On Mon, Aug 30, 2010 at 3:11 AM, Kostya Vasilyev <[email protected]> wrote: > There is nothing preventing two separate .apks, one with "read contacts" and > the other with "internet" permissions to do exactly the same as one > malicious app, steal contact info. It might not be obvious to the user at > all that the two apps are working together to do something bad.
Agreed. Developers have incentive to make their apps appear less scary. Either we give them the tools to do that without compromising security or they will find ways that make security worse (e.g., APKs that intentionally "leak" secured data/services). -- Mark Murphy (a Commons Guy) http://commonsware.com | http://github.com/commonsguy http://commonsware.com/blog | http://twitter.com/commonsguy Warescription: Three Android Books, Plus Updates, One Low Price! -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
