Jon Colverson wrote: > On Feb 28, 7:06 am, Al Sutton <a...@funkyandroid.com> wrote: > >> This >> isn't neccessarily about encrypting applications, in fact the system at >> AndAppStore[1] doesn't rely on encrypting the application, it purely >> relies on using an encrypted piece of data which thae application uses >> to determine what rights a user has available to them. >> > > Can you not see the flaw here? > >
Not when part of the encrypted data contains identifiers for the device to allow. Maybe you want to offer up a bit more information on what you think is wrong.... >> DRM can't stop a determined attacker, but good DRM makes the content >> worthless by the time it's been cracked, and the current Android Copy >> Protection system isn't a good DRM implementation because a casual >> attacker can follow a simple set of instructions to by-pass it. >> > > The AndAppStore DRM is no better. > > I'm sorry, I don't see how you can say a system which can be used to secure software usage on a rooted G1 or ADP1 isn't any better than a system that can't. Again, maybe you'd like to add some content to your comment.... >> To crack the AndAppStore uses 1024 RSA encryption which is considered >> secure, and even if a cracker got the public key used to decrypt the >> license information in the application that would only show them what's >> in the license, it wouldn't allow them to create their own licenses, and >> so it works on all Android platforms. >> > > The encryption of the license files has nothing to do with it. > > Again, big on comments short on content. If you're talking about modifying the binary to remove the license checking, well, if someone is willing to do that for every single update of an application, then they are certainly determined enough to do a one off rooting of their 'phone and get past the Android Copy Protection mechanism, so again. Maybe you'd like to explain what you mean as opposed to just throwing out sound bites? > -- > Jon > > > > -- * Written an Android App? - List it at http://andappstore.com/ * ====== Funky Android Limited is registered in England & Wales with the company number 6741909. The registered head office is Kemp House, 152-160 City Road, London, EC1V 2NX, UK. The views expressed in this email are those of the author and not necessarily those of Funky Android Limited, it's associates, or it's subsidiaries. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers-unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~----------~----~----~----~------~----~------~--~---