And ?
Unless you want your computer to start lying to you about what processes
are running, and the code inside those processes, and also make tools
like VirtualBox or Bochs illegal, effective DRM is impossible.
And you do not want you computer to start hiding things from you; it
applies to the bad guys as well as the content creators.
See: Sony root kit
On the specifics you mention.
1) yes, you can recompile with the 'is registered' checks commented out
for instance, but your server doesn't blindly trust the client to say
'I'm userid 0, send me everything'. Right ? Right ?!?
2) there's no need to hide private signing or authenticating keys inside
the application, this can all be kept server side.
Tom
On 25/02/2014 11:33, Alexander Farber wrote:
"-1" since someone can take your app,
decompile it, comment/shortcircuit the IAP/DRM
and compile it back - as a "cracked" version...
Or if you use any OAuth stuff - find the "secret"
inside the app and then use it to impersonate other users.
On Thu, Feb 20, 2014 at 1:59 AM, Joseph Balderson <[email protected]> wrote:
+1 totally agree.
______________________________________________________________________
This email has been scanned by the Symantec Email Security.cloud service.
For more information please visit http://www.symanteccloud.com
______________________________________________________________________
