|
|
|
|
|
|
by sigmar
3692 days ago
|
|
|
In the example you provide, you are trusting google in the same way you are trusting every SSL cert authority. What you are responding to is a reference to the signing of the APK, which is not (and cannot be) done by google even if the security of the transport layer is compromised. |
|
|