TBH I would actually expect GrapheneOS not to disable these checks. GrapheneOS devs pride themselves to have the best implementation of the official Android security model, and enforcing signature checks is likely part of that…
They might add additional certificates I guess, to allow their own apps, and maybe a selected few others.
But the app might refuse to run without those checks being done. Or a new format, apkx2 I don’t know, might only be able to be decrypted with the proper key and only once verification. It’s not a new tactic. I’m very, very glad to see this type of development finally happening (though, admittedly, a couple decades later than of hoped), but it’s now a new ballgame, and google owns the stadium, the seating pricing, and concessions, the parking lot, and ticketing counter. I’m concerned we’ve waited too long. What’s GOS’s plans for this? They’re, essentially, going to have to create a new ecosystem, with most of the growing pains of new ecosystems.
Custom ROMs should be able to disable the checks. My bigger concern is what it does to the open app ecosystem as a whole.
TBH I would actually expect GrapheneOS not to disable these checks. GrapheneOS devs pride themselves to have the best implementation of the official Android security model, and enforcing signature checks is likely part of that…
They might add additional certificates I guess, to allow their own apps, and maybe a selected few others.
But the app might refuse to run without those checks being done. Or a new format, apkx2 I don’t know, might only be able to be decrypted with the proper key and only once verification. It’s not a new tactic. I’m very, very glad to see this type of development finally happening (though, admittedly, a couple decades later than of hoped), but it’s now a new ballgame, and google owns the stadium, the seating pricing, and concessions, the parking lot, and ticketing counter. I’m concerned we’ve waited too long. What’s GOS’s plans for this? They’re, essentially, going to have to create a new ecosystem, with most of the growing pains of new ecosystems.