Many people must have seen the report that the information security company found a certain Android app to be a malicious program, reminding everyone to delete it as soon as possible. The myth that downloaded apps are not necessarily safe.

Everyone knows that it is very important to protect mobile phone personal information, but many people don’t know how to do it, and they don’t know what tools can be used. Google invited Zhang Lechao, the business development manager of Google Play, and has many years of experience in Android App development. The total download Lu Yusheng, an independent developer with a volume of over 100 million, will share with you how to prevent malicious programs and learn how Google Play blocks malicious programs.

Both of them are people who deal with apps and developers every day. The reminder method is also very easy to practice. I will share it with you here. We use mobile phones every day, and we really need to supplement our digital security knowledge!

How many malicious programs are there in the open platform?

First of all, it may be necessary to decipher the myth that B3F-1006 many people think that Android is an open platform, everyone can put a program for users to download, and Google Play does not seem to be very strict in reviewing the apps on the shelves, so there are many problematic programs. ?

In fact, this idea is somewhat misunderstood.

Android is an open platform. This "openness" means that all parties can participate, including developers can write and put applications on the shelves, there can be different application stores, users can download apps through many channels, and manufacturers can also use Android The OS makes different devices, but this does not mean that no unit is in control of the information security testing of mobile phone brands, nor does it mean that putting the program on the Google Play does not require review.

Therefore, the user is infringed by malicious programs. The reason may be that the user accidentally downloads the problem app, or the mobile phone is modified by the manufacturer's own system program code, not only related to whether the system is open or closed.

Lu Yusheng mentioned to us that closed systems may still be maliciously attacked, but open systems can gather the efforts of everyone to detect/fix vulnerabilities. From this perspective, open source platforms may be relatively safe.

Uncensored on Google Play?

The second myth is that Google Play doesn't seem to be very strict in censoring apps listed?

This is a big misunderstanding. Of course, Google Play has a review mechanism before listing.

Zhang Lechao, application and game business development manager of Google Play, mentioned that Google Play has formulated the "Developer Program Policy", "Developer Release Agreement" and other specifications, requiring developers to make programs on the shelves, and to fully comply with them when updating functions in the future. The listed specifications include that developers must clearly explain in the application the behavior of the application to access, use and share data, and developers can only request the use of necessary permissions and APIs to access confidential information... etc. The content of the specification is very thin.

Google Play will undergo machine review, as well as manual review. The machine review part will often use machine learning to enhance the accuracy of review, thereby reducing the chance of malicious programs appearing on Google Play. According to Google statistics, in 2020, Google Play successfully blocked more than 960,000 apps that violated security policies, and banned nearly 120,000 malicious program developer accounts.

Since August this year, Google Play has also begun to implement a new policy, requiring developers to provide real names, addresses, and verifiable email addresses, phone numbers and other information, and will track them from time to time to ensure that each account is owned by a real person. create.

So how can ordinary Android users avoid malicious program attacks?

It can be divided into pre-installation) and post-installation.

Before installation: choose devices carefully, choose sources carefully, read permissions carefully

Lu Yusheng first suggested that users should choose mobile phone brands carefully and avoid buying devices from unknown manufacturers, because there may be the risk of loopholes caused by the modified program code (it is also possible that the agent has not checked them out). At the same time, the system should be updated regularly, and the security patches should be updated in real time (if the mobile phone manufacturer has launched it....).

The second is to choose the source of the app carefully. For example, it is relatively safe to download through Google Play. If you want to download from the outside, it is best to pay attention to the app store or official website to see if it has the same specifications and commitments as Google Play, and take a look Whether there is a list in the store which permissions the app requires, whether it is reasonable, and do not easily download programs from unknown sources.

The third is to pay attention to program permissions.

If you want to install it from Google Play, you can click "About this app" before downloading, and then scroll down to the bottom, click "App Permissions", which will show which functions/services this program will access to the phone, you can make a preliminary judgment There is no request to strange, unreasonable permissions.

However, many people may still not be able to judge whether the permissions are reasonable from these words. We can still deal with this after installation, and we will talk about it later.

In addition to permissions, Zhang Lechao also mentioned that you can read everyone's comments before downloading to see if there are any user response problems, and then decide whether to install it or not.

Or you can check whether the developer has left a real email and address (for example, go to Google Maps for comparison), or you can link to the developer's website, or click the developer's name to see what other programs he has, and then look at the Comment, to judge whether the developer has a problem.

In April next year, Google Play will also launch a "Google Play Data Security Zone".

Google will require developers to fill out the Play Management Center form, specifying the program's privacy, security practices, access rights, how to collect information, uses, how to protect.... and other security-related information, and will open the area for Consumers can inquire, so as to know more about your data and which mobile phone functions this program will use before downloading, so as to help judge.

After installation: scan programs, control access permissions

If it has been installed and you do not know whether the program is risky, you can scan it through "Google Play Security" to confirm.

Click on the avatar in the upper right corner of the Google Play homepage, you can see "Play Security", and click Scan to help you check whether the installed app is harmful.

Play Security automatically scans every day to identify and catch apps that may have problems. If it catches a more serious program, it will automatically delete it for you. If there is a problem but not too serious, it will disable the program. In addition, Play Security also provides offline scanning. Although it will be automatically scanned, it is recommended to manually scan to confirm the safety after downloading the program from the outside.

How does Play Security catch and deal with unsafe programs?

Through the external inspection mechanism on the cloud, it will grasp more program data for comparison, and in the identification process, it will also use machine learning optimization algorithms to catch the ever-changing variant malicious programs.

Google Play will also be classified according to the safety and danger level. If it is judged as harmful by the algorithm, it will be blocked. If you are not sure whether the program is safe or harmful, it will also be marked as potentially harmful. Not to be listed.

In addition to scanning, you can also pay attention to permissions during the use process.

After Android 6, there is a design that after the program is installed, the required permissions will not be enabled immediately, but when you want to use a certain function of the program, you will be asked if you want to agree to a certain permission. At this time, you can pay attention to The requested permission is related to the function you are currently using. For example, it is very strange that the photo editing app requires the microphone or call record permission.

If you have allowed all permissions before, you don't have to worry too much. There are many post-event measures in Android.

The most basic is to view the authorizations allowed by individual programs in the Settings app. If you still don’t understand, you can click the three dots in the upper right corner to view all the permissions of this program and the purpose of accessing these permissions. If you think it is not necessary, you can change it to reject, or ask every time.

For example, location, camera, and microphone are relatively sensitive permissions. In programs with doubts, you can conservatively set permissions to ask every time.

Android 12 adds usage reminders. When a program is accessing the camera or microphone, there will be a small green dot at the top of the screen. In the drop-down control center, you can also temporarily turn on/off these two permissions. (For example, when you gossip about people behind your back, turn it off first to be safe).

Another feature of Android 12 is that on the privacy information home page, you can check which programs have used which permissions in the past 24 hours, and the location, camera, and microphone will even list the usage timeline.

Both of the above are currently available in the Pixel 6.

Android also has a mechanism to automatically remove permissions that have not been used for several months. This function can be turned on in the application's permission, and in the "Permission Manager" of Settings - Privacy Settings, you can see the system help Which permissions have you removed from which programs.

These are the methods provided in the Android system to help you manage permissions,

If you have ever felt abnormal power consumption and data consumption when using a program, abnormal power loss during standby, or have installed an app from an unknown source, you may be able to pay more attention and check the power or screen time function. Recently enabled programs, and check whether the program has unreasonable permissions.

Because malicious programs will also look for breaches of protection, always pay attention to vigilance, and it is also important to have information security awareness. For example, you can actively use the Play security protection scanner, or if possible, enable the two-step account password login mechanism.

Google Play has also sorted out the three most important privacy protections:

Do not download unsolicited programs.

Do not blindly allow application requests.

Don't let your guard down.

Protecting information security may not be an interesting function, but it is very important, and it can avoid trouble and prevent problems before they happen. I hope the above sharing can help everyone.