|
|
|
|
|
|
by twr
3481 days ago
|
|
|
> Everyone else has to go with the binaries they distribute which, as the other poster has correctly argued, cannot be independently verified. Do you have reverse engineering experience on Android? APK uses the zip format. Extract its contents and compare those, minus the META-INF directory, which contains digests and a detached PKCS#7 signature. Apps whose code output isn't reproducible can still be compared with a varying amount of IDA analysis. |
|
|