In this part, app is valid or not becomes important for
Android market. A known fact in Android market, any app
can be downloaded from it without accessing a significant
quantity of personal data which is different in App Store.
The Android Market usually exploits user's pennission to
perfonn downloading the apps which can acquire root-level
privileges to obtain any needed resources from operation
system. For example, the App Store's method acquires
developed app need to be signed using apple's private key.
However, Android allows the apps which can be self-signed
and uses these signatures for bookkeeping, not to control
what code can fUll. In addition, instead of using a top-down
approach to malware prevention and Apple's reviewer
comments mechanism, Android uses crowd sourcing which
relies on users' download rate and comments on apps. If
enough people complain about one app, then it will be
removed from the Market. This kind of mechanism is
relatively easy for a malicious developer to manipulate.
However, apple's reviewer comments method perhaps
ensures the security of app in App Store. But the process of
reviewing costs long time which seriously affects the works
of real-time app such as anti-virus app. It is the most
important problem we need to concern; some apps need to
update their critical contents in time for ensuring the apps
can achieve their functionalities. This drawback won't be
presented on Android market, but its security and privacy
isn't better than App Store. A better approach is to use
source code examination to replace the crowd sourcing and
reviewer's comments. The main reason behind it is that it
not only reduces the checking time of a reviewer but also
provide a stronger protection to Android market.