

Half of All Android Devices Vulnerable to Hijacking Attacks - msantillan
http://www.tripwire.com/state-of-security/latest-security-news/half-of-all-android-devices-vulnerable-to-hijacking-attacks-researchers-say/

======
ptx
So presumably this can be fixed by having the app store/repository copy the
APK to its private storage before installing it?

The package cache could then still be on the SD card if there's a separate
checksum which is checked (after copying the file to private storage) each
time.

