While you might file this one under "really? we weren't doing this already?" if you're a security expert, Google has added stricter validation of APKs in Android "M" that should prevent what I guess you could call tinkering by omission.
Previously, APK validation checks looked at the SHA-1 signature for every file in said APK against those stored in the app's manifest.mf file, which is automatically generated during the signing process.
Read More[Android "M" Feature Spotlight] Stricter APK Validation Now Actually Checks If All Of An APK's Files Are Present was written by the awesome team at Android Police.
Android Match
Post a Comment