• henfredemars@infosec.pub
    link
    fedilink
    English
    arrow-up
    11
    ·
    9 months ago

    No. There is no room for anti-malware services in the Android design.

    Such software needs permissions that reach outside of the Android security model to do things like access other application data without its consent.

    Imagine for a moment that you could install anti malware with some kind of super user permission that lets the software access everything it needs to do its job. If so, malware would immediately attempt to use that feature as well, either to steal more of your data or inject itself into other applications.

    Play Services is special because it operates with much higher privileges than third party software can obtain.

    Now, in theory you can still scan applications before they are installed, but I would argue that there’s very limited value in doing so. If you’re installing software from sources you don’t trust, you have bigger problems. You can’t rely on a signature matching engine to detect malware in the general case.