The article states:
"Even when mangles in ProGuard the licensing library code is easily
found automatically. Since you compile the licensing library into your
own code you can make some changes to it to make it harder to find when
obfuscated though."
Perhaps it is possible for Google to re-implement LVL with more
attention to security, before it's widely rolled out?
Doing it as part of Market application, with only simple allow/deny
passed over RPC is probably more secure. Market app is signed with the
platform key, and the firmware checks the signature, right?
Various protection policies could be managed by the server, based on
settings in the developer console. I think having two basic ones (strict
and cached, with configurable frequency and number of checks) would
probably cover a vast majority of what's needed.
-- Kostya
24.08.2010 1:50, Brad пишет:
Well, just as I was finishing adding LVL support to my apps, I come
across this article:
http://www.androidpolice.com/2010/08/23/exclusive-report-googles-android-market-license-verification-easily-circumvented-will-not-stop-pirates/
Of course we all knew that this new copy protection could be broken
(as is the case for all DRM), but I guess I had hoped that it would
take a little more effort. Looks like this will turn out to be a
"one-click" crack.
Will Google up the ante? Is it a lost cause on such an open platform?
--
Kostya Vasilev -- WiFi Manager + pretty widget -- http://kmansoft.wordpress.com
--
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en
