn't include Dr Web

    They offer a free android AV too.

  11. Anonymous Coward
    Anonymous Coward

    Free AV no use

    Who'da thunk it?

    1. Anonymous Coward
      Anonymous Coward

      No, it is a surprise.

      Free AVs on desktop PCs are well up to the par of paid-for ones. It's definitely news that we can't assume the same holds on smartphones.

  12. The Original Ash
    Flame

    Excluded LookOut?

    I don't care if they have alternate, paid services; Either make it a comprehensive review of the most popular products, or shut your pie hole If the next 5 most used products total users don't even come close to the number 1, how can you exclude it? Oddly enough, I'm using LookOut right now. Boy, would I just LOVE to know how that faired in the test, but I guess I don't get to know.

    Thanks a bunch, AV-Test. Go choke yourselves.

  13. thesykes
    FAIL

    what's the point?

    Ignoring the top apps makes this survey pointless. Do it properly, or don't do it at all..

  14. Lloyd

    Has anyone got AVG stats?

    I ask as I'm using it and am curious as to how it performs.

  15. rollseyes
    FAIL

    Who paid for this?

    Those Germans claim to be independent but how come they left some of the most obvious free brand-name-recognition products out while randomly picking others? Because there is a paid-for version? Test the free versions at least. Who in their right mind picks some random no-name, non-accountable crap for security anyway? Well, right.. a couple of 100k idiots, but let evolution sort them out.

    1. Anonymous Coward
      Anonymous Coward

      Independent?

      If you don't pay to have your program tested, don't expect a good review.

  16. Anonymous Coward
    Anonymous Coward

    Installed Lookout, no idea really how well it works...

    Running Cyanogen 7 on my Desire, so I'm pretty aware I've "opened up" my phone to potential threats, by the simple process of root access.

    I've installed Lookout and I really don't have a clue whether it's effective or not.

    The reality is, when installing an application, do you physically check the processes running on your android and what they are actually doing?

    As a geek, I really should be doing that, but ... heck, so much to do, so little time.

    I kinda rely on the reviews / userbase of an app before installing it - if there's no reviews and very few users, I tend to steer well clear.

    1. Anonymous Coward
      Anonymous Coward

      This is one of the main reasons I chose the iOS route.

      The last thing I want to do is mess with anti-virus/malware/worms on my phone. I spend enough of my workday doing that.

      Maybe my trust is misplaced, but it's nice just using a device and not worrying about security etc.

  17. Gordon Fecyk
    FAIL

    And what about unknown threats?

    "...32 per cent of 160 recent Android threats"

    So that's 51 or 52 out of 160 recent, and I shall presume "known" threats. Thus exposing the same old flaw in convention anti-virus products, catching things after the fact.

    Catching unknown threats has long been possible in the PC world, yet only really implemented by Messagelabs / Symantec.Cloud. And Symantec isn't helping that brand any.

    So tell me there aren't known heuristics, or profiles, for malware on the Android OS after six years and four major versions. No certain characteristics, such as stack-smashing code, calls to write to privileged spaces, and so on.

  18. Anonymous Coward
    Anonymous Coward

    Useless because omits paid for products and the popular free Outlook App.

    These time wasters left out several popular and better free anti-malware Apps, which is inexcusable. Any proper reviewer would review all relevant products including paid for ones, given some of the paid for ones are probably useless too!

    Cost should not be an issue, given how cheap most paid for Apps.are.

  19. Anonymous Coward
    Anonymous Coward

    Who is AV-test?

    Who finances it? What is it selling? Call me cynical.

    1. Anonymous Coward
      Anonymous Coward

      You are cynical

    2. Anonymous Coward
      Anonymous Coward

      Who is AV-test?

      If you were really cynical you would have asked "Does paying more for testing your program give you a higher score?"

  20. Framitz
    FAIL

    So, the study is BS

    Leaving out the free versions of some of the more popular AV products invalidates the study making it MEANINGLESS.

  21. illiad

    C'mon, el reg.... :P

    do a quick search for 'best android av' and you will find a lot better 'source' for an article!!!! :)

    lookout and AVG 5th & 6th,,, BUT!! you need to read the article from dottech at 5..

    http://dottech.org/mobile/android/best-free-apps/22803/android-best-free-antivirus/

    lookout AFAICS does not do files or web, so be careful and fully read the article to see if you will get enough protection!

    what do you prefer, a dead OS, or dead battery???

This topic is closed for new posts.

Other stories you might like