Wow, this looks like an incredible starting point for relegating Android to an app framework inside a sandbox:https://github.com/microg
-
-
Replying to @RichFelker
Google will let you license Play Services if you make an alternate environment for running Android apps that fully passes the CTS.
2 replies 0 retweets 2 likes -
Replying to @CopperheadOS @RichFelker
microG isn't connected to that. It's far from offering full compatibility and has significant robustness / security issues vs. real thing.
2 replies 0 retweets 0 likes -
-
Replying to @RichFelker
For one thing, it fundamentally relies on breaking the signature-based security model by allowing microG to falsely pass signature checks.
2 replies 0 retweets 2 likes -
Replying to @CopperheadOS @RichFelker
They never changed their required OS patch to reduce the scope of the signature faking to make it less of a security hole.
2 replies 0 retweets 0 likes -
Replying to @CopperheadOS
How is the signature checking useful to me as the user?
2 replies 0 retweets 0 likes -
Replying to @RichFelker @CopperheadOS
I want/need to verify signature when downloading app. No interest in one app checking another's sig or even seeing the other.
1 reply 0 retweets 0 likes -
Replying to @RichFelker
They are signature checks for IPC. For example, a mail client verifying that it's really talking to the GPG encryption app.
1 reply 0 retweets 0 likes
All that matters is that its talking to an app I installed in same sandbox and told it to talk to. Signature is 100% irrelevant.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.