On Tue, Dec 6, 2011 at 2:18 PM, RLScott <[email protected]> wrote:
> > > On Dec 6, 11:28 am, a1 <[email protected]> wrote: > > ..it's really easy to crack any licencing > > solution even if code is obfuscated. > > That depends on how interwoven the licensing is with the application. > I plan on making the effort needed to crack the licensing comparable > to the effort needed to understand the workings of the app itself. > > But what is the value of an obfuscator? If the source code names have > been stripped out of the byte code (except for the system calls, of > course, which need external linkage) then any variables or methods > that I use for licensing will appear just like all the other variables > and methods in my app. Their use can only be inferred by their > association with suspected licensing system calls, like calls to get > the Android_ID or wi-fi MAC address. And these associations can be > made as distant as you like, limited only by the complexity you are > willing to tolerate in your licensing code and the extent to which you > are willing to let that code be interwoven with normal application > code. > > You can make them distant, but you can still (fairly easily) produce a control flow graph and do analysis to trace back... > Besides, if I am distributing outside of the marketplace, what other > choice do I have? > None, obfuscation is a continuum, if you obsfucate your app a little, you make cut out the chunk of script kiddies that will run your apk through baksamli and friends and then try to java code from a dex to class tool and decompiler, but you won't ever get people that really want what you have. The flip side is that those people probably won't be all that interested in your app, they have better things to hack (this isn't intended as an insult to you, it's to your advantage!) kris -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
