I made an offer of anyone using licmax could send me their app and I would make a video showing it working without a valid license, as yet I haven't received a single request, which is why there has been no video posted, but I'd be happy to do the same for whatever you consider to be a "secure" example.
Demos and reference implementation are only useful when they cover most real world scenarios, so to put out a demo which, by you're own admission is trivial to crack, is like trying to sell umbrellas by providing people with samples that have no canvas. I suspected the method I used would be completely undetectable, thanks for your confirmation. To me this means that developers using your solution would not only be left unsecured they would also be left unaware that piracy was happening. This is the same situation they would be in if they didn't implement licmax, and hence it would appear your product offers little if any benefit to developers. Al. -- * Looking for Android Apps? - Try http://andappstore.com/ * ====== Funky Android Limited is registered in England & Wales with the company number 6741909. The views expressed in this email are those of the author and not necessarily those of Funky Android Limited, it's associates, or it's subsidiaries. On 5 Apr 2010, at 21:33, licmax wrote: > Hi, > > licmax is a web-based license generation and verification service, not > a client library. Developers may implement use of the service to > varying degrees of defense against piracy according to their strategy. > licmax' mechanism is neither proprietary nor undocumented. Our > literature clearly describes full details of the mechanism, which > happens also to be employed by other providers. It is our technical > conviction that such a mechanism can be part of a robust anti-piracy > solution. > > The demos and reference implementations are merely intended to > exemplify fetching and verifying license keys. Cracking the reference > implementation binary is trivial. We clearly state its use is at the > discretion of the developer. > > As for this specific piracy attempt cited in the first post of this > discussion, we can confirm there has been no compromise of license > keys on our servers. The attempt clearly didn't exercise the > principles of licmax since there is no trace of the perpetrator on our > system. Our installed customer base regularly endures piracy attempts > none of which as has ever been successful. > > If you need further guidance on the licmax strategy, please visit us > at licmax.com and feel free to contact us at [email protected]. > > Kind Regards, > > The licmax Team > > > On Mar 30, 12:07 am, Al Sutton <[email protected]> wrote: >> Given the amount of emails the LicMax guys have put to the list I thought it >> would be worth trying their solution and it took me all of 20 minutes from >> the moment I downloaded their demo to having it falsely report that the demo >> application was permanently authorised (I actually could get it to report >> whatever I wanted, but going from unauthorised to permanently authorised >> seemed a good demo). >> >> I've nothing against competition, but when we're talking about a fundamental >> aspect of developers income (i.e. anti-piracy measures), I have little time >> for badly thought out solutions that aren't hard to break. >> >> If anyone has a LicMax secure application and they'd like to confirm that >> what I've done will unlock their app then please send me the APK (off-list >> of course), and I'll make a video available showing a "before" and "after" >> video showing the normal application state and the post-break application >> state. I'm only going to do 1 app so that it can be independently verified, >> I'm not going to start showing everyone the same thing for different apps. >> >> And no, I'm not going to make public how I did it. I'm not interested in >> helping people crack protection systems, I'm only interested in ensuring >> developers don't start using sub-standard solutions. >> >> And yes, the method I used would work for other platforms they support. >> >> Al. >> -- >> >> * Looking for Android Apps? - Tryhttp://andappstore.com/* >> >> ====== >> Funky Android Limited is registered in England & Wales with the company >> number 6741909. >> >> The views expressed in this email are those of the author and not >> necessarily those of Funky Android Limited, it's associates, or it's >> subsidiaries. > > -- > You received this message because you are subscribed to the Google Groups > "Android Discuss" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/android-discuss?hl=en. > -- You received this message because you are subscribed to the Google Groups "Android Discuss" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-discuss?hl=en.
