On Thu, May 12, 2011 at 5:29 PM, Shine <[email protected]> wrote: >> > Does this work at all? The signature is different from the public key, so >> > it >> > shouldn't. > > Yes it works, I wrote "MY_LONG_PUBLIC_KEY", but I meant "signature". >
It turns out the 'Signature' you get from the PackageManager it's actually the public key used to signed the app, that's whey it works. It was either poorly named or the meaning changed somewhere along the line. It's still an effective check to see if someone re-packaged your app and signed it with their own key (assuming they didn't yank the actual check routine from the app). I do agree that spending too much effort on making your app pirate-proof is not worthed. If someone is determined to crack your app (motivated by the chance to make money of this), they will eventually manage it. I'm still interested in different ways to achieve it though. Speaking of which, looking forward for the 'Stopping Vampires' talk to show up on youtube. -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
