* Home Help Search Login Register  

Welcome, Guest. Please login or register.
Did you miss your activation email?
May 21, 2013, 11:20:10 PM

Login with username, password and session length

663478 Posts
70539 Topics
145198 Members
Latest Member: seelam

more news...
Search:     Advanced search | Tag Cloud
+  Welcome to the Comodo Forum
|-+  Security Products & Services
| |-+  Comodo Mobile Security - CMS
| | |-+  Are Android Apps Signed?		 « previous next »
Pages: [1] Go Down Print
Author Topic: Are Android Apps Signed?  (Read 1756 times)
Graham1
Comodo's Hero
*****
Offline Offline

Posts: 1511
« on: March 07, 2012, 08:04:48 AM »
Are Android apps signed like Windows executables. If so, I would like to see a "trusted software vendors" list added to CMS.

Knowing how CIS works, I feel a little unsafe that a rogue app "may" make it onto my phone and CMS's antivirus database will not be aware of it.

Smiley
Logged
John Buchanan
The greatest victory comes from the battle within.
Global Moderator
Comodo's Hero
*****
Offline Offline

Posts: 5421


Personal Dragons can be defeated. Improve yourself
« Reply #1 on: March 07, 2012, 08:51:03 AM »
I doubt that would happen as lots of apps are written by individual people in their home and uploaded to the app store.
Logged
Please follow Comodo Forum Policy
JoWa
Product Translator
Global Moderator
Comodo's Hero
*****
Offline Offline

Posts: 2934
« Reply #2 on: March 07, 2012, 11:47:01 AM »
They are signed, but:
Quote
The certificate does not need to be signed by a certificate authority: it is perfectly allowable, and typical, for Android applications to use self-signed certificates.
https://developer.android.com/guide/publishing/app-signing.html
Logged
Ubuntu 13.04, 64-bit | Chrome 27β | Asus P8Z77-M | Intel Core i5 2500K 3,3GHz | 2×4 GB RAM | SSD: OCZ Vertex3 60GB, HDD: 2TB Western Digital Caviar Black | Dell UltraSharp 24" U2410 IPS | Sony MDR-XB1000 | Philips SBC AH1000
Graham1
Comodo's Hero
*****
Offline Offline

Posts: 1511
« Reply #3 on: March 08, 2012, 03:24:56 AM »
Is it possible for rogue apps to be installed silently (maybe from visiting websites, etc) on an android phone without the users consent? I'm just thinking that maybe CMS is playing catchup like your windows antivirus software and should rely on a more proactive solution. Maybe Android offers something similar that I'm not aware of.

Smiley
Logged
JoWa
Product Translator
Global Moderator
Comodo's Hero
*****
Offline Offline

Posts: 2934
« Reply #4 on: March 08, 2012, 03:39:01 AM »
I hope not allowing “unknown sources” in the settings (default) prevents such installs.

A TVL would probably work, but I don’t expect Comodo to add self-signed certificates.

* install-non-market-apps-blocked-android.png (27.86 KB, 377x348 - viewed 5 times.)
« Last Edit: March 08, 2012, 03:44:38 AM by JoWa » Logged
Ubuntu 13.04, 64-bit | Chrome 27β | Asus P8Z77-M | Intel Core i5 2500K 3,3GHz | 2×4 GB RAM | SSD: OCZ Vertex3 60GB, HDD: 2TB Western Digital Caviar Black | Dell UltraSharp 24" U2410 IPS | Sony MDR-XB1000 | Philips SBC AH1000
Tags:
Pages: [1] Go Up Print 
« previous next »
Jump to:  

SSL Certificate Free Virus Removal Firewall
Page created in 0.03 seconds with 21 queries.
Powered by SMF 1.1.18 | SMF © 2006, Simple Machines Design by 7dana.com