> > I think there are other patterns for this, like betas, that have > worked with success. Also, what you're describing is a more controlled > scenario than what I inferred from a StumbleUpon-style service. >
Yes those were very different than a StumbleUpon-style service. I was listing some other possible uses of the technology that hopefully didn't raise as many security issues. Getting back to the StumbleUpon-style service I believe a lot of the security issues can be reduced by limiting the permissions available to the dynamic applications. Split the app into two pieces, a UI APK and a host APK. They are signed with different certs so they are independent. The host APK has a limited set of permissions (no SMS, network, etc). The dynamic apps must route all network, sms, contact, etc requests to the UI apk. The UI apk then asks the user if the request is ok. Ignoring performance and usability issues and focusing on the security issue, does this sound secure? Kenneth -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
