"Copy-protection" does not prevent rooted phones from seeing your application.
You also might be forgetting, that if ANYONE gets a hold of the apk, regardless if they have a device (rooted or not), they could simply extract your encryption keys? -Tim On Jan 13, 12:18 pm, sdphil <phil.pellouch...@gmail.com> wrote: > hey mark - when you say "copy protect" on Android Market causes more > problems than it solves, can you describe what you mean? > > On Jan 12, 2:08 pm, Mark Murphy <mmur...@commonsware.com> wrote: > > > > > sdphil wrote: > > > I want to hide some info (encryption keys) in a private area. > > > The best answer: the private area is the user's brain. > > > > I know > > > there are a lot of threads on the topic and from what i can tell - it > > > basically comes down to - there's no security :-) just kidding. > > > > It seems like the data you have in your private area -- > > > > /data/data/com.company.product/files > > > > is only accessible to your application, so it would be sufficient to > > > store anything (like encryption keys for example) in just plain text > > > files there if you wanted. > > > > the big drawback of doing this though is that a "rooted" phone would > > > be able to access that area -- therefore, no security. > > > > does "copy protection" solve this problem? > > > I am not aware of any copy protection that solves this problem. And if > > you mean "copy protect" on the Android Market, that causes more problems > > than it solves, IMHO. > > > > Would a "rooted" phone then be able to grab and install > > > the .apk file (and ultimately gain access to the app-private area)? > > > I don't have a rooted device, but I presume the answer is yes. > > > > Seems like someone somewhere has to have solved this problem. > > > Seriously? > > > Security is pretty much toast on anything if the one who wants to get > > past the security gets their hands on the hardware. This is why DRM > > tends to be broken. sometimes very quickly -- DRM providers are > > attempting to do the same thing you are. You cannot have the algorithm > > and the key both in something that can be read by software, plain and > > simple. > > > -- > > Mark Murphy (a Commons > > Guy)http://commonsware.com|http://twitter.com/commonsguy > > > _Android Programming Tutorials_ Version 1.0 In Print!
-- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
