As long as your quoting my blog, you might as well read it. If you do - you'll quickly find out that your whole protection scheme is moot.
Yes, like I said, ANDROID_ID is spoofable - it is "less so" since it was moved into the secure.settings. Though IMEI is also spoofable, along with any other identifier you pick. Heck -- it's even easier to patch one bit and resign you application if someone *actually* wants to get around the protection without spoofing something. On Dec 2, 3:25 am, AlexK <[email protected]> wrote: > ANDROID_ID compromized > > http://strazzere.com/blog/?tag=android_id > > On Dec 1, 12:23 am, strazzere <[email protected]> wrote: > > > Alex, can you please clarify something for us? > > > > Today we did check of our sales. And found interesting aspects: > > > 1) 4% of people that install pirated copy after "black list" > > > discussions and news over internet decide to buy application; > > > How are you getting this number -- from your technical support it > > appears; > > > "How to track piracy ? > > It's simple: difference between activations and sales give you a > > number of pirated copies." > > Source:http://www.artfulbits.com/Support/forum.aspx?g=posts&t=23 > > > Just wondering where the "4%" is coming from, or if it's just that a > > few copies where sold. Or maybe someone emailed you wondering why > > their rapidshare'ed apk wasn't working? > > > Also, I never actually got a response to my email on this thread... > > It's somewhere on the first page, maybe post 18 or 19. Anyway, I ask > > why you aren't just using the ANDROID_ID? It's obtainable without > > using any extra permissions, does not entail the same (though it could > > be argued) privacy concerns, and it still links you to a specific > > device? I've looked through your documentation and your FAQ and > > haven't really found any reason as to exactly why your using the IMEI > > over the ANDROID_ID? *Yes*, you could spoof the ANDROID_ID, but it's > > also just a easily done to crack the application/remove the check, or > > even spoof the IMEI. > > > Last, I'm wondering exactly how this pans out for how the purchasing > > of the application works with Google Market and your protection > > system. Currently the purchase is linked to my Google Checkout account > > - NOT my device. This means when I transferred from my G1 to myTouch I > > didn't lose any applications I've purchased. With your protection > > system along with the way you "count" the piracy, aren't your going to > > wrongly find "pirates" among real customers? Just for example... If > > I've bought your products, transfer phones and sell my phone. Whoever > > buys my phone is correct under your protection system in using the > > application since it's linked to the device. Though when I fire up the > > market on my new device using the same account, it will allow me to > > download the applications I've previously paid for. Though your > > protection mechanism is going to label me a pirate and mark my IMEI. > > Do you guys handle this situation any specific way? > > > --Tim Strazzere > > > On Nov 30, 12:11 pm, AlexK <[email protected]> wrote: > > > > Hi, > > > > Today we did check of our sales. And found interesting aspects: > > > 1) 4% of people that install pirated copy after "black list" > > > discussions and news over internet decide to buy application; > > > > This is really good news! > > > > 2) after changing protection and converting old versions into "honey > > > pots" we catch 10-15 users per day that still trying to activate > > > pirated version of the product. Quite interesting that those user > > > simply don't want to search over web and find manufacture web page or > > > alternative to Android Market. They prefer to download copy from > > > rapidshare (or something similar) and install it. > > > > 3) Russian file exchange servers have the most problematic support. > > > After we ask to close illegal content, they continue to ignore us... > > > and after one week and tones of e-mails they decide to stop content > > > sharing... > > > > 4) We decide to make open source library for other developers that > > > will provide advanced licensing technology for everyone who wants it. > > > We hope our efforts will help vendors to protect own investments. > > > > Thanks, > > > Good Luck > > > > On Nov 16, 1:12 pm, AlexK <[email protected]> wrote: > > > > > Our company starts todayanti-piracyinitiative against piracy that > > > > already happened on Android Market. We request all vendors and > > > > developers to support this initiative. > > > > > Piracy become a threat for vendors that publishing application on > > > > Android Market! It is not a joke, it is a real threat. > > > > > Our last application publishing shows how bad is situation on the > > > > Android Market. Only 20% of all installs are legal, other 80% are in > > > > piracy hands. > > > > > Google does not provide any actions to stop piracy, so we as a vendor > > > > that provide software for Android Market, have to think about > > > > protection measures. Piracy is threat that cannot be target easily and > > > > eliminated in one day. Only join of all vendors can help inanti-piracy. > > > > > ArtfulBits company decide to start from today "AndroidAnti-piracy > > > > Movement" with main goal: "protect vendors and punish piracy". > > > > > Our next steps are: > > > > - Petition to Google with request to provide betteranti-piracy > > > > protocols for Android Market; > > > > - Collective anti-Google charge, from side of vendors that loose money > > > > due to Google "security holes" in Android Market application > > > > distribution channel; > > > > - Public web service "Black List", that helps all developer to check > > > > is there application installed on pirate phone; > > > > - Joining of the software vendors over that problem for finding > > > > betteranti-piracystrategies; > > > > - Identification of the roots of piracy, that make possible Android > > > > Market software leaking and contribution them to justice. > > > > > A little later today we will open "black-list" database of devices, > > > > where was installed stolen version of applications. In addition, we > > > > will provide "easy code" for all developers that can be integrated > > > > into own application and during first start, check is phone in "black > > > > list" or not. > > > > > OpenedAnti-Piracyforum thread:http://www.artfulbits.com/Support > > > > Petition can be signed > > > > here:http://www.petitionspot.com/petitions/androidpiracy > > > > > Stay tuned! Thanks. > > -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
