【リレー時評】「頑固」もいい加減にせよ=白垣 詔男

日本ジャーナリストクラブ(JCJ)
1 day 13 hours ago
 高市早苗首相は、非常に頑固だ。 自ら国会を解散した時期から計算したら、予算の年度末成立は無理だと誰が考えても分かる。しかし、高市は、年度を越えて予算審議が続いた際も、「出来るだけ最短で成立させよ」と側近に告げたと新聞で報道されている。「独り相撲が際立つ」との見出しも付いているほどだ。 高市の「頑固さ」は最近、多く表面化するようになってきた。 私がこの間、高市の「頑固さ」を感じたのは、「憲法」「アジア太平洋地域」という言葉を、自ら話すときには絶対に使わないことに気付いたからだ..
JCJ

Milestone 1.0.0 Release of APK Downloader `apkeep` Powers Research on Android Apps

EFF update
2 days 7 hours ago

Last week, we released apkeep version 1.0.0, the latest edition of our command-line Android package downloading software. Rather than indicating major changes for the project, this milestone instead signifies arriving at a relatively stable and mature place after gradual iteration on the project over the course of over four years.

What’s New in 1.0.0

We do have a few fresh features we’ve packed into this latest release, though—all focused on the Google Play Store: 

  • You can now download a dex metadata file associated with an app containing a Cloud Profile, which provides information on app performance based on real usage. 
  • You can now provide a token generated by the Aurora Store’s dispenser to log in anonymously for app downloads. 
  • Users can specify their own device profiles when downloading apps from Google Play, which the store uses to deliver the app variant which works for your particular device specifications. 
  • We’ve also fixed an authentication bug introduced by the Play Store API.

In addition to the various Linux, Windows, and Android environments we support, we’re also happy to announce that since the last release in October we’ve been included in Homebrew for macOS users!

How Researchers Use apkeep to Understand the Android App Landscape

Researchers and users contributed most of the features of this release, including downloading dex metadata containing Google’s Cloud Profiles. This feature helps them use the tool in their own research of highlighting how these Android compilation profiles can be a vital source of information for evaluating dynamic testing. Numerous other projects have cited apkeep usage in their own workflows. For example, Exodus Privacy uses it to power the εxodus tool’s downloads when they monitor the privacy properties of apps. Various research teams have noted their own use of the tool in whitepapers, including one team who used the tool to download 21,154 apps in a widespread study of Android evasive malware. We are proud to provide a reliable tool in the toolbox they use to power their work.

What’s in Store for apkeep?

Our goals with apkeep have remained constant: provide a reliable, fast, and safe way to download apps from multiple app providers, not just the Google Play Store. While we’ve focused on it as the major Android app provider of choice across much of the world, we’ve expanded support to other stores as well, such as F-Droid for downloading open source apps. We’d like to continue broadening apkeep’s list of supported providers, to make it easy to do comparative analysis of apps provided in different contexts. For this, we’d love your contributions.

How You Can Help

If you’re using apkeep as part of your own toolbox (whether using it to do malware analysis, auditing apps, or simply using it as an app archiving tool), let us know! And if you like what we do, please consider donating to EFF to support our work.

Bill Budington