Hacker News new | past | comments | ask | show | jobs | submit login

Suppose an update is rolled out in app stores, and many people update to it. Suppose this new version contains surveillance instead of matching the published/reviewed code. Won't there be some substantial period of time during which many messages can be stolen before somebody eventually goes on twitter to say "hmm, wireshark shows more data than I'd expect" and/or "hmm, I can't get the source to build quite like the store's new apk"?



Then we're screwed. All mainstream applications running on modern general purpose computers are vulnerable to this.

You don't like that? Stop busting their balls and produce an alternative operating system and application update framework which is not vulnerable.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: