I check the signature in my app. But I use reflection to do all calls to get the answer and I dynamically generate up the strings to pass into the reflection in various places throughout the app and in different orders. And even then I use reflection to further convert the signature to a hash and then throughout the app I check the odd character in the hash to make sure it matches the same character in the correct hash. This means that you can't find a mention of "PackageManager", "PackageInfo", "Signature" or 0x40 in any text or imported class and you also won't find the signature or the hash clearly visible anywhere. At the very least this isn't something that anti-lvl can currently spot.
Plus, after I similarly decompiled a hacked version of my app, I added a mild tweak to the lvl code and I can see that newly hacked versions of my app haven't spotted that change so are failing constantly. :-) HTH. -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
