My apologies if this is not the right place to ask these questions (in which case, I'd appreciate a pointer to a better spot).
First, thanks to all who presented at the Android Developer Summit last week! The previewed Instant Run feature of Android Studio 2.0 seems cool. From a security standpoint, I am worried about the implementation. Based on the Summit presentations, an Instant Run app has a server listening for outside commands to cause it to load in replacement classes and resources. Such a server represents a very powerful attack surface. How is this server being implemented, to ensure that the only accepted commands are coming from an active development session from adb on an authorized developer machine? For example, what's to stop another app on the test device from sending commands to this server? Many developers use personal hardware for testing, as they lack the budget for dedicated test hardware. Also, how can distribution channels detect an Instant Run-augmented APK? I presume that it will be difficult to somehow ship an APK with the Instant Run server embedded in it. However, Android developers are a very creative bunch of folks, where "difficult" is something that they do twice before breakfast. :-) If I were running an app distribution channel, I would want to scan APKs and ensure that the Instant Run's server isn't in there, as there is no obvious reason for this to be in a production APK and there's no point in running the Instant Run server unnecessarily. Thanks! -- Mark Murphy (a Commons Guy) https://commonsware.com | https://github.com/commonsguy https://commonsware.com/blog | https://twitter.com/commonsguy -- You received this message because you are subscribed to the Google Groups "adt-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
