[craftyguy]

What are you talking about?

The comment above has to do with package signing, which is a security feature. It prevents malicious software from replacing legitimate programs on your device (e.g. a malicious "messages" app cannot overwrite the legit "messages" app you installed). It doesn't have anything to do with DRM.

[guelo]

Basically, Google built important Android OS APIs into proprietary libraries that check that the API-implementing library is signed by Google. This is done for DRM purposes to prevent users from using alternate services and to give Google leverage over manufacturers that use the "open" Android OS. It does not benefit users or provide them any extra security.

[kuschku]

The package signing is only circumventable if you already have write access to /system.

That's all the μG team is asking for: If you already have write access to the entire system, at least provide a simple API to circumvent the signatures.