On Thu, Mar 10, 2011 at 11:16 AM, peterw <[email protected]> wrote: > And my thinking is > > "It would be nice if we could limit what apps are allowed to be > used, including 'core' apps." >
That I don't think has anything to do with the original question. Being able to remove a pre-installed app doesn't have anything to do with verifying certificates against cert authorities. I mean... those apps won't even be signed with a cert from a cert authority! Nothing in the core platform is signed that way. > Take a step back and consider the big picture. You (Google/ > Android.com) can't reliably update core apps to anything other than > your own Google Nexus brand phones since you have to work through at > least the handset vendor, and often (in countries like the US), the > cell phone company, too. If you can't guarantee that our Android > devices' WebKit browsers or POP3 clients or Calendar apps or whatever > have the latest security fixes, then give us a way to ensure that our > users can't use those apps. > Sorry you are hijacking this thread for your own discussion. And it is just weird, anyway. WebKit is not even an app. I understand your concern about not getting security updates... but, please, start your own thread or something. -- Dianne Hackborn Android framework engineer [email protected] Note: please don't send private questions to me, as I don't have time to provide private support, and so won't reply to such e-mails. All such questions should be posted on public forums, where I and others can see and answer them. -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
