Q1: Why is there a warning that “Headuck Call Blocker” is “harmful” program / “add unauthorized charges to your mobile bill by registering for recurring charges”?
A1: Google has a built-in and enabled-by-default malware scanning mechanism (“Google Play Protect”) in Android. It mistakenly classified “Headuck” as a malware engaged in billing fraud. (The details are in this article (Chinese)).
Q2: Is there any proof that this is a false alarm from “Google Play Protect”, not that “Headuck” actually contains malicious code?
A2: This page from Virus Total summarizes the scan results of dozens of anti-virus services on the App, based on the same version that was flagged by Google Play as malware. All these services gave negative results. If in doubt, you can download the APK from third-party Google Play mirror/archives, such as APKMonk, to verify that the scanned binary is the same as last published in Google Play.
Q3: “Google Play Protect” is Google’s official anti-malware mechanism. With Google’s standing, should I trust its scanning results more than other anti-virus services combined?
A3: To the contrary, “Google Play Protect” has a much higher rate of both false negatives (malicious programs not detected) and false positives (false alarm on harmless programs), compared with almost any other antivirus services. This is because Google tried to rely on machine learning (aka AI) rather than traditional manual analysis to detect malicious Apps. According to the latest review from AV-test over various anti-virus software, the false positive rate of “Google Play Protect” is consistently higher than that the average of its peers, often by an order of magnitude. On the other hand, in many months, only 60% to 70% of malicious App are detected. Other reports: T客邦 (Chinese), Tom’s Guide (English)
Q4: I have chosen not to delete “Headuck” after seeing the warning, but the phone keeps popping up the same warning?
A4: If you only download Apps from Google Play or other reliable sources, one way is to disable “Google Play Protect” in your device under Settings>Security (this page can also be reached from the new version of “Google Play”). As Apps from Google Play are already scanned before being made available for download, the risk is not high. If you do not feel comfortable for lack of malware protection, you should install other, more reliable antivirus software in any case, given how Google scored in this area. However, please note that there were reports that “Google Play Protect” may still disable the “Headuck” App in the background even if you have chosen not to delete it;
The recommended method is to download and install the “full version” of “Headuck” App from this page. If you have not deleted the App, your settings and data will be retained after installing the “full version”. It was reported that “Google Play Protect” has not issued warning for user of the “full version” (yet). However, if you install this version, it will not be updated automatically by Google Play. Please remember to check for updates in this page regularly in future.
Q5: What is the difference between the “full version” and the Google Play version?
A5: The Google Play version (0.2.17g) has some functions removed, after Google took down the App twice two years ago, and after Google stepped up restrictions on the use of call related permissions by Apps in Google Play. (Details of the took down is in this article, in Chinese). The removed functions are powering off the screen after blocking calls to save power, and erase of call history from the system log after blocking. On the other hand, the “full version” (0.2.17) retained these functions, and its APK continued to be available for download from this blog.
At present, if you download the “full version” and install it manually, it will not be automatically updated or notify the user when there is an update available. But the “duck” at the main App page could remind you of the update, and you may also keep a watch on new updates from this blog. In the future, update notifications and convenient update functions could be added.
Q6: Will “Headuck” be published on other app stores?
A6: The options are not yet studied in details at present, but it is understood that Samsung’s Galaxy App Store requires Apps to use Samsung’s unique features, so “Headuck” is not yet eligible. For Huawei, the AI of its phones will kill “Headuck” and this cannot be reliably prevented. It would thus seem asking for trouble to publish “Headuck” in their App Gallery which targets these devices.
Q7: Is there any way to support “Headuck” App?
A7: Thank you for your support. The false alarm by Google Play Protect on “Headuck” is expected to cause a large number of users to delete the App. However, the clarifications here can barely reach the majority of the users (estimated to have reached around one tenth of them). If you have introduced the App relatives, friends or elders or helped them install it, please remind them of the information on this page for an informed decision, or help them install the “full version”. Many thanks!