[android-developers] Re: try to simulate install button on google play
The error code is telling you exactly the issue, your using the wrong auth token :) On Thursday, November 8, 2012 11:09:18 PM UTC-8, alex kyo wrote: that seems not possible On Thursday, November 8, 2012 9:35:57 PM UTC+9, alex kyo wrote: Guys, I am trying to simulate the click of install button in google play store on a android device. I 've already got token via GoogleAuthUtil.getToken(context, mailAddress, oauth2:https://www.googleapis.com/auth/drive;) and got device id , feature, xhr, offerType everything required for a install request. But I am getting the response below {status:ERROR,errorCode:GAIA_USER_REQUIRED... Could you give me some help to work it out? my code: HttpPost httpost = new HttpPost(https://play.google.com/store/install;); List NameValuePair nvps = new ArrayList NameValuePair(); nvps.add(new BasicNameValuePair(id, my app id)); nvps.add(new BasicNameValuePair(offerType, 1)); nvps.add(new BasicNameValuePair(device, my device id)); nvps.add(new BasicNameValuePair(feature, home-cip-2)); nvps.add(new BasicNameValuePair(xhr, 1)); nvps.add(new BasicNameValuePair(token, token for google api)); httpost.setEntity(new UrlEncodedFormEntity(nvps)); -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
Re: [android-developers] Is it legal to implement APK's silent installation for commercial use?
Correct, you basically just need to request the proper auth tokens, then simulate the protocol being used the by Play store / web site. Tim Strazzere On Friday, October 26, 2012 7:41:54 PM UTC-7, Kevin TeslaCoil Apps wrote: I would guess that they simulate a user clicking INSTALL from the web based Play Store. I believe this would be technically doable if they either had the user login or had the users Google password. Then the Play Store takes care of pushing the app to the device and installing it in the background. There would still be the notification icon showing it has been installed and hopefully users are weary of typing their Google password into apps. It's likely that such a setup would violate one or more Play Store policies, but I do not know. I think App Brain did something along these lines at some point? -Kevin On Friday, October 26, 2012 4:54:28 AM UTC-5, alex kyo wrote: Thanks, Mark One thing I can definitely confirm is that they are not device manufacturer. Suppose there is a google account(*ga*) which contains several apps. My guess is that they might register a stock device with the *ga* by AccountManager and then call the sync api (I don't know exactly what api will be here) Finally, after the device performed sync process, log out programmatically the apps will be remained and it looks like silent install. On Friday, October 26, 2012 4:00:24 PM UTC+9, Mark Murphy (a Commons Guy) wrote: On Fri, Oct 26, 2012 at 2:45 AM, Kristopher Micinski krismi...@gmail.com wrote: Or their company is actually TMobile... Oh, true. A device manufacturer can do this stuff without a problem. I was assuming that this was an SDK app, since this is a list for developing SDK apps, but that may not have been a valid assumption. -- Mark Murphy (a Commons Guy) http://commonsware.com | http://github.com/commonsguy http://commonsware.com/blog | http://twitter.com/commonsguy _The Busy Coder's Guide to Android Development_ Version 4.2 Available! -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Android Market Licensing: Now Available!
I'm not sure how this would make code modification impossible? You patch the application, make it always return a yes, it was ok to the licensing service inside the apk. Application then requests authentication, it fails, failure comes to application which still continues to say yes, it was ok. So yes, your going to have the market return a fail always, but if you've patched the application to *not* care, how is that actually helping? -Tim On Aug 25, 10:13 am, Kostya Vasilyev kmans...@gmail.com wrote: 25.08.2010 21:04, Dianne Hackborn пишет: If there are other suggestions that will actually make things harder without doing that, I would certainly like to hear them. Um, make the Market App side of LVL check that the application making LVL calls is signed with the same key as the .apk uploaded to Developer Home? Seems this would make attacks based on code modifications pretty much impossible, since a modified .apk is signed with a different key from the developer's. -- Kostya Vasilev -- WiFi Manager + pretty widget --http://kmansoft.wordpress.com -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Hiding SMS notifications
Take a look at http://developer.android.com/reference/android/content/BroadcastReceiver.html - specifically abortBroadcast :) -Tim On Jul 26, 12:00 am, Andrea Rota andrearota37...@gmail.com wrote: Hello all, I am working on a research project and I need to write an Android application that is able to intercept SMS's and, according to their content, route them to a web services without showing any alert. I tried to register a broadcast receiver on the intent SMS_RECEIVED, but the default SMS application is still notifying the SMS in the notification bar. The only way to achieve what is manually disabling the message notification from the default SMS application's menu. I found that the SMS Guard application, available on the market, is able to filter messages out without any notification, without touching any default configuration (I wrote to the developer, no answer yet). Any idea? -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: APKTool - decoding our apps
You have an interesting analogy, though just because *you* say that the proper use for this tool is pirating code - doesn't mean it is. A missle is designed to travel, hit a target and deliver a payload. Of course you could use it as a hammer, but that's not it's purpose. Reengineering can be a practical solution. Using this to reengineering an application is the use. Yes you could also use this to pirate byte code, but that's not it's purpose. Heck, while you're at it can we start ranting about dedexer, http://dedexer.sourceforge.net/, smali/baksmali, http://code.google.com/p/smali/, and dexdump? These tools aren't new, in fact dexdump has been around since before all the devices where out and is distributed with the android source code. Yikes... Google must be supporting piracy since day one / sarcasm On May 13, 3:56 pm, Maps.Huge.Info (Maps API Guru) cor...@gmail.com wrote: An anti-aircraft missile has multiple purposes as well. It can be used as a hammer or paperweight, can be a really nice conversation piece in the living room or an auction item on e-bay. None of those are the real purpose though, sort of like this tool. -John Coryat On May 13, 2:46 pm, Greg Donald gdon...@gmail.com wrote: On Thu, May 13, 2010 at 2:34 PM, Maps.Huge.Info (Maps API Guru) cor...@gmail.com wrote: Since this tool really has only one real purpose This tool has multiple uses. Go back and read the thread. For the tool to simply exist is not a crime no matter how much you want it to be. The tool itself doesn't go out and commit crimes, it takes a criminal for that to happen. Criminals were around long before the tool was. Even if you made the tool go away you'd only be keeping the honest guy honest. It's your sort of backwards thinking that makes society have to legislate to the least common denominator. -- Greg Donald destiney.com | gregdonald.com -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group athttp://groups.google.com/group/android-developers?hl=en -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group athttp://groups.google.com/group/android-developers?hl=en -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: I've found a way to stop piracy of my apps
Without introducing any new content - it makes it a very desirable target for patching. A simple patch will make sure the date check doesn't matter, and if you aren't introducing any new functionality, then there isn't a real reason for the user to upgrade. IMHO your just asking people to get fed up with the fake updates and patch it. -Tim On May 10, 4:29 pm, niko20 nikolatesl...@yahoo.com wrote: Actually I think another pretty good solution is to simply put a date lock on the app, sort of how Astro works. What you do is make the app expire at a certain date. Before that date you release the next version with another lock moving forward. Maybe try a 2 or 3 month lock. Then when it does it simply asks the user to go to the market and update the app. If they are legit customers, that's easy, they just go an update it. But if they are pirated copies they wont be able to easily update it. -niko On May 10, 3:24 pm, niko20 nikolatesl...@yahoo.com wrote: Well I will say one thing, if it was opened up, that would allow each dev to make small code changes, so it would never be cookie cutter then...however, I am not against that you are trying to make some income from it, I mean you still did have to do the work. -niko On May 10, 10:06 am, dadical keyes...@gmail.com wrote: That argument assumes that I don't respond to those cracks with improvements to AAL that will make it more difficult! :) Also, each app will need to be cracked individually, and I'm trying to work out some ways to make that a job that isn't cookie-cutter. The point here is to get this past the pain threshold where it won't be worth the trouble for an app that is only a few bucks. This is fascinating stuff, but very, very non-lucrative. I don't really want to engage in this game, but I don't see an alternative until it gets solved at the platform level. Given the lack of commercial interest (and the prodding of several smart devs), I've considered opening this up, but I'm not sure how to do that without it simply lowering the barrier for pirates. On May 10, 3:55 am, MobDev developm...@mobilaria.com wrote: It took several days (almost a week) for crackers to decompile Screebl Pro and find a way to circumvent AAL. Typically it takes about 90 secs from the time that we publish to the market for the various warez sites to start tweeting the location of the download. I was wondering, after the first crack-run they obviously will have devised a crack-method, which means that every other app using AAL will be cracked within 90 seconds till a new version is released... A week of cracking will only be the case during the first attempt... -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group athttp://groups.google.com/group/android-developers?hl=en -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group athttp://groups.google.com/group/android-developers?hl=en -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group athttp://groups.google.com/group/android-developers?hl=en -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group athttp://groups.google.com/group/android-developers?hl=en -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: I've found a way to stop piracy of my apps
As you could also note - there is nothing in Android-Market-Api's license against this type of use. Whether he used their code or not - I'm not sure, but basing it off of the User Agent is sort of a big leap of conclusions. That user agent is pretty common on the android devices ;) It's not as if the user-agent is Android-Market-Api-v1. -Tim On May 6, 3:47 am, a1 arco...@gmail.com wrote: It uses this project:http://code.google.com/p/android-market-api/, you can do same, just note that in proto purchased field is missing, but you can simply extend App message in market.proto, purchased field has id 34. -- Regards, Bart Janusz (Beepstreet) On May 6, 8:22 am, Edward Falk ed.f...@gmail.com wrote: Intriguing. I was wondering if maybe you could add a blurb to your web site explaining in simple terms how it works. E.g. when the API is called, it communicates with the Android Market to verify your key; once verified, the verification code is remembered so that no further calls to the market are needed. Or perhaps instead of Android Market, it's our servers. Or whatever. How *does* it work? And if it's your servers (or even the Android Market), what happens to users when the servers go down? This is the biggest problem with any kind of server-based DRM. Do they lose their apps? Is there an alternative recovery plan? -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group athttp://groups.google.com/group/android-developers?hl=en -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group athttp://groups.google.com/group/android-developers?hl=en -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: I've found a way to stop piracy of my apps
Yes there is, google APIs services in point 5.3 states that you are not allowed to use undocumented APIs: Ah, I'm talking specifically about the google code project android- market-api. No, each device uses different UA string when executing market request (it contains device name and build id), therefore there is a lot of possible combination that can be used. Also library that this guy try to sell is based on google's protobuf, which android market api project also uses. I know and understand that - but that's the user-agent tossed around online all the time ;) Don't get me wrong I have game on android market, it features online highscore and each online highscore entry stores AID (for identification purposes), with 10k legitimate copies I've counted 16k distinct AIDs in database that means that at lease 6k (probably more as not everybody uses highscore) copies were pirated, so I'd really welcome some form of DRM, but charging $300 for lib that reuses some open source project (without mentioning it) and which legality is at least disputable (due to usage of undocumented google service) is kind of shady. I've already agreed it's pretty expensive for the idea that it is. There isn't really any proof that it is reusing the code - and even if it is, it isn't required by that license to disclose it. They should - if it is based off of it, but well, that's the world. There are tons of open source projects and even android specific ones people rip off and never even mention where the code comes from. As a side note to the legality of this DRM (i.e. using undocumented google service). I don't think this is a blip on googles radar - don't you think they'd have shut down the google-code project you think it's based off of first? My 2 cents - I'm not disagreeing with you, I think it's a big overcharge too :) -Tim -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: I've found a way to stop piracy of my apps
Looking at your documentation, I'm assuming your making a call to the market requesting the state of the application -- if I'm wrong, then just disregard this information. If I'm right, I guess my only question is why are you charging so much information for such a simplistic method? Don't get me wrong - that method would probably be the best one I've seen yet on the market, but that's still a nice chunk of money to charge for it. -Tim On May 4, 5:20 pm, dadical keyes...@gmail.com wrote: I've spent the last few weeks developing a new tool to stop piracy of my paid apps on the Android Market. In a nutshell, licensing is tied directly to purchase verification. There is no license server to manage, no key for the user to enter. User experience is basically uninterrupted from normal application purchase. I'm excited about this, as my paid apps are now reaching piracy rates as high as 90% on some days,with the average somewhere around 75%. For pirated apps, purchase verification (and subsequently licensing) will fail after a certain number of attempts, and pirates will be left with anything from a buy me nag, to a disabled app (behavior is configurable). Android Market is the only supported purchase validation target so far. Others will be forthcoming if demand warrants. This isn't a perfect solution (I have yet to find a perfect licensing solution), but I feel it is the best balance of security, features, and workflow that I've seen to date. You can find a write up, download, and purchasing information here:http://keyeslabs.com/joomla/index.php/projects/auto-app-licensing I'll be looking forward to the comments, suggestions, and death threats. -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group athttp://groups.google.com/group/android-developers?hl=en -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: I've found a way to stop piracy of my apps
Dave, Glad to hear it's paying for itself already! It's definitely a cleaver use for the market api - wish I'd thought of it myself. This should definitely slow down pirates - as it would require direct patching of the apk file as an intervention. Using the market api should also alleviate any issues regarding switching phones etc, as long as that users keeps the same account activated. On a side note - it would seam the weak part of your code might be the licensing system at this point would be whatever you've implemented for your SDK itself. Obviously you can't rely on the market for that piece :) Bravo - and best of luck. -Tim On May 5, 2:09 pm, dadical keyes...@gmail.com wrote: Hey Tim. You're correct that validating purchase with the market is a key piece of our solution. Figuring out how exactly to do that using Google's binary market protocol in an efficient way (try doing everything that AAL does in a 35 KB library) was a fairly significant dev effort. What's more, balancing license generation, market API security, cross- Android version compatibility, customization, etc., and you've got a nice little chunk of work that we put into this solution. As for pricing, we'll see what the market will support. In our own single app Screebl, we lose about $100/day in revenue to pirated apps, so $50 seems cheap. I know that not all of that $100 will translate into sales, but some percentage will. My point is it shouldn't take long for AAL to pay for itself. Dave On May 5, 1:23 pm, strazzere str...@gmail.com wrote: Looking at your documentation, I'm assuming your making a call to the market requesting the state of the application -- if I'm wrong, then just disregard this information. If I'm right, I guess my only question is why are you charging so much information for such a simplistic method? Don't get me wrong - that method would probably be the best one I've seen yet on the market, but that's still a nice chunk of money to charge for it. -Tim On May 4, 5:20 pm, dadical keyes...@gmail.com wrote: I've spent the last few weeks developing a new tool to stoppiracyof my paid apps on the Android Market. In a nutshell, licensing is tied directly to purchase verification. There is no license server to manage, no key for the user to enter. User experience is basically uninterrupted from normal application purchase. I'm excited about this, as my paid apps are now reachingpiracyrates as high as 90% on some days,with the average somewhere around 75%. For pirated apps, purchase verification (and subsequently licensing) will fail after a certain number of attempts, and pirates will be left with anything from a buy me nag, to a disabled app (behavior is configurable). Android Market is the only supported purchase validation target so far. Others will be forthcoming if demand warrants. This isn't a perfect solution (I have yet to find a perfect licensing solution), but I feel it is the best balance of security, features, and workflow that I've seen to date. You can find a write up, download, and purchasing information here:http://keyeslabs.com/joomla/index.php/projects/auto-app-licensing I'll be looking forward to the comments, suggestions, and death threats. -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group athttp://groups.google.com/group/android-developers?hl=en -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group athttp://groups.google.com/group/android-developers?hl=en -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group athttp://groups.google.com/group/android-developers?hl=en -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Petition: Google, please improve the Android Market.
Any android device, phone or not can have the market it on it. People from other countries can also purchase paid applications if their country has not yet been enabled. This was the concept behind the Market Enabler and the research done behind it. It's my understanding that the carrier that the device is on, receives the chuck of the fees. So throwing a T-Mobile sim card inside the Nexus One will net T-Mobile with those fees. If you load up an Archos and use the Market Enabler, T-Mobile might get those too, depending if you use those tmobile credentials to access the market. The market is filtered by your carrier, then your device (by software id). That doesn't stop someone with a low software version and no carrier from spoofing everything and having the fee go to someone it theoretically shouldn't... -Tim Strazzere On Feb 23, 11:00 am, Mark Murphy mmur...@commonsware.com wrote: Disconnect wrote: Google has been very vague about where that 30% goes when you're on a nexus, adp, etc. Yes, that's true. Better yet, what about devices that just simply aren't phones? Admittedly, I'm not aware of a non-phone with the Android Market on it yet, but I presume it's only a matter of time. -- Mark Murphy (a Commons Guy)http://commonsware.com|http://twitter.com/commonsguy Android Development Wiki:http://wiki.andmob.org -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Easiest way to programmatically check if the Market app is installed?
How the Archos handles market:// ? I'm not sure if this still holds true -- but in previous versions of AppsLib (The Archos Market) essentially hijacked this protocol. So the protocol did work, just not the same way. Though if the user has AppsLib installed and google market - via the symlink hack - I have no idea which one would catch the URI. -Tim Strazzere On Feb 9, 11:36 am, westmeadboy westmead...@yahoo.co.uk wrote: Super duper :) I tried queryIntentActivities() and that gave me one activity: com.android.vending.AssetInfoActivity So, yes, I can just check that result for an empty list. Any ideas how Archos 5 Internet Tablet handles this URI? On Feb 9, 5:18 pm, Mark Murphy mmur...@commonsware.com wrote: Thanks Mark. Here is my problem in more detail: I want to bring up the Market details page of another one of my apps so I fire off an intent to: market://details?id=com.mycompany.myapp Three things can go wrong with this (OK, maybe more, but...): 1. market:// scheme cannot be resolved 2. no internet connection 3. package not found In the case of 2 I get a dialog box saying A network error has occurred In the case of 3 I get a dialog box saying A server error has occurred Neither of these are very intuitive for the user. I'm not sure what happens in case 1 - still need to test that (hence this topic). Maybe my question is more How to check whether the market:// scheme can be resolved?. Ah. In that case, pass your Intent to PackageManager's queryIntentOptions() method. If you get back an empty list, Market will not be available (more accurately, nothing will be able to handle your Intent). I think you can use ConnectivityManager to handle scenario #2. If by package not found in #3 you mean that com.mycompany.myapp doesn't exist, I suspect there is no clean way to handle that. -- Mark Murphy (a Commons Guy)http://commonsware.com Android App Developer Books:http://commonsware.com/books.html -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: rooted phones, security, private storage.
Copy-protection does not prevent rooted phones from seeing your application. You also might be forgetting, that if ANYONE gets a hold of the apk, regardless if they have a device (rooted or not), they could simply extract your encryption keys? -Tim On Jan 13, 12:18 pm, sdphil phil.pellouch...@gmail.com wrote: hey mark - when you say copy protect on Android Market causes more problems than it solves, can you describe what you mean? On Jan 12, 2:08 pm, Mark Murphy mmur...@commonsware.com wrote: sdphil wrote: I want to hide some info (encryption keys) in a private area. The best answer: the private area is the user's brain. I know there are a lot of threads on the topic and from what i can tell - it basically comes down to - there's no security :-) just kidding. It seems like the data you have in your private area -- /data/data/com.company.product/files is only accessible to your application, so it would be sufficient to store anything (like encryption keys for example) in just plain text files there if you wanted. the big drawback of doing this though is that a rooted phone would be able to access that area -- therefore, no security. does copy protection solve this problem? I am not aware of any copy protection that solves this problem. And if you mean copy protect on the Android Market, that causes more problems than it solves, IMHO. Would a rooted phone then be able to grab and install the .apk file (and ultimately gain access to the app-private area)? I don't have a rooted device, but I presume the answer is yes. Seems like someone somewhere has to have solved this problem. Seriously? Security is pretty much toast on anything if the one who wants to get past the security gets their hands on the hardware. This is why DRM tends to be broken. sometimes very quickly -- DRM providers are attempting to do the same thing you are. You cannot have the algorithm and the key both in something that can be read by software, plain and simple. -- Mark Murphy (a Commons Guy)http://commonsware.com|http://twitter.com/commonsguy _Android Programming Tutorials_ Version 1.0 In Print! -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Program unique identifier
@Watcher That's why the ANDROID_ID is meant to be used I believe, it is phone even on phone-less devices. Though some phone-less devices redirect the getDeviceId() call to return the ANDROID_ID too. @Iphpc Watcher is correct, there is no unique program specific identifier outside of the package name. You could simply concatenate that with the ANDROID_ID though for program specific uniqueness. This would returned you a new value for each device that is running you app. You could even add a version to this to differentiate across versions since you package stays the same... -Tim Strazzere On Dec 18, 3:07 pm, Watcher watche...@gmail.com wrote: If your software is running on a phone-less tablet, chances are you won't even get an instance of TelephonyManager so getDeviceId() won't work Unique program identifer is the package identifier although anyone could use the same id as yours... On Dec 18, 4:49 am, lphpc glp...@gmail.com wrote: Hi All, As known, we can get devcie unique ID using TelephonyManager#getDeviceId() . So, does a program have an unique identifier? How can I get it? I googled it but got nothing. Br -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Android Market Anti-Piracy
As long as your quoting my blog, you might as well read it. If you do - you'll quickly find out that your whole protection scheme is moot. Yes, like I said, ANDROID_ID is spoofable - it is less so since it was moved into the secure.settings. Though IMEI is also spoofable, along with any other identifier you pick. Heck -- it's even easier to patch one bit and resign you application if someone *actually* wants to get around the protection without spoofing something. On Dec 2, 3:25 am, AlexK kucherenko.a...@gmail.com wrote: ANDROID_ID compromized http://strazzere.com/blog/?tag=android_id On Dec 1, 12:23 am, strazzere str...@gmail.com wrote: Alex, can you please clarify something for us? Today we did check of our sales. And found interesting aspects: 1) 4% of people that install pirated copy after black list discussions and news over internet decide to buy application; How are you getting this number -- from your technical support it appears; How to track piracy ? It's simple: difference between activations and sales give you a number of pirated copies. Source:http://www.artfulbits.com/Support/forum.aspx?g=postst=23 Just wondering where the 4% is coming from, or if it's just that a few copies where sold. Or maybe someone emailed you wondering why their rapidshare'ed apk wasn't working? Also, I never actually got a response to my email on this thread... It's somewhere on the first page, maybe post 18 or 19. Anyway, I ask why you aren't just using the ANDROID_ID? It's obtainable without using any extra permissions, does not entail the same (though it could be argued) privacy concerns, and it still links you to a specific device? I've looked through your documentation and your FAQ and haven't really found any reason as to exactly why your using the IMEI over the ANDROID_ID? *Yes*, you could spoof the ANDROID_ID, but it's also just a easily done to crack the application/remove the check, or even spoof the IMEI. Last, I'm wondering exactly how this pans out for how the purchasing of the application works with Google Market and your protection system. Currently the purchase is linked to my Google Checkout account - NOT my device. This means when I transferred from my G1 to myTouch I didn't lose any applications I've purchased. With your protection system along with the way you count the piracy, aren't your going to wrongly find pirates among real customers? Just for example... If I've bought your products, transfer phones and sell my phone. Whoever buys my phone is correct under your protection system in using the application since it's linked to the device. Though when I fire up the market on my new device using the same account, it will allow me to download the applications I've previously paid for. Though your protection mechanism is going to label me a pirate and mark my IMEI. Do you guys handle this situation any specific way? --Tim Strazzere On Nov 30, 12:11 pm, AlexK kucherenko.a...@gmail.com wrote: Hi, Today we did check of our sales. And found interesting aspects: 1) 4% of people that install pirated copy after black list discussions and news over internet decide to buy application; This is really good news! 2) after changing protection and converting old versions into honey pots we catch 10-15 users per day that still trying to activate pirated version of the product. Quite interesting that those user simply don't want to search over web and find manufacture web page or alternative to Android Market. They prefer to download copy from rapidshare (or something similar) and install it. 3) Russian file exchange servers have the most problematic support. After we ask to close illegal content, they continue to ignore us... and after one week and tones of e-mails they decide to stop content sharing... 4) We decide to make open source library for other developers that will provide advanced licensing technology for everyone who wants it. We hope our efforts will help vendors to protect own investments. Thanks, Good Luck On Nov 16, 1:12 pm, AlexK kucherenko.a...@gmail.com wrote: Our company starts todayanti-piracyinitiative against piracy that already happened on Android Market. We request all vendors and developers to support this initiative. Piracy become a threat for vendors that publishing application on Android Market! It is not a joke, it is a real threat. Our last application publishing shows how bad is situation on the Android Market. Only 20% of all installs are legal, other 80% are in piracy hands. Google does not provide any actions to stop piracy, so we as a vendor that provide software for Android Market, have to think about protection measures. Piracy is threat that cannot be target easily and eliminated in one day. Only join of all vendors can help inanti-piracy. ArtfulBits
[android-developers] Re: Android Market Anti-Piracy
Alex, can you please clarify something for us? Today we did check of our sales. And found interesting aspects: 1) 4% of people that install pirated copy after black list discussions and news over internet decide to buy application; How are you getting this number -- from your technical support it appears; How to track piracy ? It's simple: difference between activations and sales give you a number of pirated copies. Source: http://www.artfulbits.com/Support/forum.aspx?g=postst=23 Just wondering where the 4% is coming from, or if it's just that a few copies where sold. Or maybe someone emailed you wondering why their rapidshare'ed apk wasn't working? Also, I never actually got a response to my email on this thread... It's somewhere on the first page, maybe post 18 or 19. Anyway, I ask why you aren't just using the ANDROID_ID? It's obtainable without using any extra permissions, does not entail the same (though it could be argued) privacy concerns, and it still links you to a specific device? I've looked through your documentation and your FAQ and haven't really found any reason as to exactly why your using the IMEI over the ANDROID_ID? *Yes*, you could spoof the ANDROID_ID, but it's also just a easily done to crack the application/remove the check, or even spoof the IMEI. Last, I'm wondering exactly how this pans out for how the purchasing of the application works with Google Market and your protection system. Currently the purchase is linked to my Google Checkout account - NOT my device. This means when I transferred from my G1 to myTouch I didn't lose any applications I've purchased. With your protection system along with the way you count the piracy, aren't your going to wrongly find pirates among real customers? Just for example... If I've bought your products, transfer phones and sell my phone. Whoever buys my phone is correct under your protection system in using the application since it's linked to the device. Though when I fire up the market on my new device using the same account, it will allow me to download the applications I've previously paid for. Though your protection mechanism is going to label me a pirate and mark my IMEI. Do you guys handle this situation any specific way? --Tim Strazzere On Nov 30, 12:11 pm, AlexK kucherenko.a...@gmail.com wrote: Hi, Today we did check of our sales. And found interesting aspects: 1) 4% of people that install pirated copy after black list discussions and news over internet decide to buy application; This is really good news! 2) after changing protection and converting old versions into honey pots we catch 10-15 users per day that still trying to activate pirated version of the product. Quite interesting that those user simply don't want to search over web and find manufacture web page or alternative to Android Market. They prefer to download copy from rapidshare (or something similar) and install it. 3) Russian file exchange servers have the most problematic support. After we ask to close illegal content, they continue to ignore us... and after one week and tones of e-mails they decide to stop content sharing... 4) We decide to make open source library for other developers that will provide advanced licensing technology for everyone who wants it. We hope our efforts will help vendors to protect own investments. Thanks, Good Luck On Nov 16, 1:12 pm, AlexK kucherenko.a...@gmail.com wrote: Our company starts todayanti-piracyinitiative against piracy that already happened on Android Market. We request all vendors and developers to support this initiative. Piracy become a threat for vendors that publishing application on Android Market! It is not a joke, it is a real threat. Our last application publishing shows how bad is situation on the Android Market. Only 20% of all installs are legal, other 80% are in piracy hands. Google does not provide any actions to stop piracy, so we as a vendor that provide software for Android Market, have to think about protection measures. Piracy is threat that cannot be target easily and eliminated in one day. Only join of all vendors can help inanti-piracy. ArtfulBits company decide to start from today AndroidAnti-piracy Movement with main goal: protect vendors and punish piracy. Our next steps are: - Petition to Google with request to provide betteranti-piracy protocols for Android Market; - Collective anti-Google charge, from side of vendors that loose money due to Google security holes in Android Market application distribution channel; - Public web service Black List, that helps all developer to check is there application installed on pirate phone; - Joining of the software vendors over that problem for finding betteranti-piracystrategies; - Identification of the roots of piracy, that make possible Android Market software leaking and contribution them to justice. A little later today we will open black-list database
[android-developers] Re: Android Market Protocol
If you mean 'authToken' for the 'tokenId', then I don't think you fully read the blog. There is a post that describes exactly that. As for fully decoded? Plenty of people have done it so far, OK maybe not plenty but I know quiet a few. Are people just releasing this as an API for everyone to use? Nope... On Nov 25, 10:41 am, tomei.ninge...@gmail.com tomei.ninge...@gmail.com wrote: Hello, Has anyone fully decoded the market's protocol? I want to do something simple and harmless -- easily find out comments for my apps in all languages. I found some info inhttp://strazzere.com/blog/?p=293but that doesn't seem to be complete. I.e., no generic way to find out a tokenId from your gmail login. Thanks -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Encrypting in PHP and Decrypting in Android
If you want something secure, do a RSA encryption using a private key on your server. Your application will fetch this and decrypt using the public key. You could throw some extra things in there if you'd like, but that would probably be your best bet. On Nov 23, 8:41 am, sixones sixo...@me.com wrote: Find a common encryption / decryption library that has been implemented in PHP and Java (or Python or C). Base64 is encryptable and decryptable by both but isnt really secure. On Nov 23, 10:38 am, Fabio piuc...@gmail.com wrote: What about SSL/TLS ? On Nov 22, 2:47 pm, jax jackma...@gmail.com wrote: What would I use to: Encrypt a string in PHP and Decrypt that string from Android? What methods are supported by both and which is the most secure? -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Android Market Anti-Piracy
As a developer, I will definitely integrate their protection system in my application and WILL deny activation if IMEI is in the black list. It would make sense for a software developer who works at ArtfulBits to use their own protection, wouldn't it? http://www.linkedin.com/in/paulturchenko Paul Turchenko Developer at ArtfulBits On Nov 19, 6:09 am, Paul Turchenko paul.turche...@gmail.com wrote: Guess they are gathering data from different application vendors. As far as I can tell, they will tell that device is 100% blacklisted only if 2 of 3 application vendors have reported that particular IMEI has pirated application installed. Look here:http://www.artfulbits.com/Android/try/reportPirate.aspx- report form.http://www.artfulbits.com/Android/antipiracy.aspx- code integration. As a developer, I will definitely integrate their protection system in my application and WILL deny activation if IMEI is in the black list. On Nov 18, 10:43 pm, admin.androidsl...@googlemail.com admin.androidsl...@googlemail.com wrote: AlexK - you didn't mention where you get your data for the blacklist. I am guessing its based on pirated copies of your app. How are you determining which users have illegal copies? -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Android Market Anti-Piracy
IANAL, but I think your misquoting it there. - in order to protect the vital interests of the data subject or; Meaning in order to protect the vital interests of the /data subject/. The data subject being the person you are collecting data from, not the person who is collecting the data. On Nov 19, 1:29 pm, AlexK kucherenko.a...@gmail.com wrote: {QUOTE} The legitimacy of data processing: personal data may be processed only if the data subject has unambiguously given his/her consent or processing is necessary: - for the performance of a contract to which the data subject is party or; - for compliance with a legal obligation to which the controller is subject or; - in order to protect the vital interests of the data subject or; - for the performance of a task carried out in the public interest or; - for the purposes of the legitimate interests pursued by the controller; {QUOTE} IN ORDER TO PROTECT THE VITAL INTERESTS this is the main goal of all anti-piracy. On Nov 19, 7:57 pm, LambergaR martin.s...@gmail.com wrote: http://europa.eu/legislation_summaries/information_society/l14012_en.htm -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Android Market Anti-Piracy
An a similar note -- it looks like you've enraged the user who has the IMEI 123456789123456 - since now they're at a level 1 piracy watch! Yikes! http://www.artfulbits.com/android/antipiracycheck.ashx?IMEI=123456789123456 On Nov 18, 1:39 pm, Paul Turchenko paul.turche...@gmail.com wrote: Why emulator says that my status is 1??? I've just installed a fresh one! On Nov 18, 7:25 pm, AlexK kucherenko.a...@gmail.com wrote: Today we release anti-piracy black list check application. You can download it from Android Market - search: aiAntiPiracy Alternative Market:https://slideme.org/application/aiantipiracy On Nov 16, 1:12 pm, AlexK kucherenko.a...@gmail.com wrote: Our company starts today anti-piracy initiative against piracy that already happened on Android Market. We request all vendors and developers to support this initiative. Piracy become a threat for vendors that publishing application on Android Market! It is not a joke, it is a real threat. Our last application publishing shows how bad is situation on the Android Market. Only 20% of all installs are legal, other 80% are in piracy hands. Google does not provide any actions to stop piracy, so we as a vendor that provide software for Android Market, have to think about protection measures. Piracy is threat that cannot be target easily and eliminated in one day. Only join of all vendors can help in anti- piracy. ArtfulBits company decide to start from today Android Anti-piracy Movement with main goal: protect vendors and punish piracy. Our next steps are: - Petition to Google with request to provide better anti-piracy protocols for Android Market; - Collective anti-Google charge, from side of vendors that loose money due to Google security holes in Android Market application distribution channel; - Public web service Black List, that helps all developer to check is there application installed on pirate phone; - Joining of the software vendors over that problem for finding better anti-piracy strategies; - Identification of the roots of piracy, that make possible Android Market software leaking and contribution them to justice. A little later today we will open black-list database of devices, where was installed stolen version of applications. In addition, we will provide easy code for all developers that can be integrated into own application and during first start, check is phone in black list or not. Opened Anti-Piracy forum thread:http://www.artfulbits.com/Support Petition can be signed here:http://www.petitionspot.com/petitions/androidpiracy Stay tuned! Thanks. -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Securing a paid app
If your looking at it from this perspective, then maybe you shouldn't continue developing? Unless your developing a program that is SaaS where data is kept primarily on a server, your /not/ going to keep your program from being pirated. I don't agree with people who are pirating apps, but I also don't believe people who have pirate most of their application would be buying them if there was some magical protection available. The applications I had published have been pirated countless times, I actually find no reviews for my applications, just hotlinks to rapidshare and mediafire. Though that hasn't stopped me from getting my money worth from the applications. Honestly with the stuff your posting and the amount of protection your wanting - I feel you need to just not release your applications. Have people come directly to you, purchase a tailor-made applications with a million identifiers for who bought it and give it to them. Then when it leaks out you know who to blame. Or, proceed like ever other developer so far, release it, make money, lose money and figure out there are always kids who won't pay a dime for things... Cause it's cool to do it. Besides, the tougher you make your protection (no matter how worthless or cheap the app is) the more interesting your making it for a reverse engineering to pull it apart. On Nov 17, 10:35 am, admin.androidsl...@googlemail.com admin.androidsl...@googlemail.com wrote: Disagree. The problem with Android Market is that it doesn't even attempt to solve the piracy issue. I agree that 100% protection is impossible but devs right now have 0% protection. Don't believe me? Search for any popular Android app on google - you will find as many links to pirated apk's for that app as you will find genuine review / discussion / marketing links etc. So an average phone user will find cracked copies if that's the road they want to go down. Of course devs would rather be writing new features but with reports of 4 pirated copies to 1 legitimate copy turning out to be true, this does dampen one's enthusiasm to write updates just to give them out straight away to the freeloading pirates. -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Android Market Anti-Piracy
On Nov 17, 10:32 am, AlexK kucherenko.a...@gmail.com wrote: In my case was stolen application with price $1.29 - pirates copies reach 100-300 per day, sales become dead. So black list is the only way to protect my product for now. So you have had 100-300 new installs of pirated apps a day? Or consistently have 100-300 applications that are pirated run each day? Your also assuming that if you had a perfect protection scheme, that all these people would buy your product. -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: When a phone is factory reset, market loses track of purchased apps
nEx is right. Your users should not be losing any access to the applications they have purchased as long as they use the same account on the phone that they purchase your application with. The application stream is actually what they have purchased the rights too. This stream includes all your updates, though it is liked to their email account. On Nov 17, 12:15 pm, Mike michaeldouglaskra...@gmail.com wrote: Well, here's something that may or may not be telling: I emailed one of the users that had this problem after a factory reset, and I got a notification back saying the email couldn't be delivered. That lends some weight to the theory that they used a different account the second time around. - Mike On Nov 17, 9:40 am, nEx.Software email.nex.softw...@gmail.com wrote: Please let us know the outcome, as if this is not the case then we should elevate this. On Nov 17, 9:38 am, Mike michaeldouglaskra...@gmail.com wrote: I'll ask and find out. I understand how using a different email address would cause this issue. - Mike On Nov 17, 9:31 am, nEx.Software email.nex.softw...@gmail.com wrote: Hmm, I have never lost track of my paid apps when resetting my phone (which I do quote often). Are you sure they are using the same email address? On Nov 17, 9:24 am, Mike michaeldouglaskra...@gmail.com wrote: Hello, I've had several of my users email me to tell me they had to do a factoryreseton their phone for some reason or other. The problem is, they had purchased apps installed and the Android market app loses track of this information when the phone isreset. My only solution to their problem is to go into my checkout account, refund their money and ask them to repurchase my app. Am I correct in assuming that Google decided to only check the PackageManager on the device to determine if an app was purchased or not? Is there really no other means of determining that an app was purchased? Surely this information about the purchase is kept on a server somewhere (which is why I can see the purchase information with Google Checkout) Also, since the user of a phone must login with a Google account in order to use the market, can't you just correlate the user's purchased apps with their login account and bypass the phone altogether? I'm probably missing something, but I wanted to let you know its a source of frustration to have to deal with this when I consider this issue the responsibility of the market infrastructure. - Mike -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Securing a paid app
You know the piracy rate of MyBackup and CoPilot are probably much higher than 4:1 right? I'm not sure where your get your statistics from, but while you notice apk files are easy to fine - amoung the easier are those exact apps that you think have a good level of security. The point is they have *good* applications people are willing to pay for, and a level of protection, yet people *still* can get there applications just as easily as yours. -Tim Strazzere On Nov 17, 12:20 pm, admin.androidsl...@googlemail.com admin.androidsl...@googlemail.com wrote: No anti-piracy system is perfect. Thats why I said 100% protection was unachievable. What I am saying is we need some way to get over the hump of 0% protection. Even if we just had a shared system where we had the level of protection of apps, e.g. MyBackup and CoPilot currently have, then at least we are moving in the right direction. There's a lot of posts on this subject because its something that bothers a lot of application developers. If you're happy to find your app every day on rapidshare, thats your decision, but if a big enough group of us want to do pool our resources to reduce piracy, then thats our decision too. Current estimated ratio is 4 pirated copies to 1 purchased copy. If we could reduce this to even 3:1 or 2:1, that would be a very worthwhile investment of everyone's time. -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Android Market Anti-Piracy
On Nov 17, 3:24 pm, Guy Cole guyc...@gmail.com wrote: So let them find another app. That isn't the point. The point is that some people don't work for free. I have already decided not to create any new stand alone applications for Android. Only services, which effectively reduces Android to a client. Your right people don't work for free. So the moral of the story is to cut your losses and not waste more time developing protections than people have spent developing their product. (This comment is directed at you or anyone in particular) -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Android Market Anti-Piracy
Since reversing an application is a rather menial task now, whats to prevent a user from taking your application - stripping the protection and re-releasing it? Not to mention that IMEI spoofing to an application can be done with a little bit of research. More importantly, with your approach - what happens when someone strips out the protection, throws it into a nice little program - then bombs all the IMEI numbers they want? Then you'll have pirates being blocked who well, never pirated your application. Seems like an easy way to quickly make your blacklist pretty inaccurate. -Tim Strazzere On Nov 16, 2:02 pm, Rachel Blackman ceruleanspa...@gmail.com wrote: On Nov 16, 2009, at 10:34 AM, nEx.Software wrote: Not to mention that just because someone might have pirated some app at some time, doesn't mean that they pirated your app. That's why it needs to be able to check against Google Checkout or whatever payment processor is used... Also not to mention how many people buy out-of-contract phones off of eBay to toy with new techy stuff. What if someone gets their phone's IMEI blacklisted in your database, goes and sells their phone, and someone innocent now picks up the phone and finds abruptly they can't use any of the apps linked into this antipiracy thing? (And lest you say that wouldn't happen, look at how many of the Xbox 360 consoles that have gotten locked out of Xbox Live abruptly ended up on eBay, while the folks who got locked out go get new consoles. After all, Xbox Live uses similar security methods, where the lockout applies to the hardware ID, not merely the account.) This isn't to say that antipiracy methods aren't desirable or useful. Just that if they bite /innocent/ users as well, you'll have a headache to deal with. Look at how many 'I can't see this app in the market!' threads we already have, and how much frustration there is just from developers over that. Imagine the users adding to that with 'I paid for this app off the store, but when I try to run it claims I pirated it!' In general, as a software developer, I tend to think that antipiracy methods that allow some pirates through are better than antipiracy methods that might flag innocent users as wrongdoers. -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Android Market Anti-Piracy
On Nov 16, 4:04 pm, Paul Turchenko paul.turche...@gmail.com wrote: I highly doubt that anyone would do that for $1 application. Effort not worth trying. Maybe a 99 cent application wouldn't be worth reversing, but we aren't talking about one application. We're talking about applications that specifically are accessing a blacklist now too. Sure it's a few apps now, but if this caught on - why wouldn't people look into it? What happens on a fail? I'm assuming the developer gets to decide... Are you going to restrict a user from using your application, formerly which might did not require internet connection, to now have internet connection constantly? If the site is unreachable are you going to block the user from using their purchased product? It just seems like a nice idea in theory, though in practice it would appear you might hurt many legitimate customers. -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Android Market Anti-Piracy
On Nov 16, 4:24 pm, AlexK kucherenko.a...@gmail.com wrote: On Nov 16, 9:55 pm, strazzere str...@gmail.com wrote: Measures: - always sign application by digital signature; - distribute only over verified channels; - try to use obfuscation; - use server side activation. This hasn't protected any applications released yet, it just seems to provide developers some time to brush up on third party tools that tend to break applications :) Though I will note that server side activation can help - and your best method would actually to just adopt a pay for service, not pay for application mentality. By reserving your application data on the server your preventing the first step towards piracy... Levels of piracy threat and maybe for example, auto-level reducing in specified period of time, will help. I mean if reported 5 or more piracy installs, then in half of year we do not track any problems with device, then we will reduce device level from red to brown. (hierarchy is: green, yellow, brown, red) Not a bad solution, but it still keeps you open to random IMEI spam to your black listing method. -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Android Market Anti-Piracy
It's hard to get into all the dynamics of it, but I'll gladly have a conversation offline with you if you'd like to have one. I'll try to touch briefly upon most of this though. Yes - I agreed the protection Google has implemented does not suffice for now. One would have hoped it could have been resigned to run specifically on that phone, or some type of protection like that. Instead we have a forward-locked application that essentially doubles in size since it has a zip file in /data/apps and it's actual apk in /data/app-private which is just a simple linux permission based protection. I agree with nEx on this one, that your asking a bit much for some applications to be granted internet permission, more importantly, your now asking for someone to grant READ_PHONE_STATE. This is something I've been more protective of over the internet permission. Your no longer using the ANDROID_ID and now using an IMEI. Since the IMEI is specific to the phone, why not use the ANDROID_ID? It is also linked to that phone and does not require any addition permissions... From the other side of things, it is also spoofable - so your not risking / more/ than you would by using the IMEI. You've touched on a few products and mentioned that they are all activation required. I completely agree that this is the activation method people should be taking, but you must also know -- all the products you've listed are easily available for a pirate... So why do people buy them then? Activation often /comes/ with something. Continued program update, patches, data updates, incentives to things, SUPPORT, plug-ins, etc. That's why these things can sell. Your always going to have the kiddies who download things for the sake of, I have this and I got it for free, always. Your always going to have people who can get it to them, because you've developed some crazy protection, and it's a game for them to break it. What needs to be done is put up some protection, and make your product better. If you spending more time on developing your protection system than your next feature, you need to re-evaluate your business plan. Protection schemes will probably add no business value compared to the next cutting edge feature... I'd like to just quickly rebase in saying, I'm not against your scheme - I just don't see how you plan to make this work. If you open up your blacklisting, it just seems like it will be too easy to circumvent and even easier to abuse. Circumvention isn't too much of an issue, but the abuse is just going to land you in problems with good customers. Yes, they could always email you and defend their IMEI. Though unless you've developed a /must have/ app that no one else has, why would a customer put up with having to defend themselves - you should always want to give customers a path a least resistance :) On Nov 16, 4:49 pm, AlexK kucherenko.a...@gmail.com wrote: sounds like conservation talks. I'm afraid because I don't understand what they are doing. I will not sit into train, because I don't know who in the front of it... Good application on which spent a lot of efforts requires good protection. You pay money for application and it services, and in rights ask explanation from developers site, may be even ask about some special guaranties... But in any case It is completely your choice do you want to use best application on market and did security prerequisites with guaranties from developer side, or use free software with open source and etc. On Nov 16, 11:28 pm, nEx.Software email.nex.softw...@gmail.com wrote: No, I completely understand that developers might use it but... Given the generic permission, I'd prefer not to use it unless completely necessary. That being said, if a developer is up front about it and tells me why they want those permissions, I am far less cautious... Generally speaking, I don't approve of analytics such as Flurry and/or Google because the developers don't tell me that they are being used. Google Analytics for Mobile actually requires disclosure, if I remember correctly. On Nov 16, 2:22 pm, Dan Sherman impact...@gmail.com wrote: I understand your point completely, but just pointing out a very legitimate reason for some of those apps would be user stats (flurry, google analytics), or ad serving (admob, etc). :) - Dan On Mon, Nov 16, 2009 at 4:17 PM, nEx.Software email.nex.softw...@gmail.comwrote: If I don't believe an application should require Internet, I don't install it. I hope that there are others who do the same. To require internet permissions (with the current generic internet permission) on an app which really does not need it, such as aiFlashlight, gives me reason to question the motives of that developer. I ask myself Now, why the heck would a flashlight app require internet permissions? and then move along to another app that does the same thing without requiring those permissions. I usually
[android-developers] Re: Another take on anti-piracy
One instance of application security I've seen was bluetooth file sharing application. I believe it read where it's location was, and if it's wasn't installed to /data/app-private then it called you a pirate and exited the program. Though this was easily circumvented by a simple push to / data/app-private, it was detailed somewhere on XDA. Also, while CoPilot and MyBackupPro seem to be defending well against piracy, it should be noted that they both have been cracked. On Nov 16, 4:10 pm, nEx.Software email.nex.softw...@gmail.com wrote: I think apps which operate in a SAAS fashion stand the best chance against piracy. Unfortunately, the current terms of the Android Market make it difficult, if not impossible to do this sort of thing. Web- apps have the obvious benefit in these cases as they can house the bulk of their functionality on the server and use a stub app to access those features. As long as you can make this service worthwhile outside of the world of Android, you'd probably be OK from the current Android Market terms and conditions (please correct me if I am wrong). On Nov 16, 1:36 pm, admin.androidsl...@googlemail.com admin.androidsl...@googlemail.com wrote: So looking at it a different way ... Are there any popular android apps that are not suffering from massive piracy? I had a quick hunt around and could see that MyBackup Pro asks for a Google Checkout number and Copilot also requires a code on starting up. Maybe there's something we can all learn by seeing how other app developers are dealing with this issue. Does anyone know how effective these measures are? Has anyone seen any other techniques that have worked. Its getting very tiring reading how pirates feel they have some right to steal apps from hard-working devs. Would love to teach those guys a lesson ... -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Another take on anti-piracy
Sorry, do you mean the actual Android Market itself? The applications Vending.apk? It's been put on plenty of ROMS... Remember the CD Cyanogen received... For just this thing? I'm not 100% sure if this qualified as piracy but it does fall under the incorrect distribution... Besides, the protection you may be talking about is it's dependency on Google-centric frameworks that are no available in the AOSP. Though that doesn't seem like a very good protection scheme to me :) On Nov 16, 5:12 pm, Abdul Mateen abmat...@gmail.com wrote: As far as I know about, Android Market software is not yet pirated(Correct me if I am wrong). On Mon, Nov 16, 2009 at 5:07 PM, strazzere str...@gmail.com wrote: One instance of application security I've seen was bluetooth file sharing application. I believe it read where it's location was, and if it's wasn't installed to /data/app-private then it called you a pirate and exited the program. Though this was easily circumvented by a simple push to / data/app-private, it was detailed somewhere on XDA. Also, while CoPilot and MyBackupPro seem to be defending well against piracy, it should be noted that they both have been cracked. On Nov 16, 4:10 pm, nEx.Software email.nex.softw...@gmail.com wrote: I think apps which operate in a SAAS fashion stand the best chance against piracy. Unfortunately, the current terms of the Android Market make it difficult, if not impossible to do this sort of thing. Web- apps have the obvious benefit in these cases as they can house the bulk of their functionality on the server and use a stub app to access those features. As long as you can make this service worthwhile outside of the world of Android, you'd probably be OK from the current Android Market terms and conditions (please correct me if I am wrong). On Nov 16, 1:36 pm, admin.androidsl...@googlemail.com admin.androidsl...@googlemail.com wrote: So looking at it a different way ... Are there any popular android apps that are not suffering from massive piracy? I had a quick hunt around and could see that MyBackup Pro asks for a Google Checkout number and Copilot also requires a code on starting up. Maybe there's something we can all learn by seeing how other app developers are dealing with this issue. Does anyone know how effective these measures are? Has anyone seen any other techniques that have worked. Its getting very tiring reading how pirates feel they have some right to steal apps from hard-working devs. Would love to teach those guys a lesson ... -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.comandroid-developers%2bunsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Is your Android app on Archos Market ?
that he could always with all kinds of certainty say that Archos would never be able to use the Google Apps and the Google Marketplace. Yet thats a double edged sword since your always claiming as fact that it will be released for Archos. On a side note -- Archos is still in violation of GPL since they have not yet released the kernel source after requests. -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Is your Android app on Archos Market ?
In addition to what Al has said, it's been interesting to see that many, MANY applications as essentially hotlinked to other sites for downloading. Very few of the applications posted appear to be actually hosted on appslib servers. This to me is a concern for a few reasons. Has permission been grated for this to happen? How does this protect me against bad updates/or even get me updates? Is that why I can't access have the applications, and did that author even submit it comes into question... -Tim On Oct 22, 3:03 pm, Al Sutton a...@funkyandroid.com wrote: Here is our account of what happened between us at AndAppStore and Archos; We worked with Archos for several weeks helping them design and develop AppsLib, this included me personally travelling to Archoses head office in Paris for meetings with Henri Crohas (Founder and CEO of Archos), and other members of their senior management, as well as various email and information exchanges. The relationship was such that at one point I personally was in possession of a pre-release Android Archos 5 for a few weeks before it was officially launched. Very early on in the development a mutual NDA was signed after which AndAppStore, at Archoses request, supplied proprietary information about AndAppStores' client/server data exchange mechanisms, system architecture, and provided a version of the AndAppStore client with a customised user interface designed to work on the WVGA display of the Archos 5. All of the information supplied to them was given in order to allow them to develop their server to ensure it was compatible with the customised AndAppStore client which we were told would be used as the AppsLib client. During our work with them we agreed the terms of an ongoing relationship which would cover the cost of the consulting and development work, and although the original deal was modified a few times (by mutual agreement), a contract was drawn up by Archos which we signed and returned it to them for countersigning. Archos then refused to countersign their own contract, and thus the relationship ended. When AppsLib was released it came to light that Archos had asked a third party, Diotasoft, to develop an almost functionally identical client for them and that AppsLib used the same system architecture and data exchange methods as AndAppStore, the details of which had been supplied to Archos under the mutual NDA at a time when we were being told we would be compensated via the terms of the ongoing relationship which had since ended. The extent of the use was that the Diotasoft/Archos AppsLib used exactly file formats, data set names, relationships between data sets, and methods of accessing the data as used in AndAppStore, and the AndAppStore client could read, parse, and populate its' internal database with data from AppsLib without modification. The current situation is this; As of today we have received no payment of any kind for the work we did, and the only invoice we have submitted is now overdue and has not been paid, and so we are seeking legal advice as to what options are open to us in relation to the information must have redistributed to Diotasoft in order to allow them to develop a client to our specifications and their development of an almost identical client. With all this in mind we are also examining the financial stability of Archos to determine whether or not Archos would be able to pay any award made to us by the time any legal action would be completed. Hopefully you're all now able to make your decisions a little easier as opposed to having to guess whats' going on. Al. -- * Looking for Android Apps? - Tryhttp://andappstore.com/* == Funky Android Limited is registered in England Wales with the company number 6741909. The views expressed in this email are those of the author and not necessarily those of Funky Android Limited, it's associates, or it's subsidiaries. On Oct 22, 5:57 pm, Streets Of Boston flyingdutc...@gmail.com wrote: There could be plenty of reason's 'why'. Costs less, faster to market, etc. I hope, too, that all this is just a mis-understanding. But AndAppStore states that it has some good proof that parts of their software have been 'used' by Archos for the Archos Market. On Oct 22, 4:52 am, arnouf arnaud.far...@gmail.com wrote: I'm not an Archos employee ! I think that this story is a little bit strange, because I don't think that Archos did something like that if they want have a good place on the android place... Now, I can't confirm if Archos or AndAppStore are right but I don't think why Archos should stole codes... On 21 oct, 16:11, Streets Of Boston flyingdutc...@gmail.com wrote: Same here. If they indeed did that, then i won't put my app there. On Oct 20, 1:25 pm, niko20 nikolatesl...@yahoo.com wrote: Hi, Maybe I will wait until I find out if you really stole the code for
[android-developers] Re: Anyone working on a Dex decompiler ? I am doing one .
Dedexer is the best one I've come across and made some fixes too... open-source too http://dedexer.sourceforge.net/ On May 4, 9:59 am, Disconnect dc.disconn...@gmail.com wrote: Jesusfreke has one (sali? sami? something like that, sorry I don't have a link.) I'll try to get the link for you later today. On Sun, May 3, 2009 at 7:25 PM, Wendal Chen wendal1...@gmail.com wrote: I am working on a Java app to decompiler dex file . Is there anyone are working about that too ? I had create a project onhttp://code.google.com/p/dex-decomplier/, pls take a look. Do hope for you join. If you want to join , pls send me a mail .- Hide quoted text - - Show quoted text - --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers-unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~--~~~~--~~--~--~---
[android-developers] Re: Encrypting application data file that is bundled with apk !
Yusuf makes good suggestions. My personal suggestion would be to include it in a class file of your java program, then obfuscate your code. If your attempting to prevent compilation this is your best bet. On Apr 21, 5:32 pm, Yusuf T. Mobile yusuf.s...@t-mobile.com wrote: From what I understand, your requirements are: - your app uses data that it puts in a database during setup - the end user should not be able to access this data, except through your app's UI Possible cracks would then be Marco's decompilation idea, or inspecting the database. Without knowing more about your app, I have a few suggestions: - bundle encrypted data with the app, but not the key to decrypt - in the database, at least encrypt the names and values - don't decrypt all the data at one time, only decrypt whatever the UI requests One way to accomplish the last step is with a per-datum key fetched on demand from your web service. However, depending on the value of your data, hiding it and the key in your code may be sufficient to render decryption not cost-effective. Yusuf Saib Android ·T· · ·Mobile· stick together The views, opinions and statements in this email are those of the author solely in their individual capacity, and do not necessarily represent those of T-Mobile USA, Inc. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers-unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~--~~~~--~~--~--~---
[android-developers] Re: Are there alternate ways to look up user phone number when TelephonyManager returns null?
Does your G1 display the correct line number through settings? (Settings About phone Status Phone Number) This method used by the system seems to always be accurate, but I believe it is a private API; // Snippit from http://android.git.kernel.org/?p=platform/packages/apps/Settings.git;a=blob_plain;f=src/com/android/settings/deviceinfo/Status.java;hb=HEAD import com.android.internal.telephony.Phone; import com.android.internal.telephony.PhoneFactory; ... Phone mPhone = PhoneFactory.getDefaultPhone(); ... setSummaryText(number, mPhone.getLine1Number()); // End snippit On Apr 10, 7:56 am, Mark Murphy mmur...@commonsware.com wrote: Muthu Ramadoss wrote: Is there a way to look up the user phone number other than TelephonyManager? In my G1, this returns null: // get your phone number TelephonyManager telephonyManager = (TelephonyManager) getSystemService(Context.TELEPHONY_SERVICE); String tel = telephonyManager.getLine1Number(); Log.i(Telephone Number == , tel+ ==); Not only does this apparently return null in some cases (like you got), it does not have to necessarily return a valid value. I tried your code, and I get a phone number that I *think* is what I was originally assigned when I bought the G1, before my other T-Mobile number could be ported over. So I am not certain this method is reliable in any case. Is there any other way of getting user's own phone number? Hopefully yes, though I don't know of one... -- Mark Murphy (a Commons Guy)http://commonsware.com|http://twitter.com/commonsguy Android App Developer Books:http://commonsware.com/books.html --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers-unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~--~~~~--~~--~--~---
[android-developers] Re: Are there alternate ways to look up user phone number when TelephonyManager returns null?
What type of phone are you using? Does it have a simcard and/or work on your carrier network? If the About phone/Status is not showing, then I doubt the snippit would work even if you could compile it (your not going to be able to using the standard SDK) On Apr 10, 11:22 am, Muthu Ramadoss muthu.ramad...@gmail.com wrote: My G1 says Unknown when (Settings About phone Status Phone Number) I haven't tried your new code snippet. I'll report back with the results. Thanks. On Apr 10, 8:08 pm, strazzere str...@gmail.com wrote: Does your G1 display the correct line number through settings? (Settings About phone Status Phone Number) This method used by the system seems to always be accurate, but I believe it is a private API; // Snippit fromhttp://android.git.kernel.org/?p=platform/packages/apps/Settings.git;... import com.android.internal.telephony.Phone; import com.android.internal.telephony.PhoneFactory; ... Phone mPhone = PhoneFactory.getDefaultPhone(); ... setSummaryText(number, mPhone.getLine1Number()); // End snippit On Apr 10, 7:56 am, Mark Murphy mmur...@commonsware.com wrote: Muthu Ramadoss wrote: Is there a way to look up the user phone number other than TelephonyManager? In my G1, this returns null: // get your phone number TelephonyManager telephonyManager = (TelephonyManager) getSystemService(Context.TELEPHONY_SERVICE); String tel = telephonyManager.getLine1Number(); Log.i(Telephone Number == , tel+ ==); Not only does this apparently return null in some cases (like you got), it does not have to necessarily return a valid value. I tried your code, and I get a phone number that I *think* is what I was originally assigned when I bought the G1, before my other T-Mobile number could be ported over. So I am not certain this method is reliable in any case. Is there any other way of getting user's own phone number? Hopefully yes, though I don't know of one... -- Mark Murphy (a Commons Guy)http://commonsware.com|http://twitter.com/commonsguy Android App Developer Books:http://commonsware.com/books.html --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers-unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~--~~~~--~~--~--~---
[android-developers] android.permission.GET_ACCOUNTS
Are there any examples of how to use android.permission.GET_ACCOUNTS ? Or is this an unimplimented api? I found this site; http://joakim.erdfelt.com/wiki/index.php/AndroidGetAccount Though I haven't been able to get anything to work. I believe JBQ said it was a private api - but I'm not sure why the permission is listed on the dev reference? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers-unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~--~~~~--~~--~--~---
[android-developers] Re: How to unsign and resign the apk file?
I'd assume there is some sort of checksum value in the androidmanifest.xml -- since that method of resigning the application should work fine, though it isn't recommended. On Apr 6, 2:20 pm, sumd jvin...@gmail.com wrote: Hi, I'm using the simple test app - HelloActivity. I tried the following steps to unsign: 1. renamed the HelloTest.apk to HelloTest.zip and unzipped the contents to HelloTest. 2. Deleted files CERT.RSA, CERT.SF under META-INF 3. Deleted everything from the file MANIFEST.MF except the following lines: Manifest-Version: 1.0 Created-By: 1.0 (Android) Then I opened AndroidManifest.xml with Hex editor and changed the activity name from .HelloTest to com.mytests.android.HelloTest Zipped everything back to HelloTest.apk and resigned with jarsigner -verbose -keystore my.keystore FirstTest.apk alias_name When I try to install this, I'm getting error: Failure [INSTALL_FAILED_INVALID_APK]. Do I need to remove any additional content from AndroidManifest.xml after editing the file? Or it's not allowed to change the manifest file inside the apk? Thanks, sumd --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers-unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~--~~~~--~~--~--~---
[android-developers] Re: Getting installed application Size
Thats the size on the screen - right? I believe he is asking for the package (apk) file size. This was removed from the API, as noted here: http://groups.google.com/group/android-developers/browse_thread/thread/df94daae34336aad/f96a8425549c6637?lnk=raot I don't have the code on hand - but I know I was able to retrieve this by browsing to the /data/app path and using normal java commands to get the files size. Hope that helps, On Apr 7, 3:17 pm, mcmc manni...@gmail.com wrote: wait for the surfaceChanged(int width, int height) callback to be called, and you can get the width and height that way... On Apr 7, 4:42 am, Raj lal.ra...@gmail.com wrote: Hi, I am using PackageManager class to retrive the information of the installed application on the device. But I didnt get any way to retrive the application Size on the device. Can any one help me out in getting how to achive this. Regards, Raj --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers-unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~--~~~~--~~--~--~---
[android-developers] Re: How to unsign and resign the apk file?
Have you tried looking at your own compile androidmanifest.xml and the original? I'm not hard to do by hand, and I'm not positive, but I doubt there are any tools to reverse it. On Apr 7, 5:17 pm, sumd jvin...@gmail.com wrote: Is it possible to extract the original androidmanifest.xml (ascii) from the apk with any of the tools? (aapt or ?) Thanks On Apr 7, 11:04 am, strazzere str...@gmail.com wrote: I'd assume there is some sort of checksum value in the androidmanifest.xml -- since that method of resigning the application should work fine, though it isn't recommended. On Apr 6, 2:20 pm, sumd jvin...@gmail.com wrote: Hi, I'm using the simple test app - HelloActivity. I tried the following steps to unsign: 1. renamed the HelloTest.apk to HelloTest.zip and unzipped the contents to HelloTest. 2. Deleted files CERT.RSA, CERT.SF under META-INF 3. Deleted everything from the file MANIFEST.MF except the following lines: Manifest-Version: 1.0 Created-By: 1.0 (Android) Then I opened AndroidManifest.xml with Hex editor and changed the activity name from .HelloTest to com.mytests.android.HelloTest Zipped everything back to HelloTest.apk and resigned with jarsigner -verbose -keystore my.keystore FirstTest.apk alias_name When I try to install this, I'm getting error: Failure [INSTALL_FAILED_INVALID_APK]. Do I need to remove any additional content from AndroidManifest.xml after editing the file? Or it's not allowed to change the manifest file inside the apk? Thanks, sumd --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers-unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~--~~~~--~~--~--~---
[android-developers] Re: Altering the resource values in the APK after creating it
It's actually not that much different than modifying any other compiled program -- especially a normal jar. Though like you said, it must be resigned after being modified. On Apr 1, 1:34 pm, Mark Murphy mmur...@commonsware.com wrote: Google_Android_discussion wrote: Hi, Is it possible to alter the string values(in resources) in APK after creating it. Not easily. The resources are in a compiled form in the APK and are not designed to be modified. In addition, if your APK is signed, any modification to the contents would require a new digital signature, presumably. -- Mark Murphy (a Commons Guy)http://commonsware.com|http://twitter.com/commonsguy Warescription: Three Android Books, Plus Updates, $35/Year --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers-unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~--~~~~--~~--~--~---
[android-developers] Re: Byte code format
There is some relevant informaiton http://strazzere.com/blog/?cat=5paged=3 and http://dedexer.sourceforge.net/ from Gabor. Hope that helps. On Apr 1, 10:28 am, Zhubham sahilz...@gmail.com wrote: Hi, I am keen on understanding how the DVM works and finally what's the format of the generated byte code. Can anyone please recommend a weblink for this. As such, i am looking for the size of Code Segment, Data Segment, Stack, Heap. How can I find these details for any Android application written by me?? Looking forward for your opinions and suggestions. Thanks. Best Regards, Zhubham --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers-unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~--~~~~--~~--~--~---
[android-developers] Re: Altering the resource values in the APK after creating it
Wait what? What does altering strings in an self-compiled apk have to do with themes? On Apr 1, 6:31 pm, clark clarkd...@gmail.com wrote: You should check out the xda-developers forums regarding creating themes on the Dream a.k.a. G1. Those guys are doing just what you mentioned, and resigning it as strazzere mentioned. ~clark On Apr 1, 2:32 pm, strazzere str...@gmail.com wrote: It's actually not that much different than modifying any other compiled program -- especially a normal jar. Though like you said, it must be resigned after being modified. On Apr 1, 1:34 pm, Mark Murphy mmur...@commonsware.com wrote: Google_Android_discussion wrote: Hi, Is it possible to alter the string values(in resources) in APK after creating it. Not easily. The resources are in a compiled form in the APK and are not designed to be modified. In addition, if your APK is signed, any modification to the contents would require a new digital signature, presumably. -- Mark Murphy (a Commons Guy)http://commonsware.com|http://twitter.com/commonsguy Warescription: Three Android Books, Plus Updates, $35/Year- Hide quoted text - - Show quoted text - --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers-unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~--~~~~--~~--~--~---
[android-developers] Re: Net monitor
I think this code will answer your questions :) http://code.google.com/p/netsentry/ On Mar 31, 4:34 am, Skouti sko...@scs-net.org wrote: Dears Is there any Library and classes that enables writing a NetMonitor application for 3G Wifi like in Symbian phones ..? Android.net.wifi and android.net seems haven't enogh functions to do that Are Android Kernal developers willing to set such Network functionalities as Symbian Windows Mobile have Regards --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers-unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~--~~~~--~~--~--~---
[android-developers] Re: who can tell me how to achieve this function?! thx!!!!
papi games read you android id - then they simple link the name and android_id on the site :) On Mar 26, 9:59 pm, wanzi ! wanzihe...@gmail.com wrote: droozen, thanks your reply! But in fact,this application didn't read the number or IMEI code of my phone ,because the waring information of this application doesn't include READ PHONE STATE. Who can tell me how to get it? On 3月24日, 上午2时38分, droozen droozenr...@gmail.com wrote: They're probably saving your name on their webserver somewhere, and perhaps using your phone number to identify the phone and display that name. On Mar 22, 9:06 pm, wanzi ! wanzihe...@gmail.com wrote: Is anybody download the PaPi games from market and played it? I found when I played one of this series of PaPi game and I input my name,then all series PaPi games can read this name. At beginning, I consider maybe the application saved some data which can be shared by other PaPi games, but when I Factory data reset and format the SD card, then I download these games and play them again, it's so crazy that these games can read my name which I inputed before all the same!! next, I consider maybe the application read the only code of the phone (IMEI) to identify the phone,but I check the install information about all the PaPi games, I can't found any information about READ PHONE STATE,so I think these applications didn't read the IMEI code. who can tell me how to achieve this function?! thx!- 隐藏被引用文字 - - 显示引用的文字 - --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers-unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~--~~~~--~~--~--~---
[android-developers] Re: Deleting Incoming SMS???
I believe this has been discussed previously and the result was you arn't allowed to do it, since someone could abuse this by sending and receiving messages without the user knowing. This is considered a no- no since it's a chargeable service. On Mar 20, 12:04 pm, Kenny yxw...@gmail.com wrote: I was looking for the solution too. It seems impossible to intercept TEXT SMS. It will go to Inbox definitely. Kenny On Mar 20, 10:30 pm, Gulfam gulfa...@gmail.com wrote: My problem is same as MattBruce said. On Mar 20, 7:28 pm, Gulfam gulfa...@gmail.com wrote: Hi all, I am also facing exact same problem as said below any one can help us Regarding this.its very urgent for me. Regards, Gulfam On Feb 15, 4:57 am, Matt Bruce mbruced...@gmail.com wrote: I have an SMSReceiver that I built to intercept a particular type of SMS that would run a service. That is all working great, however, I would like for this SMS to not show up in the user's inbox. So ideally i would like to delete the SMS on the time of Interception. I have gone through a ton of threads and having seen anyone accomplish this yet. Am I missing something or is this even possible? I would think there would be some _id on the incoming SMS that i could use to run the delete against the SMS store. I am looking for any solution, and I hope someone out there has accomplished this. HELP! --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers-unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~--~~~~--~~--~--~---
[android-developers] Checking how a program was installed?
Is there a way to programmatically without root check and see how a program was installed? The only solution I've been able to find is using root - and tapping into a database that the Vending application uses; CREATE TABLE assets10(_id INTEGER PRIMARY KEY AUTOINCREMENT, content_uri TEXT, s tate TEXT, download_pending_time INTEGER, download_start_time INTEGER, install_t ime INTEGER, uninstall_time INTEGER, size INTEGER, type TEXT, package_name TEXT, is_forward_locked TEXT, signature TEXT, refund_timeout INTEGER, version_code IN TEGER, server_string_id TEXT UNIQUE); Most specifically I can check to this database using my package name and/or signature and see if it's ever been installed by the market. Then if it has you could check to see if it's been uninstalled. As for background, I'm just messing around with ways to distinguish real users from pirated versions. I've noticed from an application I've posted that I only have approximately 100 downloads and 50% active, yet my server which is used by the application shows approximately 200ish unique users within the past few days. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers-unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~--~~~~--~~--~--~---
[android-developers] Re: decompilar .dex
Here is another --- never used undx, but Gabbor did a nice job with dedexer; http://dedexer.sourceforge.net/ On Mar 19, 10:48 am, fadden fad...@android.com wrote: On Mar 18, 2:52 pm, Carlos Alberto tic...@gmail.com wrote: how to decompile a. dex for instructions in machine language anyone know of a disassembler. Dalvík in dex dexdump -d file. Works on .dex, .odex, and .apk/.jar with a classes.dex inside. dexdump is included on the device and in (most versions of) the SDK. There's also at least one 3rd-party tool (http://sourceforge.net/ projects/undx/). --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers-unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~--~~~~--~~--~--~---
[android-developers] Re: manipulating markets popularity! - why should i develop app for android
It appears google does monitor and can/will disable accounts. For example - mine has been disabled. Why? No idea but I've gotten it confirmed by google support. They said it was disabled due to high volume and suspicious traffic - with not email notification or anything. Just turned off - and no reply on how to get it turned back on. On Mar 7, 9:48 pm, Marco Nelissen marc...@android.com wrote: On Sat, Mar 7, 2009 at 3:01 PM, Stoyan Damov stoyan.da...@gmail.com wrote: On Sat, Mar 7, 2009 at 8:58 PM, strazzere str...@gmail.com wrote: Your interaction with the market is also logged with your android id -- which also seems to be linked to a gmail account you use on that device. So I'm assuming this could be tracked - and if google wanted to, they could see. Hmmm 150+ users with the same android id? All commenting and install the same application? That is, if Google cares. All I've seen is oh, really? file a bug. And rightly so, because we can't keep track of issues brought up in a mailing list. If you see a bug, you're certainly welcome to bring it up in the mailing list, so that others may learn from your experience, but posting about it in this mailing list is no substitute for filing a bug. We can't assign a posting to an engineer. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers-unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~--~~~~--~~--~--~---
[android-developers] Re: Audio Volume
Then I'd recommend looking here: http://sdk.androidin.com/reference/android/media/AudioManager.html More specifically; http://sdk.androidin.com/reference/android/media/AudioManager.html#setStreamVolume(int,%20int,%20int) audio.setStreamVolume(AudioManager.STREAM_MUSIC, #); On Mar 9, 10:22 pm, LukeH luke.hun...@gmail.com wrote: I'm a developer, I'm looking to change the behavior of my app, not install another app for changing the volume. I need some way to make it so that volume button presses always adjust the music stream volume when my activity is showing whether a sound is playing at the time or not. On Mar 9, 7:16 pm, strazzere str...@gmail.com wrote: Look at some of the applications on the market. Such as Master Volume Controller. You can lower the media volume, and raise your ringer volume. On Mar 9, 9:58 pm, LukeH luke.hun...@gmail.com wrote: I also have exactly this issue. How can I fix it? Or as they say on internets, BUMP. On Feb 3, 2:28 am, blindfold seeingwithso...@gmail.com wrote: My app generates and plays sound samples in one second bursts, and this context sensitivevolumeadjustment keeps flipping between ringtonevolumeand mediavolumedepending on split second timing (apparently depending on whether a burst is playing or a next burst is in preparation when thevolumebuttons are pressed). How can I pin down (lock?) the audio context to prevent this? Right nowvolume adjustment via thevolumebuttons is unworkable. Thanks. On Feb 2, 11:35 pm, Dave Sparks davidspa...@android.com wrote: Thevolumeadjustment is context sensitive. You can tell whichvolume is being adjusted by thevolumedisplay. If YouTube or the music player, adjusting thevolumewill affect only the music/video playbackvolume. Thevolumedisplay will read Media Volume. If you're in the home screen, or most other apps that don't use audio, adjusting thevolumewill affect the ringtone/notification volume. Thevolumedisplay will read RingtoneVolume. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers-unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~--~~~~--~~--~--~---
[android-developers] Re: manipulating markets popularity! - why should i develop app for android
Your interaction with the market is also logged with your android id -- which also seems to be linked to a gmail account you use on that device. So I'm assuming this could be tracked - and if google wanted to, they could see. Hmmm 150+ users with the same android id? All commenting and install the same application? On Mar 7, 10:43 am, Marco Nelissen marc...@android.com wrote: On Sat, Mar 7, 2009 at 2:00 AM, AE antonio_eggb...@yahoo.se wrote: On Mar 7, 9:07 am, Mariano Kamp mariano.k...@gmail.com wrote: What about AE (or another single person) trying it out in public? Say what user he creates and what app he will rate/comment with *. We can watch if it gets deleted. I don't consider AE cheating if he does it once, in public, and as part of an experiment. Yes I have done it and to see if it really true and it works. Did you file a bug athttp://b.android.com? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers-unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~--~~~~--~~--~--~---
[android-developers] Re: getting android_id from GoogleLoginServiceBlockingHelper?
Here is a small snippet; Log.v(??, attempt to get android_ID); // GoogleLoginServiceBlockingHelper test; try { long A_ID = GoogleLoginServiceBlockingHelper.getAndroidId (getApplicationContext()); } catch (GoogleLoginServiceNotFoundException e) { // TODO Auto-generated catch block e.printStackTrace(); } Log.v(??, I'm never reached); You must import the following; import com.google.android.googlelogin.*; Which are located in client.jar which you can download here: http://android.git.kernel.org/?p=platform/frameworks/opt/com.google.android.googlelogin.git;a=tree Anyone able to get this to work? -Tim On Feb 25, 4:27 pm, Dan Bornstein danf...@android.com wrote: On Mon, Feb 23, 2009 at 8:31 PM, strazzere str...@gmail.com wrote: Everything seems to be going smoothly until I get to running the project and the dalvikvm spits out errors such as rejecting opcode 0x6e at 0x000e which seems to make no sense to me. Can you provide a bit more context from the log? Also, if you could provide a compilable and runnable test case, then it would be much more likely that we will be able to reproduce the problem locally. Thanks. -dan --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers-unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~--~~~~--~~--~--~---
[android-developers] Re: Why is the market listing my app as exactly twice the size of the APK I uploaded?
Just a little more depth on it... If you look at what the copy protection is doing - it dumps your normal .apk to /data/app-private then puts a .zip in /data/app The .apk is your originally signed one - and the .zip is you manifest, resources and res folder. So that res folder basically doubles your size since it contacts copies of all of the resources you also contain in your .apk -Tim On Feb 26, 11:23 pm, Jean-Baptiste Queru j...@android.com wrote: copy-protection doubles the amount of size needed to store the app on the device indeed. JBQ On Thu, Feb 26, 2009 at 8:19 PM, Robert Green rbgrn@gmail.com wrote: For Wuzzle, the signed trial APK is 878KB and the signed full game APK is 934KB. I do have copy protection turned on for both and it did say it would increase the space needed. I figured that meant it would add an extra 10KB or something reasonable. They are listed on the market as being 1.71MB and 1.82MB respectively. I didn't think it would literally double the app size! My other game, Light Racer has a signed APK of 288KB and is posted with no copy protection. It is listed on the market as 289KB, which is correct. Has anyone else noticed this? -- Jean-Baptiste M. JBQ Queru Android Engineer, Google. Please don't contact me directly. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers-unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~--~~~~--~~--~--~---
[android-developers] getting android_id from GoogleLoginServiceBlockingHelper?
Has anyone been able to use GoogleLoginServiceBlockingHelper? I'm attempting to grab the android id using this function as opposed to the settings.system.android_id as an attempt to get the android id linked to the google account. Everything seems to be going smoothly until I get to running the project and the dalvikvm spits out errors such as rejecting opcode 0x6e at 0x000e which seems to make no sense to me. The only related thread to this that I could find is here, http://groups.google.com/group/android-developers/browse_thread/thread/22dbecfaa3a84d1d - though this one went unanswered. The reason I'm trying to do this, is it seems google has stored the android_id somewhere other than on the device, so this could be useful in trying to tie an android id to a specific user. This could mean if they got a new phone, it would still be tied to the user though they couldn't share the application and spoof the id. Any thoughts on using this? Has anyone done it before? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers-unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~--~~~~--~~--~--~---
[android-developers] Re: Market Apps Not Really Protected
Jamie, Not sure that - it's actually a little more scary than that. Any phone (rooted or not) that allows unknown sources to install, could then install the application - and the market won't look at it for updates etc. On Feb 20, 7:08 pm, Jamie jamie.hu...@gmail.com wrote: Essentially, any rooted phone can pull apps using adb. Apparently there is no security tied to google accounts, phone id, or anything, its simply a lock on folder access if you don't have root access. Interesting, indeed!! --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers-unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~--~~~~--~~--~--~---
[android-developers] Re: sim needed for accessing market?
@Xavier Can I asked exactly where you are getting your information? Did someone tell you this? @Craig The developer phone can go on networks like T-Mobile if a sim card is provided, though it is not nessicary for the phone to work. It can access the internet without any card via usb connection. The real question is, is does it come with the market application on it. Hopefully someone with a developer phone can answer this, as it isn't on googles page concerning the phone; http://code.google.com/android/dev-devices.html The way everything is worded. I would assume that the market is NOT on the device since it's intended to test YOUR applications. It also notes that it is not intented for everyday users as it is not supported by anyway... So I'd (hopefully safely) assume that you could not expect the market to be on there. -Tim Strazzere http://www.strazzere.com/blog/ On Dec 14, 8:19 pm, Xavier Mathews xavieruni...@gmail.com wrote: Do you have the Dev phone. I belive that you can download from the market to the phone via usb through dsl. I have never tried. On 12/14/2008, Craig csab...@gmail.com wrote: Does anyone know what is required to use the dev phone? Specifically, do I need a phone contract, or can I get online through my DSL connection at home? If I can get online through my home connection, would I have access to the Android Market? I'm asking because I would like a device to develop on and test, but I'm not interested in another phone contract, and I don't have ATT or TMobile. -- Xavier A. Mathews Student/Browser Specialist/Developer/Web-Master Google Group Client Based Tech Support Specialist Hazel Crest Illinois xavieruni...@gmail.com¥xavieruni...@hotmail.com¥truestar...@yahoo.com Fear of a name, only increases fear of the thing itself. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers-unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~--~~~~--~~--~--~---
[android-developers] Re: unknown socket error -1
Sal, Just figured I'd post this here since it might become relevant for you. If you come across the error: 12-01 18:27:52.175: WARN/System.err(764): java.net.UnknownHostException: Host is unresolved: www.strazzere.com:80 This exception was thrown whenever .connect() or .getOutputStream() where called. Obviously www.strazzere.com is just an example, but you might find that a known and resolvable host is getting the exception thrown, the trick is to restart the emulator. It seems to lose something if you change network connections or go in/come out of hibernation mode. Sorry if this seems off topic, but I wasn't able to find a solution to my problem yesterday so I figured I'd post this here! Best of luck, -Tim Strazzere On Dec 2, 4:21 am, sal [EMAIL PROTECTED] wrote: Hi, Thanks for your concern, The problem with socketException got solved by putting INTERNET permission in manifest.xml file. But now i am encountering a new problem as follows i have created Serversocket as follows ServerSocket clientListenerSocket = new ServerSocket(); But i dont see port# being in listening state when i do netstat -a on windows XP machine.Strange part is its not generating any exception. because of this client is unable to connect to this port I guess host OS is not allowing to allocate these ports. i would like to know what could be the other reasons for this particular problem. and what is the procedure to find free ports on Windows XP machine. Thanks On Dec 1, 7:58 pm, Huebi [EMAIL PROTECTED] wrote: You need to add the INTERNET permission to your app in the Manifest. That should solve the issue On 1 Dez., 15:27, sal [EMAIL PROTECTED] wrote: 1. Can anyone point me to simple TCP client/server program on android ?? 2. Whenever i try to create socket with port and IPaddress i get IOException which points to a SocketException which gives a message unknown socket error -1 , it would be nice if someone could tell the root cause for this problem. i guess this is something to do with TCP settings of emulator. 3. Do we need to have any configuration changes to Emulator or androidmanifest.xml file to eliminate this problem ? Thanks- Hide quoted text - - Show quoted text - --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~--~~~~--~~--~--~---
[android-developers] unable to resolve new-instance?
Anyone have an idea about this? 11-30 16:08:25.620: WARN/dalvikvm(1006): VFY: unable to resolve new- instance 16 (Lcom/testLibrary/Config;) in Lcom/Android/test/test; 11-30 16:08:25.646: WARN/dalvikvm(1006): VFY: rejecting opcode 0x22 at 0x0032 11-30 16:08:25.646: WARN/dalvikvm(1006): VFY: rejected Lcom/Android/ test/test;.onCreate (Landroid/os/Bundle;)V 11-30 16:08:25.646: WARN/dalvikvm(1006): Verifier rejected class Lcom/ Android/test/test; 11-30 16:08:25.646: WARN/dalvikvm(1006): Class init failed in newInstance call (Lcom/Android/test/test;) From some research I've found this occurs to many people when trying to use the map library, so they include the uses-library tag and it's fixed. However this is using an external class (i'm testing right now) however it doesn't seem to like it at all. The line is as follows: Config config = new Config(data, 0, false, false); And it complains about it unable to resolve the instance. This works in normal java... Do I need to optimize something explicitly for android? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~--~~~~--~~--~--~---
[android-developers] Re: Pay app support?
Some applications have already implemented the expiration date and have been cracked already. The Android Market seems to be rather secure, the problem seems to be in the developers coding of protection schemes in products... A registration method with online check would probably be your best bet. On Nov 10, 8:18 pm, Jesse Scherer [EMAIL PROTECTED] wrote: If you absolutely must offer a trial, and the Market won't support it, you could offer a trial version of your app with some sort of kill switch (the application sets a flag and tells itself to stop working after 10 days) and a paid version that does not do this. It would not prevent a truly determined person from circumventing your terms, but given the nature of Android, why couldn't somebody just hack the Market app to ignore trial periods anyway? My 2c Jesse On Mon, Nov 10, 2008 at 7:10 PM, Christine [EMAIL PROTECTED]wrote: Hopefully, they will allow a trial period. iPhone market doesn't allow that, so you're forced to either charge for the first download, or make the app free. On Nov 10, 9:52 pm, Eric [EMAIL PROTECTED] wrote: It was announced that a 30% cut of the Market price will be paid to the carrier(s), and the remaining 70% will be paid to the developer. You can also sell apps through venues other than the Market, and avoid the 30% cut, but it seems likely that most phone owners will only look for apps in the Market. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~--~~~~--~~--~--~---
[android-developers] Re: Windows driver for HTC G1 phone
The SDCard should work without any drivers (though mine does not work on windowsxp) Debugging *should* work with the driver provided higher up in this post. I seem to be able to work perfect both sdcard mass storage and debugging from my linux box. On Oct 31, 4:45 am, ReyStevE167 [EMAIL PROTECTED] wrote: mines only say thats i need a disc im not really into all those complicated situations where u have to put in codes and such i jus want my G1 phone to be installed on my laptop anybody helpp plzz anybody know of a CD !? On Oct 30, 3:03 pm, strazzere [EMAIL PROTECTED] wrote: I get the same issue... Following instructions here; http://code.google.com/android/intro/develop-and-debug.html#developin... But the device stays as a Unrecognized usb device, anyone figure this one out? On Oct 23, 7:46 pm, Jonathan Herriott [EMAIL PROTECTED] wrote: Hi, The Found New Hardware Wizard is unable to detect the drivers after I already specified exactly which directory to look. Has anyone else run into these issues? Thanks On Oct 22, 1:32 am, Beau Gunderson [EMAIL PROTECTED] wrote: Here's the link from the other thread on this topic: http://dl.google.com/android/android_usb_windows.zip Beau On Oct 17, 11:13 am, RonS [EMAIL PROTECTED] wrote: Any idea where can I get the USB driver so that adb will see the G1? RonS --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~--~~~~--~~--~--~---
[android-developers] dexdump and vtables ?
I've been doing some research on dexdump and it helps out tremendously. Some things are hard to understand though - and the best example of translating some of it's output I've found here; http://zeaster.blogspot.com/2007/11/how-to-decompile-dex-file-on-android_28.html Though it is old, however I'm not exactly sure how this author find out what vtable #00** means. Is there any documentation on dexdump or these values? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~--~~~~--~~--~--~---
[android-developers] Windows ADB Driver?
For some reason I'm not able to connect to my G1 android device using windows xp. I can connect fine with linux (ubuntu), however when connecting to a windows machine I receive USB Device not recognized. I've looked at the documentation here; http://code.google.com/android/intro/develop-and-debug.html#developingondevicehardware And followed it to no avail. I've also tried specifically selecting the android_usb.inf file when searching for drivers however it says it is not the correct hardware. I have this occuring on two windows xp machines. Has anyone gotten this to work on their windows XP machine? I know someone running vista that it worked for, though I don't see THAT being the problem. Any come across an error like this and happen to know a fix? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~--~~~~--~~--~--~---
[android-developers] Re: Windows driver for HTC G1 phone
I get the same issue... Following instructions here; http://code.google.com/android/intro/develop-and-debug.html#developingondevicehardware But the device stays as a Unrecognized usb device, anyone figure this one out? On Oct 23, 7:46 pm, Jonathan Herriott [EMAIL PROTECTED] wrote: Hi, The Found New Hardware Wizard is unable to detect the drivers after I already specified exactly which directory to look. Has anyone else run into these issues? Thanks On Oct 22, 1:32 am, Beau Gunderson [EMAIL PROTECTED] wrote: Here's the link from the other thread on this topic: http://dl.google.com/android/android_usb_windows.zip Beau On Oct 17, 11:13 am, RonS [EMAIL PROTECTED] wrote: Any idea where can I get the USB driver so that adb will see the G1? RonS --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~--~~~~--~~--~--~---