This is just a theory, I'm no dev. So my question is to the devs. Would it be possible to modify a system APK, adding an exploitable vulnerability, and replace it. Replacing the existing market with the new one was simple, and I know some system APKs can be modified in an archive program without screwing up the signature. In theory shouldn't it be possible to introduce a vulnerability this way? Let me know what you think.