I read that .apk files have to be signed for the security reasons, but how does it prevent me from using apktool to add anything I want to the .apk and then using a different tool to sigh it and then distribute it?
How does it make it secure?
What is the purpose of signing .apk files?
54 Views Asked by Mikhail Ivanov At
1
There are 1 best solutions below
Related Questions in APK
- INSTALL_FAILED_DUPLICATE_PERMISSION: Package
- How to solve Execution failed for task ':generateReleaseBuildConfig'. error in a flutter project
- Does server-side content security policy exist for youtube video player API, app, mod apks and website?
- Widgets show in debug apk but are grey blocks in the release apk
- mergeDebugResources FAILED
- Can't decompile APK file properly
- How does Android handle APK apps data?
- Flutter built apk when opened in samsung phone is opening Samsung heath app
- Kivy/KivyMD convert to APK - different UI on PC and device with Android
- Android application with arguments via manifest
- Why am i getting black screen on kivy app
- In Android Studio, I am attempting to create a home page resembling the layout of Instagram's feed, where posts are displayed
- Flutter Google Play version not launching as opposed to APK with the same code
- Problem when executing the bubblewrap build command
- Touch Problem with slider on Android 12 compared to Android 8 in vuejs webapp in WebView
Related Questions in APKTOOL
- Can't install after recompiled android code
- Apktool doesn't recompile, even the app unmodified
- Unable to access (any) jar file
- Apktool recompile options
- Recompiled APK throws error "This release is not compliant with the Google Play 64-bit requirement"
- apktool doesn't compile changes into apk
- Change Location of data in Android APK file
- IMAGE NOT SHOWING android apk
- Recompiled APK not installing because it exists even though it's uninstalled
- Invalid register Must be between v0 and v15, inclusive
- Apktool Error Caused by: org.jf.util.ExceptionWithContext: Error while writing instruction at code offset 0x2
- Decompiled APK with apktool has hex digits in AndroidManifest.xml
- how do i convert Smali files to readable classes
- java.lang.IncompatibleClassChangeError: Found interface com.android.launcher3.util.FlagOp, but class was expected
- Decompile android APK with Apktool for analysis?
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular # Hahtags
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
APK files are signed to make the update process secure.
If you have an app installed and want to update it to a newer version Android enforces that the update APK file contains an APK signature generated by the same private key as the original installed APK file.
This prevent attacks where people publish unofficial "special versions" (malicious) of common apps and decoy users of the app to install this unofficial update and get access to the app internal data like authentication data or other sensitive data.
And that you can modify an APK using apktool and the resign it with a different key and it still works is because the app developer forgot to use the existing functions to verify the app is properly signed with the correct signature key.