Google Play Protect Vs Antivirus


Personally I use the Virustotal app and Avira.
Bitdefender tends to beat it slightly in protection, but Avira has a handy web portal you can manage the device with.


So, we should have AV software on an Android phone afterall? At least of you install sketchy apps?


I think that is the key. If you don’t side load and only use a few well known apps, you probably don’t need it.

AFAIK, isn’t Play Protect just a checker, that compares what is installed against a list of known infected apps?


I have an issue with these AV test organisations. AV-Test is listed as a for profit organisation on Crunchbase. Who funds them?

If you don’t root your phone, careful about what you’re granting permissions to, and sticking to the Play Store, I don’t see the point on AV on Android. It is of limited use as you’ll end up having to grant permissions to the AV for it to function “correctly”.


Mostly harmless… To quote Douglas Adams (THHGTTG was 42 at the weekend!)

There have been many instances of malware getting through the Play Store. But these are obscure apps from unknown publishers, in the main, I think there was one case of a well known app producer’s certificate being abused.

But, in general, as you say, if you stick to Play Store (and well known and trusted apps) and don’t root or side load, there is little need for AV - I’d also suggest not using Chrome, but there again, I’m a paranoid Infosec’er.


Perhaps you should read the article and see how they tested before making judgement.

The various AV spotted new and old malware available in the play store.
The tests were to see how well they worked against known malware and new.
Google play store fails to detect much of the known samples.
Known samples were all in circulation for up to 4 weeks.
As they are well known, Play Store Protect should have spotted all of them as the AV did.

This about side-loading risks as much as it is about the risk from the google play store.
Do you really want me to populate this thread with the vast amount of news stories for the past year where google have found more festering malware with millions of downloads that bypassed their automated checks ?

Compare that to the distinct lack of any stories at all regarding malware in F-Droid.
Side-loading is fine if your app-store of choice builds all the binaries themselves and ban any in-app security holes such as advertising.
If you want to stay safe, avoid the google store and only use F-Droid.
Google could easily include F-Droid as a trusted app store, but that would be competition so they won’t.

@Pommster umm, and what ? and Google isn’t also for profit ?
Odd reason to pick for not trusting the review from a company that won’t make any money from the public based on article.
The AV companies are the ones that will pick up sales, but the best few have free options anyway so it is still about protection over spending money, or making it.
Do you not trust TWiT reviews because they are for profit ?


I am saying if they are funded by the AV makers then they may have an ulterior motive. You can’t say that hasn’t happened before in other areas. I trust TWiT review more than the comparison sites that’s for sure. But like anything in life, don’t just take a single source to work out the truth.


You are correct about the Play Store not being immune as a method of malware distribution. However…

The problem is, there are a lot of for-profit organisations that do “puff pieces” for hire. I’ve worked for several companies that have used industry press (chemical, food & beverages, IT) to get their own agenda across. Likewise there are test organisations that will give you a seal of approval, if you pay enough.

I’m not accusing AV Test of this, I don’t know how they are financed or whether there is an agenda there, just pointing out that it is standard industry practice to use organisations for hire to get puff pieces, certificates, seals of approval etc. that show what you want them to show etc.

I worked on one certificate and seal of approval (from a well renowned, independent testing organisation), I produced all the documentation, put all the processes in place to obtain the certificate that our product was secure, worked with the certification agency, corrected procedures and hardware security. A week after we got the certificate, all of the processes were put on ice and never used again, customer’s systems weren’t updated, the release procedures for patches were ignored. “Hey, we’ve got the cert, why waste money on all these procedures?”

Given that @Leo goes to pains to say he doesn’t accept review products, generally, and he pays for all the stuff out of his/the company’s pocket, yes, I give it more weight than many “industry” portals that either receive review kit or are paid to produce reviews.