Aug 24th, 2010


Remember the recently discovered and detailed exploit that found a way around Google’s new and supposedly improved security measures for installing pirated apps? While the initial announcement of a licensing server that would authenticate an app upon launch seemed like a step in the right direction, the recent news of how easily it was broken made some uneasy. Now the Android Developer team is firing back, giving reason to believe the licensing service isn’t as bad as it seems.

At the heart of the defense is the fact that an Android developer is able to make the licensing process unique to each application based on a template provided by Google. While the default template will work, it is by no means the most secure version. Google admits that the sample released was designed to be transparent and allow for developers to bounce new ideas off of at the risk of lower security. Developers using the sample provided as-is are not getting the most out of secure authentication.

You can read more of the points made over at the original blog post (source link below) that promises Google is doing its best to keep up with security needs and will continue to develop new methods and improve old ones to provide the most secure environment possible for developers to release software.

[via Android Developers Blog]