By default, does Android scan every app you install for malware,
or does Android only scan apps installed from the Google Play Store?

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Wolf Greenblatt, 2024-06-02 23:13:

By default, does Android scan every app you install for malware,
or does Android only scan apps installed from the Google Play Store?

That also depends on the device as well since some manufactures modify
the official version of Android to their needs and some provide their
own security solutions like Xiaomi.

However, by default Android will scan every app regardless where it came
from.

Also see: Settings -> Security & privacy -> App security -> Play protect
and the the "Play Protect settings" you can open with the settings icon
on the top right. In these settings there is also the following option,
which is enabled by default:

Improve harmful app detection
Send unknown apps to Google for better detection

And "unknown apps" means apps which you did not install using Google
Play but by using an APK file or alternative sources like F-Droid.

--
Arno Welzel
https://arnowelzel.de

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2024-06-03 14:11, Arno Welzel wrote:

Wolf Greenblatt, 2024-06-02 23:13:

By default, does Android scan every app you install for malware,
or does Android only scan apps installed from the Google Play Store?

That also depends on the device as well since some manufactures modify
the official version of Android to their needs and some provide their
own security solutions like Xiaomi.

However, by default Android will scan every app regardless where it came from.

Also see: Settings -> Security & privacy -> App security -> Play protect
and the the "Play Protect settings" you can open with the settings icon
on the top right. In these settings there is also the following option,
which is enabled by default:

Improve harmful app detection
Send unknown apps to Google for better detection

And "unknown apps" means apps which you did not install using Google
Play but by using an APK file or alternative sources like F-Droid.

I assume that applications on the google play server are scanned "by the server", in advance, and other applications are scanned later, dunno if
locally or after they are uploaded for scan at the server. Oh, rather
the later: it says "Send unknown apps to Google for better detection"

--
Cheers, Carlos.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Carlos E.R., 2024-06-03 15:34:

On 2024-06-03 14:11, Arno Welzel wrote:

[...]

Also see: Settings -> Security & privacy -> App security -> Play protect
and the the "Play Protect settings" you can open with the settings icon
on the top right. In these settings there is also the following option,
which is enabled by default:

Improve harmful app detection
Send unknown apps to Google for better detection

And "unknown apps" means apps which you did not install using Google
Play but by using an APK file or alternative sources like F-Droid.

I assume that applications on the google play server are scanned "by the server", in advance, and other applications are scanned later, dunno if locally or after they are uploaded for scan at the server. Oh, rather
the later: it says "Send unknown apps to Google for better detection"

I assume, Google Play services create some kind of signature for every
app and maintain a catalogue of known signatures of malicious apps and
app versions. Whenever a new app from outside of Google Play is
installed, the check will be, if the signature of that app is already
known and if not, it will be send for verification to the Google Play
servers where it will get scanned and the signature along with the scan
result will be stored. So next time the same app package will be
installed by someone else, Google Play already knows the signature and
can warn the user or stop the installation if the app is known to be
malicious.

--
Arno Welzel
https://arnowelzel.de

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2024-06-03 17:36, Arno Welzel wrote:

Carlos E.R., 2024-06-03 15:34:

On 2024-06-03 14:11, Arno Welzel wrote:

[...]

Also see: Settings -> Security & privacy -> App security -> Play protect >>> and the the "Play Protect settings" you can open with the settings icon
on the top right. In these settings there is also the following option,
which is enabled by default:

Improve harmful app detection
Send unknown apps to Google for better detection

And "unknown apps" means apps which you did not install using Google
Play but by using an APK file or alternative sources like F-Droid.

I assume that applications on the google play server are scanned "by the
server", in advance, and other applications are scanned later, dunno if
locally or after they are uploaded for scan at the server. Oh, rather
the later: it says "Send unknown apps to Google for better detection"

I assume, Google Play services create some kind of signature for every
app and maintain a catalogue of known signatures of malicious apps and
app versions. Whenever a new app from outside of Google Play is
installed, the check will be, if the signature of that app is already
known and if not, it will be send for verification to the Google Play
servers where it will get scanned and the signature along with the scan result will be stored. So next time the same app package will be
installed by someone else, Google Play already knows the signature and
can warn the user or stop the installation if the app is known to be malicious.

Probably.

However, if a single download is found malicious, all downloads of the
same name will be flagged as suspicious, I suppose.


--
Cheers, Carlos.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)