On Nov 16, 9:55 pm, strazzere <str...@gmail.com> wrote: > Since reversing an application is a rather menial task now, whats to > prevent a user from taking your application - stripping the protection > and re-releasing it? Not to mention that IMEI spoofing to an > application can be done with a little bit of research. >
Measures: - always sign application by digital signature; - distribute only over verified channels; - try to use obfuscation; - use server side activation. > More importantly, with your approach - what happens when someone > strips out the protection, throws it into a nice little program - then > bombs all the IMEI numbers they want? Then you'll have "pirates" being > blocked who well, never pirated your application. Seems like an easy > way to quickly make your blacklist pretty inaccurate. > Levels of piracy threat and maybe for example, auto-level reducing in specified period of time, will help. I mean if reported 5 or more piracy installs, then in half of year we do not track any problems with device, then we will reduce device level from red to brown. (hierarchy is: green, yellow, brown, red) > -Tim Strazzere > > On Nov 16, 2:02 pm, Rachel Blackman <ceruleanspa...@gmail.com> wrote: > > > > > On Nov 16, 2009, at 10:34 AM, nEx.Software wrote: > > > > Not to mention that just because someone might have pirated some app > > > at some time, doesn't mean that they pirated your app. > > > That's why it needs to be able to check against Google Checkout or > > > whatever payment processor is used... > > > Also not to mention how many people buy out-of-contract phones off of eBay > > to toy with new techy stuff. What if someone gets their phone's IMEI > > blacklisted in your database, goes and sells their phone, and someone > > innocent now picks up the phone and finds abruptly they can't use any of > > the apps linked into this antipiracy thing? (And lest you say that > > wouldn't happen, look at how many of the Xbox 360 consoles that have gotten > > locked out of Xbox Live abruptly ended up on eBay, while the folks who got > > locked out go get new consoles. After all, Xbox Live uses similar security > > methods, where the lockout applies to the hardware ID, not merely the > > account.) > > > This isn't to say that antipiracy methods aren't desirable or useful. Just > > that if they bite /innocent/ users as well, you'll have a headache to deal > > with. Look at how many 'I can't see this app in the market!' threads we > > already have, and how much frustration there is just from developers over > > that. Imagine the users adding to that with 'I paid for this app off the > > store, but when I try to run it claims I pirated it!' > > > In general, as a software developer, I tend to think that antipiracy > > methods that allow some pirates through are better than antipiracy methods > > that might flag innocent users as wrongdoers. -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
