On Sep 23, 11:24 pm, Dianne Hackborn <[email protected]> wrote: > Actually signatures is the certificate as a binary blob. This is what the > platform uses to compare .apk certs; you can compare the binary data against > your own values if you want. >
This sounds actually quite promising - although would the "trusted" dataset (that we are checking incoming connections against) need to be updated on every build (which was my impression) with this method ? jelford -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
