But, if someone can edit my preferences file to modify the stored
validity time stamp, grace period and max. retry count to very
reasonably values, he can prevent my app from ever contacting the
server after the first attempts or make it retry all the time. This
effectively removes LVL checks.
Sorry for typo. I meant ... if someone can edit my preferences file
to modify the stored
validity time stamp, grace period and max. retry count to reasonably
large values, ...
~rajorshi
On Feb 15, 10:46 pm, rajorshi groups.rajor...@gmail.com wrote:
But, if someone can edit my preferences file
Not if you use this correctly -- you keep the result you got back from the
server, which is signed with the private key. If you don't have that
(verifying the cert) then the app isn't licensed. That result contains
time, device id, and other information that is needed to verify it.
Sorry I
Great! Why didn't I think of this!! If I cache the encrypted response
data from server then it can't be edited by anyone. Thank you!! Can
you please explain your last line though: That result contains time,
device id, and other information that is needed to verify it. The
server echos back any
On 15 February 2011 18:46, rajorshi groups.rajor...@gmail.com wrote:
But, if someone can edit my preferences file to modify the stored
validity time stamp, grace period and max. retry count to very
Any code can be cracked. It's matter of time (and driven cracker). You
can make your app harder
5 matches
Mail list logo
