On Mon, Aug 30, 2010 at 3:11 AM, Kostya Vasilyev <kmans...@gmail.com> wrote: > There is nothing preventing two separate .apks, one with "read contacts" and > the other with "internet" permissions to do exactly the same as one > malicious app, steal contact info. It might not be obvious to the user at > all that the two apps are working together to do something bad.
Agreed. Developers have incentive to make their apps appear less scary. Either we give them the tools to do that without compromising security or they will find ways that make security worse (e.g., APKs that intentionally "leak" secured data/services). -- Mark Murphy (a Commons Guy) http://commonsware.com | http://github.com/commonsguy http://commonsware.com/blog | http://twitter.com/commonsguy Warescription: Three Android Books, Plus Updates, One Low Price! -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en