Here is a fun thing. You could ask people who wanted to buy your application to send in device ID's - of course, they have to have 3.0 (SysGetROMToken) and you could do fun things with that -=- check it against a compiled in certificate or something. Of course, you have to check that SysGetROMToken doesn't have a hack installed. But of course, you can't check that, can you? Not without using SysSetTrapAddress, which you're not supposed to use! Oh no!
