Is your text message inbox filled with more spam than texts from your real friends? The spam might be coming from that free version of Angry Birds you just downloaded from Google Play. Next time, search for and download apps from TrustGo Anti-Virus and Mobile Security version 1.0.6 (free). TrustGo, a new mobile security player, pioneers a killer feature: a secure, meta-search engine for apps that warns you not just of malware and permissions, but of intrusive ad networks. Unfortunately, TrustGo tested poorly when it came to detecting and blocking malware, such as viruses, Trojans, spyware, and root kits.
The app also comes with the usual basket of mobile security utilities, like remote controls, an app auditor, safe browser, and backup for contacts. TrustGo is offering all its features free for a limited time, and then it will shuffle some of these utilities to a paid Premium version.
S.A.F.E. App Searches My favorite feature in TrustGo is its "patent-pending" Secure App Finder Engine (SAFE), essentially a metasearch of over 1.5 million apps from more over 200 third-party app stores (and Google Play). Theoretically all the apps are scanned for malicious code, excessive permissions, and intrusive ad networks, by TrustGo's cloud network, which scans new apps every day.
Intrusive ad networks are probably the greatest threat to mobile devices these days, because there aren't any policies that limit how much information a mobile ad network can extract or push from your device. This issue first came to light this year, when a developer discovered that the Path app for iOS was extracting entire address books without a users' permission. The ad network 'Airpush' is also notorious for spewing spam texts and annoying ads in your notifications bar. It's not malware, but if given a choice, most users probably wouldn't want it peeking into their devices.
SAFE has four categories: Certified, Low Risk, High Risk, and Malicious. Malicious indicates a Trojan horse, worm, virus, or spyware. Certified indicates the app poses no threat. Low and High risk categories rank different levels of exploitation from ad networks to device modifications.
I searched for the Instagram app, and SAFE displayed results from three different app stores; all were Certified. It also listed a couple related apps as High Risk,like Instagram Porn Babes and Sketchgram 4 Instagram. When you tap the High Risk button, TrustGo displays the rationale behind the rating (the latter app contained AirPush). You can still download the app if you don't mind taking such risks.
I did find one inconsistency, though. Some apps that SAFE warned were risky went through TrustGo's app scan, a separate feature, as perfectly safe. Clearly, SAFE is strong on warning of app privacy intrusion, but TrustGo is weak on detecting.
Furthermore the SAFE search mechanism gives the Certified label to rooting apps, like 'z4root,' which actually shares code with other apps. It's not malicious, but certainly ambiguous. BitDefender's app auditor warns of rooting apps.
Poor Antivirus Protection TrustGo's otherwise-excellent app search engine is overshadowed by its poor virus detection. According to a March report by independent testing lab AV-test.org, TrustGo picked up only 30-40 percent of all the malware fed to it. Although TrustGo responded saying AV-Test reviewed a beta release, AV-Test told me there was no mention of the word "beta" in the app's documentation or screenshots. Since the February test however, TrustGo has released an incremental update with new virus definitions, but there's no test result for this available for that so far.
Meanwhile ten mobile security apps aced AV-Test.org's analysis, detected more than 90 percent of malware families. This includes Lookout for Android ($29.99/year direct, 4.5 stars), F-Secure Mobile Security, Kaspersky, Zoner, and McAfee.
See the rest here:
TrustGo Antivirus and Mobile Security 1.0.6 (for Android)