←back to thread

A theoretical way to circumvent Android developer verification

(enaix.github.io)
194 points sleirsgoevy | 1 comments | 31 Oct 25 20:20 UTC | HN request time: 0.25s | source
Show context
VladStanimir ◴[01 Nov 25 09:31 UTC] No.45780362[source]
I am not a app developer however from what I read on the android developer site you just need to provide some form of id, the singing key and the app id.

You don't have to distribute via the app store, you dont have to get Googles permission to publish the app or have them sign it.

This looks like purely app validation, we only run apps we can prove originate from the author.

replies(2): >>45781210 #>>45783449 #
1. huem0n ◴[01 Nov 25 12:44 UTC] No.45781210[source]
Under that logic, even if the app is "malicious" it would still be possible to install it. And thats not true, if somthing is deemed malicious, its blocked. Is app that hurts Google's dominance "malicious"? Who is it that decides what is malicious?