The dex format is actually well documented, there are official tools to work with it (e.g. dexdump) as well as third-party tools. There's nothing to reverse engineer, it's all out there.
JBQ On Tue, Mar 31, 2009 at 6:03 AM, Stoyan Damov <[email protected]> wrote: > > Indeed, Al's protection scheme works. I have just 2 issues with it: > > 1. Key length should be configurable, depending on the country at > which the app would be used, right? AFAIK strong key encryption is not > allowed outside the US (or at least in some countries), but I might be > wrong. > > 2. I've seen some links on the web where people reverse engineer the > dex format (probably not fully). > I know it's closed source (or is it?) but if someone reverse engineers > it fully then there's no protection whatsoever -- I'll just get the > java code, and even if it's obfuscated I can remove the single "if" > statement in the protection code, recompile, sign with my key and > redistribute the new .apk for free. > I hope this won't happen, but who knows. > > Cheers > > On Tue, Mar 31, 2009 at 4:00 PM, Jean-Baptiste Queru <[email protected]> wrote: >> >> It looks like you have quite some bases covered. >> >> I think there'd be definite value for Android as a whole if the >> different app stores that move in that direction could adopt a common >> API for such a mechanism. Added bonus for SDK integration. >> >> Beyond that I have no visibility into Google's plan for such a scheme on >> Market. >> >> JBQ >> >> On Tue, Mar 31, 2009 at 5:06 AM, Al Sutton <[email protected]> wrote: >>> >>> Out of interest what do people think of the AndAppStore scheme at >>> http://andappstore.com/AndroidPhoneApplications/licensing.jsp ? >>> >>> I'd happily work with the Google guys to get either this, or a similar >>> scheme integrated with Market to offer a higher level of protection against >>> the apps being run by unauthorised accounts. >>> >>> I also think that protecting the APK file isn't the answer. Hence why the >>> AndAppStore scheme focuses on runtime protection as opposed to file >>> protection. >>> >>> Al. >>> >>> --- >>> >>> * Written an Android App? - List it at http://andappstore.com/ * >>> >>> ====== >>> Funky Android Limited is registered in England & Wales with the >>> company number 6741909. The registered head office is Kemp House, >>> 152-160 City Road, London, EC1V 2NX, UK. >>> >>> The views expressed in this email are those of the author and not >>> necessarily those of Funky Android Limited, it's associates, or it's >>> subsidiaries. >>> >>> >>> -----Original Message----- >>> From: [email protected] >>> [mailto:[email protected]] On Behalf Of Stoyan Damov >>> Sent: 31 March 2009 13:02 >>> To: [email protected] >>> Subject: [android-discuss] Piracy and app "protection" >>> >>> >>> Is Google working on a better protection scheme? I googled for my game today >>> (to see whether it's being pirated) and immediately found it on rapidshare. >>> I did report the abusing referral link but can't report for other guys' >>> apps. >>> >>> BTW, guys, I've found *many* games on many websites... >>> >>> P.S. I didn't bother to protect my game because anyone with a rooted phone >>> can pull the game out of his device and there are quite a lot of them. >>> >>> Cheers >>> >>> >>> >>> >>> > >>> >> >> >> >> -- >> Jean-Baptiste M. "JBQ" Queru >> Android Engineer, Google. >> >> Questions sent directly to me that have no reason for being private >> will likely get ignored or forwarded to a public forum with no further >> warning. >> >> > >> > > > > -- Jean-Baptiste M. "JBQ" Queru Android Engineer, Google. Questions sent directly to me that have no reason for being private will likely get ignored or forwarded to a public forum with no further warning. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Android Discuss" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/android-discuss?hl=en -~----------~----~----~----~------~----~------~--~---
