[android-developers] Re: All APK has cracked by apkcracks.net

[Chief Yapping Maw]

Release 2 identical apps, 1 w/ DRM, 1 w/out.
Use entirely different names.
You will find that you will sell multiple times more copies of the unprotected 
app.
Going back to 1981, our computer club would share apple basic programs amongst 
ourselves, the "pirates".
Without exception, the programs we found useful we bought after trying them out 
as a pirate.
Mostly this was a social experience, not an opportunity to steal.
Spend a little time working on easter eggs instead of copy protection.
New copy protection is like screwing a new tail onto a cow.  The smart flies 
will chew your hide where the new tail won't reach.

-- 
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en

[android-developers] Re: All APK has cracked by apkcracks.net

[Streets Of Boston]

*Every *app can be cracked and pirated. It doesn't matter how much layers 
of protection you  add to your app; your app can always be cracked. If 
someone is willing to spend time to reverse engineer your app and has 
enough determination, they will succeed. 

If i may be so bold to say, the only apps that can't be cracked are the 
apps that are not published. 

Google can't really do anything about it.
*You *could look into some legal action against apkcracks.net, though. 
However, i'm doubtful it would have much effect (apkcracks is not the only 
one out there).

On Thursday, May 3, 2012 12:04:16 PM UTC-4, Giuseppe wrote:

> In our app we use Proguard and License system from Google.
>
> Our app and other thousand of apps are published on this web site 
> http://apkcracks.net
>
> Can Google explain what else we must do to protect our night, Sunday and 
> holiday's job ?
>
> Giuseppe
>

-- 
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en

[android-developers] Re: All APK has cracked by apkcracks.net

[Adam Ratana]

To add to this:

I've seen some apps I've made get cracked and posted on various sites, but 
the ones that had true appeal (imo) continue to sell regardless.  Generally 
the people who will download cracked versions would likely never pay in the 
first place, is something many people have said that I tend to agree with.

When my main "bread and butter" app was cracked for the first time, I saw a 
huge spike in installs on flurry, and a sustained use of that version 
(which I interpret to mean continued usage of a cracked version), after I 
had posted some updates, but it did not have a corresponding drop in sales.

In fact I've found that LVL can potentially be more trouble than it is 
worth, in fielding complaints from customers when it's not recognizing them 
as being licensed, before their trial period of 15 minutes runs out.  This 
can lead to some frustrating back and forth, and asking customers for 
patience with things beyond our control.

For $0.99  live wallpaper type stuff, I don't even bother with the LVL 
since the sales volume is much higher and likely it's not worth handling 
the support emails for LVL failing incorrectly.  These tend to be 
cracked/posted almost immediately, but again, those people will never buy 
from you anyway.  They're not your target audience, imo.



On Thursday, May 3, 2012 1:28:53 PM UTC-4, Streets Of Boston wrote:
>
> *Every *app can be cracked and pirated. It doesn't matter how much layers 
> of protection you  add to your app; your app can always be cracked. If 
> someone is willing to spend time to reverse engineer your app and has 
> enough determination, they will succeed. 
>
> If i may be so bold to say, the only apps that can't be cracked are the 
> apps that are not published. 
>
> Google can't really do anything about it.
> *You *could look into some legal action against apkcracks.net, though. 
> However, i'm doubtful it would have much effect (apkcracks is not the only 
> one out there).
>
> On Thursday, May 3, 2012 12:04:16 PM UTC-4, Giuseppe wrote:
>
>> In our app we use Proguard and License system from Google.
>>
>> Our app and other thousand of apps are published on this web site 
>> http://apkcracks.net
>>
>> Can Google explain what else we must do to protect our night, Sunday and 
>> holiday's job ?
>>
>> Giuseppe
>>
>

-- 
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en

[android-developers] Re: All APK has cracked by apkcracks.net

[lbendlin]

We found that having part of the application value sitting on a server 
provides a decent protection. People can crack the app all they want but 
they only get the logic, not the data.  The data is only accessible to 
registered users, and it is watermarked so we can find and punish the ones 
who leak it.

On Thursday, May 3, 2012 11:22:29 PM UTC-4, Adam Ratana wrote:

> To add to this:
>
> I've seen some apps I've made get cracked and posted on various sites, but 
> the ones that had true appeal (imo) continue to sell regardless.  Generally 
> the people who will download cracked versions would likely never pay in the 
> first place, is something many people have said that I tend to agree with.
>
> When my main "bread and butter" app was cracked for the first time, I saw 
> a huge spike in installs on flurry, and a sustained use of that version 
> (which I interpret to mean continued usage of a cracked version), after I 
> had posted some updates, but it did not have a corresponding drop in sales.
>
> In fact I've found that LVL can potentially be more trouble than it is 
> worth, in fielding complaints from customers when it's not recognizing them 
> as being licensed, before their trial period of 15 minutes runs out.  This 
> can lead to some frustrating back and forth, and asking customers for 
> patience with things beyond our control.
>
> For $0.99  live wallpaper type stuff, I don't even bother with the LVL 
> since the sales volume is much higher and likely it's not worth handling 
> the support emails for LVL failing incorrectly.  These tend to be 
> cracked/posted almost immediately, but again, those people will never buy 
> from you anyway.  They're not your target audience, imo.
>
>
>
> On Thursday, May 3, 2012 1:28:53 PM UTC-4, Streets Of Boston wrote:
>>
>> *Every *app can be cracked and pirated. It doesn't matter how much 
>> layers of protection you  add to your app; your app can always be cracked. 
>> If someone is willing to spend time to reverse engineer your app and has 
>> enough determination, they will succeed. 
>>
>> If i may be so bold to say, the only apps that can't be cracked are the 
>> apps that are not published. 
>>
>> Google can't really do anything about it.
>> *You *could look into some legal action against apkcracks.net, though. 
>> However, i'm doubtful it would have much effect (apkcracks is not the only 
>> one out there).
>>
>> On Thursday, May 3, 2012 12:04:16 PM UTC-4, Giuseppe wrote:
>>
>>> In our app we use Proguard and License system from Google.
>>>
>>> Our app and other thousand of apps are published on this web site 
>>> http://apkcracks.net
>>>
>>> Can Google explain what else we must do to protect our night, Sunday and 
>>> holiday's job ?
>>>
>>> Giuseppe
>>>
>>

-- 
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en

[android-developers] Re: All APK has cracked by apkcracks.net

[JP]

On May 3, 10:28 am, Streets Of Boston  wrote:
> Google can't really do anything about it.
They could do much better than using Proguard.

-- 
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en

[android-developers] Re: All APK has cracked by apkcracks.net

[Jxn]

As you need to read the program before you can execute it, you really
can't protect it from being copied. Proguard or anything else.
You can only make it more or less inconvenient to do that, and that
will generate more user support work for you.

And there are some collectors that just wan lots of programs an those
who wouldn't buy in the first place. I would guess you could think of
it as marketing, as I guess players like Adobe and Microsoft does.

On 5 Maj, 16:33, JP  wrote:
> On May 3, 10:28 am, Streets Of Boston  wrote:> 
> Google can't really do anything about it.
>
> They could do much better than using Proguard.

Any suggestions on a better tool?

-- 
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en

[android-developers] Re: All APK has cracked by apkcracks.net

[FiltrSoft]

One way to think about piracy is that the people pirating your app probably 
wouldn't have bought your app to begin with.

On Thursday, May 3, 2012 12:04:16 PM UTC-4, Giuseppe wrote:
>
> In our app we use Proguard and License system from Google.
>
> Our app and other thousand of apps are published on this web site 
> http://apkcracks.net
>
> Can Google explain what else we must do to protect our night, Sunday and 
> holiday's job ?
>
> Giuseppe
>

-- 
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en

[android-developers] Re: All APK has cracked by apkcracks.net

[al]

It's not about software (it's about books), but I found this link 
interesting in this context too: 
http://radar.oreilly.com/2012/05/drm-free-day-forever.html
Mike Hendrickson (vice president for content strategy at O'reilly) 
basically thinks it's a marketing expense and that the publishing industry 
should embrace DRM-free.

I think, similar arguments hold for software: the largest enemy is 
obscurity, not piracy. So, before you invest too much time into DRM, think 
more about promoting your app first.

Now, before people think I'm advocating piracy: I'm an independent software 
developer and yes, I found some of my apps at apkracks too...


Am Donnerstag, 3. Mai 2012 18:04:16 UTC+2 schrieb Giuseppe:
>
> In our app we use Proguard and License system from Google.
>
> Our app and other thousand of apps are published on this web site 
> http://apkcracks.net
>
> Can Google explain what else we must do to protect our night, Sunday and 
> holiday's job ?
>
> Giuseppe
>

-- 
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en

[android-developers] Re: All APK has cracked by apkcracks.net

[Eric Lafortune]

We're finishing up an Android-specific tool that goes further than
ProGuard. It should become available in the coming few weeks.

Eric (developer of ProGuard)

On 6 mei, 12:43, Jxn  wrote:
> > They could do much better than usingProguard.
>
> Any suggestions on a better tool?

-- 
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en

[android-developers] Re: All APK has cracked by apkcracks.net

[JP]

Hi Eric,
Thank you - is this third party or headed for the SDK?
Also, is this going to cover resources, finally? Just do drive the
point home, check this out:
http://theotigerblog.wordpress.com/2012/04/07/squareskimmer/
This guy apparently ripped Square's drawables from the apk and created
a credit card skimmer app with it.
JP

On May 8, 2:48 am, Eric Lafortune  wrote:
> We're finishing up an Android-specific tool that goes further than
> ProGuard. It should become available in the coming few weeks.
>
> Eric (developer of ProGuard)
>
> On 6 mei, 12:43, Jxn  wrote:
>
>
>
>
>
>
>
> > > They could do much better than usingProguard.
>
> > Any suggestions on a better tool?

-- 
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en

[android-developers] Re: All APK has cracked by apkcracks.net

[Thomas]

Now you are making me feel bad.  I thought for sure someone would want to 
steal the "Vampire of Needham" ;-}
Tom B

On Thursday, May 3, 2012 12:04:16 PM UTC-4, Giuseppe wrote:
>
> In our app we use Proguard and License system from Google.
>
> Our app and other thousand of apps are published on this web site 
> http://apkcracks.net
>
> Can Google explain what else we must do to protect our night, Sunday and 
> holiday's job ?
>
> Giuseppe
>

-- 
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en

[android-developers] Re: All APK has cracked by apkcracks.net

[Eric Lafortune]

ProGuard and the new tool are my own developments. The Android team
includes ProGuard in the SDK.

The new tool currently focuses on dalvik bytecode, with automated
string encryption, class encryption, and reflection. Developers can
always encrypt/obfuscate resource files themselves. Automating general
resource encryption will be challenging.

Eric

On 8 mei, 16:02, JP  wrote:
> Hi Eric,
> Thank you - is this third party or headed for the SDK?
> Also, is this going to cover resources, finally? Just do drive the
> point home, check this 
> out:http://theotigerblog.wordpress.com/2012/04/07/squareskimmer/
> This guy apparently ripped Square's drawables from the apk and created
> a credit card skimmer app with it.
> JP
>
> On May 8, 2:48 am, Eric Lafortune  wrote:
>
>
>
>
>
>
>
> > We're finishing up an Android-specific tool that goes further than
> >ProGuard. It should become available in the coming few weeks.
>
> > Eric (developer ofProGuard)
>
> > On 6 mei, 12:43, Jxn  wrote:
>
> > > > They could do much better than usingProguard.
>
> > > Any suggestions on a better tool?

-- 
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en

Re: [android-developers] Re: All APK has cracked by apkcracks.net

[Kevin Duffey]

Interesting topic.. I was just reading about DexGuard, which is about $450
USD I think.. seems worth it to me if it works well and you're making money
on your apps.

Question though.. is there a way to know if someone bought the app
(downloaded through a store it was published to) or just installed? If I
wanted to put some data on the server side, so that only registered/paid
apps could access it.. how could I ensure the app is a legit buy?



On Sun, Dec 30, 2012 at 11:50 AM, Chief Yapping Maw <
westernairli...@gmail.com> wrote:

> Release 2 identical apps, 1 w/ DRM, 1 w/out.
> Use entirely different names.
> You will find that you will sell multiple times more copies of the
> unprotected app.
> Going back to 1981, our computer club would share apple basic programs
> amongst ourselves, the "pirates".
> Without exception, the programs we found useful we bought after trying
> them out as a pirate.
> Mostly this was a social experience, not an opportunity to steal.
> Spend a little time working on easter eggs instead of copy protection.
> New copy protection is like screwing a new tail onto a cow.  The smart
> flies will chew your hide where the new tail won't reach.
>
> --
> You received this message because you are subscribed to the Google
> Groups "Android Developers" group.
> To post to this group, send email to android-developers@googlegroups.com
> To unsubscribe from this group, send email to
> android-developers+unsubscr...@googlegroups.com
> For more options, visit this group at
> http://groups.google.com/group/android-developers?hl=en
>

-- 
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en

Re: [android-developers] Re: All APK has cracked by apkcracks.net

[Raghav Sood]

You can get the name of the app that installed your app using:

http://developer.android.com/reference/android/content/pm/PackageManager.html#getInstallerPackageName(java.lang.String)

If it matches the Google Play package name, then it was installed through
Google Play.


On Mon, Jan 7, 2013 at 8:47 PM, Kevin Duffey  wrote:

> Interesting topic.. I was just reading about DexGuard, which is about $450
> USD I think.. seems worth it to me if it works well and you're making money
> on your apps.
>
> Question though.. is there a way to know if someone bought the app
> (downloaded through a store it was published to) or just installed? If I
> wanted to put some data on the server side, so that only registered/paid
> apps could access it.. how could I ensure the app is a legit buy?
>
>
>
> On Sun, Dec 30, 2012 at 11:50 AM, Chief Yapping Maw <
> westernairli...@gmail.com> wrote:
>
>> Release 2 identical apps, 1 w/ DRM, 1 w/out.
>> Use entirely different names.
>> You will find that you will sell multiple times more copies of the
>> unprotected app.
>> Going back to 1981, our computer club would share apple basic programs
>> amongst ourselves, the "pirates".
>> Without exception, the programs we found useful we bought after trying
>> them out as a pirate.
>> Mostly this was a social experience, not an opportunity to steal.
>> Spend a little time working on easter eggs instead of copy protection.
>> New copy protection is like screwing a new tail onto a cow.  The smart
>> flies will chew your hide where the new tail won't reach.
>>
>> --
>> You received this message because you are subscribed to the Google
>> Groups "Android Developers" group.
>> To post to this group, send email to android-developers@googlegroups.com
>> To unsubscribe from this group, send email to
>> android-developers+unsubscr...@googlegroups.com
>> For more options, visit this group at
>> http://groups.google.com/group/android-developers?hl=en
>>
>
>  --
> You received this message because you are subscribed to the Google
> Groups "Android Developers" group.
> To post to this group, send email to android-developers@googlegroups.com
> To unsubscribe from this group, send email to
> android-developers+unsubscr...@googlegroups.com
> For more options, visit this group at
> http://groups.google.com/group/android-developers?hl=en
>



-- 
Raghav Sood
http://www.appaholics.in/ - Founder
http://www.apress.com/9781430239451 - Author
+91 81 303 77248

-- 
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en

Re: [android-developers] Re: All APK has cracked by apkcracks.net

[Nikolay Elenkov]

On Jan 8, 2013 1:08 AM, "Raghav Sood"  wrote:
>
> You can get the name of the app that installed your app using:
>
>
http://developer.android.com/reference/android/content/pm/PackageManager.html#getInstallerPackageName(java.lang.String)
>
> If it matches the Google Play package name, then it was installed through
Google Play.
>
>

Or someone edited the package database by hand...

This is neither particularly reliable, nor useful for licensing purposes,
etc.

-- 
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en

Re: [android-developers] Re: All APK has cracked by apkcracks.net

[Nobu Games]

That's why the Google I/O 2011 presentation Evading Pirates and Stopping 
Vampiresshould
 be seriously taken into consideration. To recap the advice you 
should do the following:

*Using LVL*

   - Change the code until it cannot be recognized anymore. It's just 
   supposed to be a demo code not a drop-in solution or library
  - Remove all logging
  - Obfuscate result codes (using non-obvious techniques)
  - Use only what you need and strip out anything else
  - Move code to your app and customize it
  - Obfuscate code flow by using threads and invoke the LVL from 
  non-obvious locations in your code (background threads, and no activity 
  life cycle methods)
  - Change result listener method signature
  - Obfuscate the AIDL interface (namely ILicensingService). I know 
  that the Proguard documentation AND some parts of the Google 
documentation 
  state otherwise, that ILicensingService is indispensable for the 
  integration of the LVL. But that's only true if you use the LVL as a 
  library without modifying it. You can let Proguard obfuscate that 
interface 
  and connect to the licensing service by code. Make sure to obfuscate the 
  "DESCRIPTOR" string with some self-invented technique which is not Base64
   
*Harden the app: tamper detection
*

   - Use self-integrity checks:
  - Check PackageInfo for the correct signature (you can just check the 
  signature hashCode for correctness)
 - If app has been modified the signature will be different
  - Do not start any of these checks from activity life cycle methods. 
  They are the first places to look for.
  - Check ApplicationInfo for the debug flag
  - Debug mode is not set for a released app. This is an indication 
  that somebody is trying to step through your code with the debugger. You 
  can make it harder by triggering random behavior and random, delayed 
  crashes in background threads
   - As Raghav already said: you can also check PackageManager for the 
   package installer name. However, Google engineers advise against that since 
   it's apparently unreliable: see 
   
http://android-developers.blogspot.com/2010/09/securing-android-lvl-applications.html
   - Use reflection for all of these self-defense mechanisms in order to 
   make it harder to spot them. Obfuscate the class and method name strings 
   with self-invented techniques (don't use Base64)

All these steps help protecting your app in case the LVL code in your app 
has been manipulated (assuming that the cracker does not spot your 
tamper-detection code).

*Use native code*

   - As an additional layer of defense: use the NDK for performing 
   self-checks and also for hiding important information like obfuscated API 
   keys
  - Android app pirates are used to cracking Java code which is a 
  no-brainer without code-obfuscation and even with code-obfuscation your 
  code is still to some extent readable.
   - Make the native code indispensable for the correct operation of your 
   app in order to avoid that the native lib simply gets stripped out.
  - You could migrate portions of your app's business logic to native 
  code
  
*LVL verification: own server*

   - Use your own server for verifying the LVL response.
   - Swap some of your app's business-logic to your server or provide a 
   web-service that greatly enhances the experience. That's generally your 
   safest bet.

*How to react on tamper detection*

   - Do not make the app crash or end immediately on tamper detection
   - Grant a generous "grace period" of 2 weeks or so until your app can 
   start to nag the user
  - The cracker might be under the false impression that s(he) did the 
  job properly and release something that still works as you're expecting
  - Be nice in your alert. Ask politely for paying for the app. Do not 
   spoil the experience. You are trying to convert potential customers


And as a final thought: don't reuse any of these obfuscation and 
self-defense code portions for your apps.

On Monday, January 7, 2013 11:31:18 AM UTC-6, Nikolay Elenkov wrote:
>
>
> On Jan 8, 2013 1:08 AM, "Raghav Sood" > 
> wrote:
> >
> > You can get the name of the app that installed your app using:
> >
> > 
> http://developer.android.com/reference/android/content/pm/PackageManager.html#getInstallerPackageName(java.lang.String)
> >
> > If it matches the Google Play package name, then it was installed 
> through Google Play.
> >
> >
>
> Or someone edited the package database by hand...
>
> This is neither particularly reliable, nor useful for licensing purposes, 
> etc.
>

-- 
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-

Re: [android-developers] Re: All APK has cracked by apkcracks.net

[Mark Murphy]

On Thu, May 3, 2012 at 1:28 PM, Streets Of Boston
 wrote:
> Every app can be cracked and pirated. It doesn't matter how much layers of
> protection you  add to your app; your app can always be cracked. If someone
> is willing to spend time to reverse engineer your app and has enough
> determination, they will succeed.

More importantly, every app on every OS can be cracked. Pirate BBSes
date at least back to the late 1980's.

> If i may be so bold to say, the only apps that can't be cracked are the apps
> that are not published.

I'd phrase it more as "the risk of cracking is proportional to the
means of distribution".

So, distributing via the Google Play Store means it is likely to be
cracked, particularly if an automated tool can do so.

On the far other end of the spectrum, Web apps, because they are not
distributed, are highly unlikely to be "cracked" in any traditional
sense (though sharing of logins and such may have similar effects).

There are other distribution means with intermediate risk of cracking
(e.g., apps distributed internally within an enterprise).

> You could look into some legal action against apkcracks.net, though.
> However, i'm doubtful it would have much effect (apkcracks is not the only
> one out there).

More importantly, the OP chose a business model (retail sales) that
has had "piracy" for thousands of years. Whether you are selling apps,
apples, axes, animals, Ajax-brand laundry detergent, or azaleas, there
will be losses due to shoplifting, employee theft, real
honest-to-goodness parrot-wielding pirates, etc. Apps being cracked is
merely the manifestation of this in shrinkwrap software. And, even in
software, this has been going on for decades. This is not to say that
it is right, and that's one of the reasons why I get bent out of shape
when developers ON THIS VERY GROUP advocate pirating things like the
Google Play client. However, it is largely a fact of life.

You either:

- Don't worry about it, any more than shopkeepers refuse to sell goods
for fear those goods might get stolen, or

- You tweak the model to help mitigate losses (e.g., frequent updates,
such that the pirated copies are always out of date and therefore
missing capabilities), or

- You choose a different business model, one that may have other
problems (e.g., consulting clients who fail to pay their invoices)

-- 
Mark Murphy (a Commons Guy)
http://commonsware.com | http://github.com/commonsguy
http://commonsware.com/blog | http://twitter.com/commonsguy

Android Training...At Your Office: http://commonsware.com/training

-- 
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en

Re: [android-developers] Re: All APK has cracked by apkcracks.net

[mm w]

google could by just crypting and signing the binaries maybe in ten years

On Thu, May 3, 2012 at 8:22 PM, Adam Ratana  wrote:
> To add to this:
>
> I've seen some apps I've made get cracked and posted on various sites, but
> the ones that had true appeal (imo) continue to sell regardless.  Generally
> the people who will download cracked versions would likely never pay in the
> first place, is something many people have said that I tend to agree with.
>
> When my main "bread and butter" app was cracked for the first time, I saw a
> huge spike in installs on flurry, and a sustained use of that version (which
> I interpret to mean continued usage of a cracked version), after I had
> posted some updates, but it did not have a corresponding drop in sales.
>
> In fact I've found that LVL can potentially be more trouble than it is
> worth, in fielding complaints from customers when it's not recognizing them
> as being licensed, before their trial period of 15 minutes runs out.  This
> can lead to some frustrating back and forth, and asking customers for
> patience with things beyond our control.
>
> For $0.99  live wallpaper type stuff, I don't even bother with the LVL since
> the sales volume is much higher and likely it's not worth handling the
> support emails for LVL failing incorrectly.  These tend to be cracked/posted
> almost immediately, but again, those people will never buy from you anyway.
>  They're not your target audience, imo.
>
>
>
> On Thursday, May 3, 2012 1:28:53 PM UTC-4, Streets Of Boston wrote:
>>
>> Every app can be cracked and pirated. It doesn't matter how much layers of
>> protection you  add to your app; your app can always be cracked. If someone
>> is willing to spend time to reverse engineer your app and has enough
>> determination, they will succeed.
>>
>> If i may be so bold to say, the only apps that can't be cracked are the
>> apps that are not published.
>>
>> Google can't really do anything about it.
>> You could look into some legal action against apkcracks.net, though.
>> However, i'm doubtful it would have much effect (apkcracks is not the only
>> one out there).
>>
>> On Thursday, May 3, 2012 12:04:16 PM UTC-4, Giuseppe wrote:
>>>
>>> In our app we use Proguard and License system from Google.
>>>
>>> Our app and other thousand of apps are published on this web
>>> site http://apkcracks.net
>>>
>>> Can Google explain what else we must do to protect our night, Sunday and
>>> holiday's job ?
>>>
>>> Giuseppe
>
> --
> You received this message because you are subscribed to the Google
> Groups "Android Developers" group.
> To post to this group, send email to android-developers@googlegroups.com
> To unsubscribe from this group, send email to
> android-developers+unsubscr...@googlegroups.com
> For more options, visit this group at
> http://groups.google.com/group/android-developers?hl=en

-- 
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en

Re: [android-developers] Re: All APK has cracked by apkcracks.net

[Kristopher Micinski]

I would guess from his @cornell email address it will most certainly
be third party... :-)

kris

On Tue, May 8, 2012 at 10:02 AM, JP  wrote:
> Hi Eric,
> Thank you - is this third party or headed for the SDK?
> Also, is this going to cover resources, finally? Just do drive the
> point home, check this out:
> http://theotigerblog.wordpress.com/2012/04/07/squareskimmer/
> This guy apparently ripped Square's drawables from the apk and created
> a credit card skimmer app with it.
> JP
>
> On May 8, 2:48 am, Eric Lafortune  wrote:
>> We're finishing up an Android-specific tool that goes further than
>> ProGuard. It should become available in the coming few weeks.
>>
>> Eric (developer of ProGuard)
>>
>> On 6 mei, 12:43, Jxn  wrote:
>>
>>
>>
>>
>>
>>
>>
>> > > They could do much better than usingProguard.
>>
>> > Any suggestions on a better tool?
>
> --
> You received this message because you are subscribed to the Google
> Groups "Android Developers" group.
> To post to this group, send email to android-developers@googlegroups.com
> To unsubscribe from this group, send email to
> android-developers+unsubscr...@googlegroups.com
> For more options, visit this group at
> http://groups.google.com/group/android-developers?hl=en

-- 
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en