Hi all, using this code: PackageManager pm = getPackageManager(); try { PackageInfo info = pm.getPackageInfo(getPackageName(), 64); Signature [] sig = info.signatures; sigstring = new String(sig[0].toChars()); } catch (Exception e) { e.printStackTrace(); } return sigstring;
I can get signature of every package in the system. How can I deny other apps (except my apps and Android system) to read my package signature? I want to make sure it is original app, not changed by hacker (i.e. signed by my own private key) when run. But for now I see that hacker can easily patch my code by embedding signature, he read from my original package. Maybe there is another way to make sure package is original? -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en