Hacker News new | past | comments | ask | show | jobs | submit login

As far as I know, I was at a security conference in January, there is no code signing and no sandbox on Android. That is not a good scenario for "security".



Wrong and wrong. Sandbox overview here: http://programming4.us/mobile/1290.aspx

Code signing is involved, to verify that particular apps have the same source, and that updates have the same source as the original app. (That's about all it's good for.)

Briefly: each signing key gets its own UID on the phone. Unix file permissions are used to restrict access to files, devices, and other facilities. In some cases, kernel hacks are required to make this possible; the Android kernel only lets you open a TCP socket if you're a member of a particular group.

If there's a local root exploit, you can still bypass all of this --- but the same is true on iOS.


What good is code signing if you don't know whether "Myournet" is a trustworthy source of "Hot Screaming Japanese Girls"?


You are absolutely wrong. All apps in the Market are signed, and apps are sandboxed by running them with separate Unix userids.


Okay I am wrong.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: