[android-discuss] Secure Distribution of "Company" Apps MikeG Wed Feb 29 17:00:17 2012
I work for a company that wants to deliver apps to its users to their personal mobile devices; without letting the devices behind the firewall. Solution is to put up a web distribution point in the DMZ and require folks to log in with their domain (or whatever) account. After much much testing we find that this is not possible with a stock Android phone. Amazingly, using the stock browser you can authenticate to a web server for the standard "web" mime types, htm, xml, txt, pdf, etc, but - and this has to be an oversight - you cannot authenticate for an .apk file. Yes the mime-type is set on the server, you can d/l .apk anonymously no problem. You can even install Firefox on your device and d/l the authenticated file. Still - this inability to authenticate an apk from the default browsers surely is a mistake, right? Or maybe I am missing something obvious.. So, since this appears not to be a core capability of the phone, how do you distribute a sensitive app to your company in a secure manner that does not involve a public market, a USB cable or installing a more capable browser on your Android Device. We have not tested with an ICS device yet, but even if it works, there are millions of pre-ICS devices that apparently have this same limitation. Looking for ideas on Secure App Distribution. -- You received this message because you are subscribed to the Google Groups "Android Discuss" group. To post to this group, send email to [EMAIL PROTECTED] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/android-discuss?hl=en.
- [android-discuss] Secure Distribution of "Company" Apps MikeG 2012/02/29 <=
- Re: [android-discuss] Secure Distribution of "Company" Apps c beck 2012/02/29