On Tue, Jan 15, 2013 at 8:27 PM, Nikolay Elenkov <[email protected]> wrote: > On Wed, Jan 16, 2013 at 4:00 AM, btschumy <[email protected]> wrote: >> On Monday, January 14, 2013 7:05:37 PM UTC-7, Nikolay Elenkov wrote: >> >>> >>> This is not particularly reliable: if I repackage your app, I can >>> change whatever >>> 'internal' values you have. >> >> >> Perhaps I'm wrong, but a cracker shouldn't be able to modify the code and >> re-sign it with our signature. If that is possible it defeats the whole >> purpose of digital signatures, right? >> > > You are mostly right. However, they don't have to sign with your key, just > any valid key. The signature/certificate only matters if you are updating > an app. If it is a new install (e.g., download paid app from an > all-you-can-eat > site) anything goes. The usual way to crack these things is unpackage, > decompile, disable licensing checks, etc., repackage, sign. Your own > signature/certificate is usually quite irrelevant.
To add some weight to this discussion, I worked on a system which does exactly this. Your signature is basically to ensure that your app can't get huge numbers of installs and then be compromised with people releasing malicious updates in your name. (But then again, this is how most Android malware pops up: people crack your app, put some malware in it, and then release it as free.) Kris -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
