The hard-coded APK resource files never expire, and the shared scepter leads to information leaks and potential misuse.