Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Whilst the play store supposedly scans all apps for malicious behaviour, it's pretty easy to detect the test environment they use for testing and make malicious behaviour only trigger in situations Google doesn't test - eg. 5 days after installation, only if the device IP address changes at least once.




I'd imagine the dalvik part to be pretty open to static analysis?

On the desktop JVM, I've seen bytecode that decompiled to a form more readable than the original source I got access to later...

reply


Yes, but the JVM allows so much use of reflection that it's easy to hide an interpreter and then hide everything else from any static analysis.

reply




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: