[android-developers] Re: licensing - ServerManagedPolicy not caching
Actually Google isn't doing their developers any favor with the LVL. The documentation reads like it is meant to serve as a drop-in solution that adds reliable DRM to your paid app. Just configure it a little bit with some policy and your app is safe. On the other hand there is that lengthy Google I/O talkhttp://www.google.com/events/io/2011/sessions/evading-pirates-and-stopping-vampires-using-license-verification-library-in-app-billing-and-app-engine.htmland some official blog postshttp://android-developers.blogspot.com/2010/09/securing-android-lvl-applications.htmlthat discourage from using the LVL as is, since all its components are known and a cracker can easily find them in your decompiled Java code and just remove them. The LVL is more of a proof of concept that should give you ideas how to interface the Play licensing service. That means changing and rewriting the whole LVL up to a point where the original is not recognizable anymore and at that point you understand every single bit of it yourself and don't run into that policy problem anymore, because you'd implement that policy yourself. I voiced my opinion about the LVL and DRM here in the past and I used to be in favor of all these efforts. But trying to do it as properly as possible is a lot of additional overhead (it took me almost a week the first time), and when not done properly it either does not protect your app at all and / or pisses off legitimate customers. So I decided to get rid of any kind of DRM in my products altogether. It makes me sleep better because I know that it won't accidentally accuse one of my paying customers of theft just because I may have done some silly mistake. And in the end, if your app is interesting enough someone will crack it anyway. I guess it's more important to focus on those people who are willing to pay for your work and services. And maybe it really does help to see those cracked copies as some kind of free advertisement for your name and brand. If you still want to implement DRM for your app, then watch that video I linked above. It's probably as in-depth as it can get when it comes to the LVL. On Sunday, February 2, 2014 8:05:45 AM UTC-6, firebreather wrote: is licensing worth it for a paid game app? I have licensing added to my paid game, but I've found it goes online to check for a license every single time the app is run, instead of only occasionally doing it, as it's supposed to do with the 'servermanagedpolicy' as opposed to the 'strict policy'. there are no ads in my paid game and I don't want the user to always have to be online and wait for verification for every play. now I actually set a flag in the 'preferences' file the first time the license check succeeds, so it doesn't check for licensing at all after the first check, although I imagine this could be easy to hack for piraters. should the servermanagedpolicy' be cacheing something in the phone so it doesn't have to check every play? here is the policy in the docs: A flexible Policy that uses settings provided by the licensing server to manage response caching and access to the application while the device is offline (such as when the user is on an airplane). For most applications, the use of ServerManagedPolicy is highly recommended. Show trimmed content -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en --- You received this message because you are subscribed to the Google Groups Android Developers group. To unsubscribe from this group and stop receiving emails from it, send an email to android-developers+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
[android-developers] Re: Licensing sample issue - Application error: 3
ok fine thanks for this information Il contact you if I need some help Kindly help me out here for this licensing feature to work Thanks in advance On Monday, September 17, 2012 9:41:43 AM UTC+5:30, Ristar wrote: np. after u upload it to Google play, just sit on your hands for an hour or two, and then try again. u do *not* need to publish it for the licensing to work. that's wat i did: wait and try every now and then. if u have problems after that, then u've got a REAL problem on your hands, unfortunately. i didnt try to use the emulator at any point in time coz the emulator is super slow, needs to boot up, etc. it's much, MUCH faster to just install the app on the phone and run right away. On Monday, September 17, 2012 11:51:54 AM UTC+8, janvi wrote: Hello Ristar Sorry for interrupting you. Iam also working on the same licensing feature of the android app and need some info from you Iam also facing the same error of *Application Error:3*.May I know the cause for this? The following is info which I need Once I upload and save my app on market(Google play) how will I start my testing feature? Here should i run my app on the device by installing apk(*Through command prompt adb install command*) or can I directly run through eclipse i,e selecting the application and chosing the option as *Rus as android application*.I know there is no much difference between the options I mentioned but I have a doubt whether this may change any response of licensing server App which I want to test for licensing feature is not yet published in to the market,so kindly provide me information according to this. I want to add this licensing feature before publishing it Thanks in advance On Monday, September 17, 2012 5:18:29 AM UTC+5:30, Ristar wrote: i have set the correct Developer public key in the source code, made the apk, signed it and uploaded it to Google, and installed it to my phone. but my phone keeps returning the message Application error:3. wat should i do? -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Licensing sample issue - Application error: 3
it's fine now... i guess it takes a few hours for Google to update whatever it needs to update. -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Licensing sample issue - Application error: 3
Hello Ristar Sorry for interrupting you. Iam also working on the same licensing feature of the android app and need some info from you Iam also facing the same error of *Application Error:3*.May I know the cause for this? The following is info which I need Once I upload and save my app on market(Google play) how will I start my testing feature? Here should i run my app on the device by installing apk(*Through command prompt adb install command*) or can I directly run through eclipse i,e selecting the application and chosing the option as *Rus as android application*.I know there is no much difference between the options I mentioned but I have a doubt whether this may change any response of licensing server App which I want to test for licensing feature is not yet published in to the market,so kindly provide me information according to this. I want to add this licensing feature before publishing it Thanks in advance On Monday, September 17, 2012 5:18:29 AM UTC+5:30, Ristar wrote: i have set the correct Developer public key in the source code, made the apk, signed it and uploaded it to Google, and installed it to my phone. but my phone keeps returning the message Application error:3. wat should i do? -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Licensing sample issue - Application error: 3
np. after u upload it to Google play, just sit on your hands for an hour or two, and then try again. u do *not* need to publish it for the licensing to work. that's wat i did: wait and try every now and then. if u have problems after that, then u've got a REAL problem on your hands, unfortunately. i didnt try to use the emulator at any point in time coz the emulator is super slow, needs to boot up, etc. it's much, MUCH faster to just install the app on the phone and run right away. On Monday, September 17, 2012 11:51:54 AM UTC+8, janvi wrote: Hello Ristar Sorry for interrupting you. Iam also working on the same licensing feature of the android app and need some info from you Iam also facing the same error of *Application Error:3*.May I know the cause for this? The following is info which I need Once I upload and save my app on market(Google play) how will I start my testing feature? Here should i run my app on the device by installing apk(*Through command prompt adb install command*) or can I directly run through eclipse i,e selecting the application and chosing the option as *Rus as android application*.I know there is no much difference between the options I mentioned but I have a doubt whether this may change any response of licensing server App which I want to test for licensing feature is not yet published in to the market,so kindly provide me information according to this. I want to add this licensing feature before publishing it Thanks in advance On Monday, September 17, 2012 5:18:29 AM UTC+5:30, Ristar wrote: i have set the correct Developer public key in the source code, made the apk, signed it and uploaded it to Google, and installed it to my phone. but my phone keeps returning the message Application error:3. wat should i do? -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Licensing response with release APK
My understanding is that if you are logged in with your developer account on your device then it will always show whatever the test license status is from the server. If not and it's a draft (not yet published) app, then it will always return LICENSED. See http://developer.android.com/guide/market/licensing/licensing-reference.html#server-response-codes under LICENSED On May 17, 7:27 am, robertfoster onetwof...@gmail.com wrote: Hi all, I'm going through the final phases of testing with Google Play licensing with my finished APK. I've created an entry on Google Play for my App and uploaded the same testing APK I'm using on my device. The APK is a release signed version too. However when I run the APK on my device (Not downloaded from Google Play), the license response is LICENSED. Should it not be NOT_LICENSED? -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Licensing issue on Multiple-apk feature.
This is interesting. We are also going along the same route and knowing this would help. Dont know if inapp biling suffers frim the same. What is the response code that comes back on checkaccess ? On Feb 8, 11:55 pm, droid-stricken harik...@gmail.com wrote: Hi, I have two APKs for an application. One targeted to the phone devices and the other specifically developed for the tablet. I have implemented the standard ServeManaged Licensing policy on both versions. I have followed the rules for multiple apks as mentioned in the developer's documentation [signing with the same certificate, same package name, appropriate versionCode, etc] I think i have created the multiple apks correctly because when i upload and activate and publish them on the android market portal, i did not see any errors or warnings. My issue is this - 1. I bought the version on the phone device and installed it and was able to open it successfully. 2. Then when i switched to the tablet device and searched for the application that i just bought on the phone device, i see that the PURCHASED status. That's good. The market allowed me to download and install the tablet version of the apk. But when i open the application on the tablet, it's prompting that i buy it - this prompt is coming from my application - that's the code i have placed when the licenseChecker comes back with dontallow() status. Have any of you faced a similar issue? I cross checked the publisher key i am using for licensing and the SALT for the obfuscation process - they are the same between the 2 apk versions. I can't see where the problem might be. It's been almost 3 or 4 hours since i activated both the apk versions on the market. Should i allow more time to pass for the LVL server to take note? If that were to be the case, i wonder how LVL server allowed the phone tablet to work. Thanks for reading. Any input is highly appreciated. -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Licensing issue on Multiple-apk feature.
I don't know what the response code is since that's not being put out to console. The following is what i see from the LicenseChecker class - 02-09 10:11:50.556: I/LicenseChecker(2224): Binding to licensing service. 02-09 10:11:50.596: I/LicenseChecker(2224): Calling checkLicense on service for your_package_name 02-09 10:11:50.596: I/LicenseChecker(2224): Start monitoring timeout. 02-09 10:11:51.126: I/LicenseChecker(2224): Received response. 02-09 10:11:51.126: I/LicenseChecker(2224): Clearing timeout. The response code is definitely not one of these: LICENSED, NOT_LICENSED, LICENSED_OLD_KEY because i don't see any of logs from the signature verification process. I will try to get more logs - responsecode in specific. But i thought if someone else was having similar issues, i could save some time. Thanks. On Feb 9, 8:33 am, androidmediadeveloper kamathaj...@gmail.com wrote: This is interesting. We are also going along the same route and knowing this would help. Dont know if inapp biling suffers frim the same. What is the response code that comes back on checkaccess ? On Feb 8, 11:55 pm, droid-stricken harik...@gmail.com wrote: Hi, I have two APKs for an application. One targeted to the phone devices and the other specifically developed for the tablet. I have implemented the standard ServeManaged Licensing policy on both versions. I have followed the rules for multiple apks as mentioned in the developer's documentation [signing with the same certificate, same package name, appropriate versionCode, etc] I think i have created the multiple apks correctly because when i upload and activate and publish them on the android market portal, i did not see any errors or warnings. My issue is this - 1. I bought the version on the phone device and installed it and was able to open it successfully. 2. Then when i switched to the tablet device and searched for the application that i just bought on the phone device, i see that the PURCHASED status. That's good. The market allowed me to download and install the tablet version of the apk. But when i open the application on the tablet, it's prompting that i buy it - this prompt is coming from my application - that's the code i have placed when the licenseChecker comes back with dontallow() status. Have any of you faced a similar issue? I cross checked the publisher key i am using for licensing and the SALT for the obfuscation process - they are the same between the 2 apk versions. I can't see where the problem might be. It's been almost 3 or 4 hours since i activated both the apk versions on the market. Should i allow more time to pass for the LVL server to take note? If that were to be the case, i wonder how LVL server allowed the phone tablet to work. Thanks for reading. Any input is highly appreciated. -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Licensing on Formerly Paid Apps
I can't say for 100%, but my initial thought is: No. AFAIK, when you convert your paid app to a free app and a user then downloads it, the licensing service responds in the exact same way as if the user bought it (i.e. bought it for $0.00). So, I think the only way around your problem is implementing something on a backend server or within your app to keep track of users that paid for the app. That is, release an update a couple weeks prior to making your app free which stores the information you need to remember that it was paid for, then bring the price down to free. Nick -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Licensing Service
I have paid the application, so I can add the service licensing. Right? On 25 апр, 21:12, Marcin Orlowski webnet.andr...@gmail.com wrote: On 25 April 2011 14:35, Andrei entre...@gmail.com wrote: Hello. I created an application and put it in the android market, please tell me, can I add the Licensing Service, in its first update? Thank you! If you released your app as free, you can't change it to paid now. So answer is no. You need to release new app (with different package name) Regards, Marcin Orlowski *Tray Agenda http://bit.ly/trayagenda* - keep you daily schedule handy... *Date In Tray* http://bit.ly/dateintraypro - current date at glance... WebnetMobile on *Facebook http://webnetmobile.com/fb/* and *Twitterhttp://webnetmobile.com/twitter/ * -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
Re: [android-developers] Re: Licensing Service
On Mon, Apr 25, 2011 at 2:12 PM, Andrei entre...@gmail.com wrote: I have paid the application, so I can add the service licensing. Right? Right. - TreKing http://sites.google.com/site/rezmobileapps/treking - Chicago transit tracking app for Android-powered devices -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Licensing Service
Thank you On 25 апр, 23:14, TreKing treking...@gmail.com wrote: On Mon, Apr 25, 2011 at 2:12 PM, Andrei entre...@gmail.com wrote: I have paid the application, so I can add the service licensing. Right? Right. --- -- TreKing http://sites.google.com/site/rezmobileapps/treking - Chicago transit tracking app for Android-powered devices -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: licensing live wallpapers
more infos from the debugger: The application licensing class is working good and runs correctly until the here: private void startMainActivity() { Log.i(MY WALLPAPER LICENSING,license ok); startService(new Intent(this, MyLiveWallpaperService.class)); this line fires the security exception finish(); } the runtime error reported is: [AndroidRuntime: FATAL EXCEPTION: background thread] the line above was different in the example because was meant to work with a normal Intent, it was startIntent.. but with a stroke on ctrl+space I found the method startService,, since a wallpaper is a service, am I so wrong? -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: licensing live wallpapers
well, I just implemented LicenseCheckerCallback in the wallpaper main service, was quite easy after all.. problably barking all day long at jboss seam applications cripples my head too much :D -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
Re: [android-developers] Re: Licensing an Application : Android Library Projects cannot be Launched.
On Tue, Dec 28, 2010 at 12:27 PM, cuil yahoo cuilya...@gmail.com wrote: I again had a look at both the AndroidManifest.xml files. They both seem to be in order. Post the relevant sections, if you can. You might be missing something. - TreKing http://sites.google.com/site/rezmobileapps/treking - Chicago transit tracking app for Android-powered devices -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Licensing an Application : Android Library Projects cannot be Launched.
I just checked my library project which i have reference with my main project, it gives the following error, Open quote is expected for attribute android:name associated with an element type uses-permission. I see nothing wrong in the androidmanifest.xml file. Could someone please provide a walkaround for this ? Cuil On Tue, Dec 28, 2010 at 11:26 PM, cuil yahoo cuilya...@gmail.com wrote: I have created an android application, however, i have been stuck at the publishing point for almost 3 days now. I am able to sign and export the application. But, i am stuck at the licensing part for so long. I have gone through the official documentation available online for licensing and on implementing all the steps given i get an error when running the application on the emulator. I would be very grateful if someone can please provide me with some pointers. Regards Cuil -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
Re: [android-developers] Re: Licensing an Application : Android Library Projects cannot be Launched.
On Tue, Dec 28, 2010 at 1:08 PM, cuil yahoo cuilya...@gmail.com wrote: I just checked my library project which i have reference with my main project, it gives the following error, Open quote is expected for attribute android:name associated with an element type uses-permission. I see nothing wrong in the androidmanifest.xml file. Look again. Be sure to check the library project and whatever project is using the library, as they each have a manifest. -- Mark Murphy (a Commons Guy) http://commonsware.com | http://github.com/commonsguy http://commonsware.com/blog | http://twitter.com/commonsguy Android 2.2 Programming Books: http://commonsware.com/books -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
Re: [android-developers] Re: Licensing an Application : Android Library Projects cannot be Launched.
On Tue, Dec 28, 2010 at 11:47 PM, Mark Murphy mmur...@commonsware.comwrote: On Tue, Dec 28, 2010 at 1:08 PM, cuil yahoo cuilya...@gmail.com wrote: I just checked my library project which i have reference with my main project, it gives the following error, Open quote is expected for attribute android:name associated with an element type uses-permission. I see nothing wrong in the androidmanifest.xml file. Look again. Be sure to check the library project and whatever project is using the library, as they each have a manifest. I again had a look at both the AndroidManifest.xml files. They both seem to be in order. They both have the the permission statement. Cuil -- Mark Murphy (a Commons Guy) http://commonsware.com | http://github.com/commonsguy http://commonsware.com/blog | http://twitter.com/commonsguy Android 2.2 Programming Books: http://commonsware.com/books -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.comandroid-developers%2bunsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Licensing Server and free apps
Hi Patrick, Your use case is not really relevant, because if you release an app for free, you cannot later charge money for it. I don't recall whether this is actually in the distribution agreement, but it is the way the market dashboard has been implemented. If you do not release the app through the market, you will also not have access to the licensing server except through test accounts. You could release the app to testers and put their Id into the server as test accounts. That would allow them to run a version that you've given them with whichever response you've set up in your dashboard (but the same response for all). Regards, Michael A. On Nov 29, 10:25 am, Patrick patrick.manges...@gmail.com wrote: Hallo! I have the following usecase: I am developing an application, that will be commercial once it is done. Currently it is unfinished but I want a beta version to be offered to a list of selected users. Those users should be able to download the application using the market for free. Going throught the tutorial of the licensing server I found the following: Licensing is currently for paid apps only, since free apps are considered licensed for all users. If your application is already published as free, you won't be able to upload a new version that uses licensing. Is it possible to implement licensing in the application, upload it to the market for free and offer it to a list of users, whose gmail address I know? Other users should not see the application or at least should not be able to run it. Thanks in advance for your help Patrick -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Licensing on multiple devices
http://market.android.com/support/bin/answer.py?hl=enanswer=113410 On Nov 25, 7:01 pm, jb cona...@gmail.com wrote: Hi, I have a general licensing question. If a user buys my app, can he install it on multiple android devices that he owns or is it limited to 1 license 1 device. Thanks, jb -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Licensing Verification Library Apps Solely for Unlocking/Removing Ads
On Tue, Aug 31, 2010 at 8:52 PM, GJTorikian gjtorik...@gmail.com wrote: Launch Free App-Launch Unlocker App-Run LVL-Return Result-Parse Result in Free App That was the gist of it, yes. I agree, having done an unlocker app in the past (and, separately, using LVL now) that's the approach that makes most sense to me. Especially if you already have an unlocker - convert it to LVL, and change the call in the free app as outlined above, but leave the rest of your architecture alone. On Tue, Aug 31, 2010 at 9:42 PM, Chris Stratton cs07...@gmail.com wrote: I'm not seeing any obvious reason why the free version can't just query the license server about the unlocker by itself, but maybe I'm overlooking something. I think that this is a real possibility, but I've not heard of anyone doing it. The key would be for the free app to query LVL about the unlocker's package name, NOT to try to use LVL for the free version's package. You'd also probably need to keep your version numbers aligned between the free unlocker apps, because it has been established that this will cause an LVL failure. IF this works, it would be much cleaner; it would mean that your users would never have to actually have the unlocker installed, just purchased. I can't see that this sort of thing is mentioned anywhere in the LVL docs (though of course I could be missing it). It's possible that you can't do this, that LVL checks the calling package name or signature someplace. You'd just need to try it. Please keep us posted! String -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
Re: [android-developers] Re: Licensing Verification Library Apps Solelyfor Unlocking/Removing Ads
Dear friends I created google groups, you could join. We can discuss together. Homepage: http://groups.google.ca/group/codecoregroups Group email: codecoregro...@googlegroups.com enjoylifehappyeveryday 2010-09-01 14:44:58 发件人: String 发送时间: 2010-09-01 14:44:03 收件人: Android Developers 抄送: 主题: [android-developers] Re: Licensing Verification Library Apps Solelyfor Unlocking/Removing Ads On Tue, Aug 31, 2010 at 8:52 PM, GJTorikian gjtorik...@gmail.com wrote: Launch Free App-Launch Unlocker App-Run LVL-Return Result-Parse Result in Free App That was the gist of it, yes. I agree, having done an unlocker app in the past (and, separately, using LVL now) that's the approach that makes most sense to me. Especially if you already have an unlocker - convert it to LVL, and change the call in the free app as outlined above, but leave the rest of your architecture alone. On Tue, Aug 31, 2010 at 9:42 PM, Chris Stratton cs07...@gmail.com wrote: I'm not seeing any obvious reason why the free version can't just query the license server about the unlocker by itself, but maybe I'm overlooking something. I think that this is a real possibility, but I've not heard of anyone doing it. The key would be for the free app to query LVL about the unlocker's package name, NOT to try to use LVL for the free version's package. You'd also probably need to keep your version numbers aligned between the free unlocker apps, because it has been established that this will cause an LVL failure. IF this works, it would be much cleaner; it would mean that your users would never have to actually have the unlocker installed, just purchased. I can't see that this sort of thing is mentioned anywhere in the LVL docs (though of course I could be missing it). It's possible that you can't do this, that LVL checks the calling package name or signature someplace. You'd just need to try it. Please keep us posted! String -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Licensing Verification Library Apps Solely for Unlocking/Removing Ads
Before I continue the experiment, I took one more look through the docs and found this gem: If your application is already published as free, you won't be able to upload a new version that uses licensing. I am guessing that if I try to include the LVL Library project into my free app, I won't be able to upload a new APK to the Developer Console. I'm not at my workspace now but when I get a chance to verify, I will. On Aug 31, 11:43 pm, String sterling.ud...@googlemail.com wrote: On Tue, Aug 31, 2010 at 8:52 PM,GJTorikiangjtorik...@gmail.com wrote: Launch Free App-Launch Unlocker App-Run LVL-Return Result-Parse Result in Free App That was the gist of it, yes. I agree, having done an unlocker app in the past (and, separately, using LVL now) that's the approach that makes most sense to me. Especially if you already have an unlocker - convert it to LVL, and change the call in the free app as outlined above, but leave the rest of your architecture alone. On Tue, Aug 31, 2010 at 9:42 PM, Chris Stratton cs07...@gmail.com wrote: I'm not seeing any obvious reason why the free version can't just query the license server about the unlocker by itself, but maybe I'm overlooking something. I think that this is a real possibility, but I've not heard of anyone doing it. The key would be for the free app to query LVL about the unlocker's package name, NOT to try to use LVL for the free version's package. You'd also probably need to keep your version numbers aligned between the free unlocker apps, because it has been established that this will cause an LVL failure. IF this works, it would be much cleaner; it would mean that your users would never have to actually have the unlocker installed, just purchased. I can't see that this sort of thing is mentioned anywhere in the LVL docs (though of course I could be missing it). It's possible that you can't do this, that LVL checks the calling package name or signature someplace. You'd just need to try it. Please keep us posted! String -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Licensing Verification Library Apps Solely for Unlocking/Removing Ads
I doubt they can readily detect the licensing bytecode in all its possible variations. Rather they probably won't let you make licensing records for a formerly free app. On Sep 1, 3:38 pm, GJTorikian gjtorik...@gmail.com wrote: Before I continue the experiment, I took one more look through the docs and found this gem: If your application is already published as free, you won't be able to upload a new version that uses licensing. I am guessing that if I try to include the LVL Library project into my free app, I won't be able to upload a new APK to the Developer Console. I'm not at my workspace now but when I get a chance to verify, I will. On Aug 31, 11:43 pm, String sterling.ud...@googlemail.com wrote: On Tue, Aug 31, 2010 at 8:52 PM,GJTorikiangjtorik...@gmail.com wrote: Launch Free App-Launch Unlocker App-Run LVL-Return Result-Parse Result in Free App That was the gist of it, yes. I agree, having done an unlocker app in the past (and, separately, using LVL now) that's the approach that makes most sense to me. Especially if you already have an unlocker - convert it to LVL, and change the call in the free app as outlined above, but leave the rest of your architecture alone. On Tue, Aug 31, 2010 at 9:42 PM, Chris Stratton cs07...@gmail.com wrote: I'm not seeing any obvious reason why the free version can't just query the license server about the unlocker by itself, but maybe I'm overlooking something. I think that this is a real possibility, but I've not heard of anyone doing it. The key would be for the free app to query LVL about the unlocker's package name, NOT to try to use LVL for the free version's package. You'd also probably need to keep your version numbers aligned between the free unlocker apps, because it has been established that this will cause an LVL failure. IF this works, it would be much cleaner; it would mean that your users would never have to actually have the unlocker installed, just purchased. I can't see that this sort of thing is mentioned anywhere in the LVL docs (though of course I could be missing it). It's possible that you can't do this, that LVL checks the calling package name or signature someplace. You'd just need to try it. Please keep us posted! String -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Licensing Verification Library Apps Solely for Unlocking/Removing Ads
Perhaps you're right. I added the LVL library to my free app's build path, and exported that APK. The Developer Console lets me upload the new APK, at least. I assume that clicking Publish won't introduce some other check. Note that all I have done is add the library, and the appropriate permission: uses-permission android:name=com.android.vending.CHECK_LICENSE / I haven't implemented any of the server checks, but if the Dev Console lets me get this far with my app, that's a positive sign. On Sep 1, 3:14 pm, Chris Stratton cs07...@gmail.com wrote: I doubt they can readily detect the licensing bytecode in all its possible variations. Rather they probably won't let you make licensing records for a formerly free app. On Sep 1, 3:38 pm,GJTorikiangjtorik...@gmail.com wrote: Before I continue the experiment, I took one more look through the docs and found this gem: If your application is already published as free, you won't be able to upload a new version that uses licensing. I am guessing that if I try to include the LVL Library project into my free app, I won't be able to upload a new APK to the Developer Console. I'm not at my workspace now but when I get a chance to verify, I will. On Aug 31, 11:43 pm, String sterling.ud...@googlemail.com wrote: On Tue, Aug 31, 2010 at 8:52 PM,GJTorikiangjtorik...@gmail.com wrote: Launch Free App-Launch Unlocker App-Run LVL-Return Result-Parse Result in Free App That was the gist of it, yes. I agree, having done an unlocker app in the past (and, separately, using LVL now) that's the approach that makes most sense to me. Especially if you already have an unlocker - convert it to LVL, and change the call in the free app as outlined above, but leave the rest of your architecture alone. On Tue, Aug 31, 2010 at 9:42 PM, Chris Stratton cs07...@gmail.com wrote: I'm not seeing any obvious reason why the free version can't just query the license server about the unlocker by itself, but maybe I'm overlooking something. I think that this is a real possibility, but I've not heard of anyone doing it. The key would be for the free app to query LVL about the unlocker's package name, NOT to try to use LVL for the free version's package. You'd also probably need to keep your version numbers aligned between the free unlocker apps, because it has been established that this will cause an LVL failure. IF this works, it would be much cleaner; it would mean that your users would never have to actually have the unlocker installed, just purchased. I can't see that this sort of thing is mentioned anywhere in the LVL docs (though of course I could be missing it). It's possible that you can't do this, that LVL checks the calling package name or signature someplace. You'd just need to try it. Please keep us posted! String -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Licensing Verification Library Apps Solely for Unlocking/Removing Ads
So: Launch Free App-Launch Unlocker App-Run LVL-Return Result-Parse Result in Free App ? On Aug 31, 1:49 pm, TreKing treking...@gmail.com wrote: On Tue, Aug 31, 2010 at 1:07 PM, GJTorikian gjtorik...@gmail.com wrote: If LVL is verified intermittently on a paid app, is it useless for these unlocker apps? No. Presumably a user would never run the unlocker app, so how would LVL even check the authenticity? Presumably a user would run the free version, which could call the unlocker app to start its authenticity check (perhaps in the background), which could then send a broadcast message back to the free one with I'm Legit or Epic Fail message which the free one would respond to accordingly. --- -- TreKing http://sites.google.com/site/rezmobileapps/treking - Chicago transit tracking app for Android-powered devices -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Licensing Verification Library Apps Solely for Unlocking/Removing Ads
I'm not seeing any obvious reason why the free version can't just query the license server about the unlocker by itself, but maybe I'm overlooking something. On Aug 31, 9:52 pm, GJTorikian gjtorik...@gmail.com wrote: So: Launch Free App-Launch Unlocker App-Run LVL-Return Result-Parse Result in Free App ? On Aug 31, 1:49 pm, TreKing treking...@gmail.com wrote: On Tue, Aug 31, 2010 at 1:07 PM, GJTorikian gjtorik...@gmail.com wrote: If LVL is verified intermittently on a paid app, is it useless for these unlocker apps? No. Presumably a user would never run the unlocker app, so how would LVL even check the authenticity? Presumably a user would run the free version, which could call the unlocker app to start its authenticity check (perhaps in the background), which could then send a broadcast message back to the free one with I'm Legit or Epic Fail message which the free one would respond to accordingly. --- -- TreKing http://sites.google.com/site/rezmobileapps/treking - Chicago transit tracking app for Android-powered devices -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
Re: [android-developers] Re: Licensing Verification Library Apps Solely for Unlocking/Removing Ads
On Tue, Aug 31, 2010 at 8:52 PM, GJTorikian gjtorik...@gmail.com wrote: Launch Free App-Launch Unlocker App-Run LVL-Return Result-Parse Result in Free App That was the gist of it, yes. On Tue, Aug 31, 2010 at 9:42 PM, Chris Stratton cs07...@gmail.com wrote: I'm not seeing any obvious reason why the free version can't just query the license server about the unlocker by itself, but maybe I'm overlooking something. Not sure what you mean by the free version querying the license server about the unlocker app. Maybe that would work too, I haven't toyed with the LVL to know for sure. From discussions I've read, though, it sounds like it's code you have to build into the app itself to validate that app, so the app that actually has the licensing would have to run to execute it. In which case the paid unlocker app would have the licensing and be required to run in order to do the validation. I could be completely wrong on this though =) - TreKing http://sites.google.com/site/rezmobileapps/treking - Chicago transit tracking app for Android-powered devices -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Licensing server, app cracked.
no news on the imminent guide where is this guide? On Aug 26, 5:37 pm, sblantipodi perini.dav...@dpsoftware.org wrote: Is this the guide you are talking about? To ensure the security of your application, particularly for a paid application that uses licensing and/or custom constraints and protections, it's very important to obfuscate your application code. Properly obfuscating your code makes it more difficult for a malicious user to decompile the application's bytecode, modify it — such as by removing the license check — and then recompile it. Several obfuscator programs are available for Android applications, including ProGuard, which also offers code-optimization features. The use of ProGuard or a similar program to obfuscate your code is strongly recommended for all applications that use Android Market Licensing. Is this a guide? On Aug 25, 1:26 am, Nick Richardson richardson.n...@gmail.com wrote: The guide is linked in the article you posted... On Tue, Aug 24, 2010 at 3:53 PM, sblantipodi perini.dav...@dpsoftware.orgwrote: As title, http://android-developers.blogspot.com/2010/08/licensing-server-news where is the guide to obfuscate our code? -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.comandroid-developers%2bunsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -- //Nick Richardson //richardson.n...@gmail.com -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
Re: [android-developers] Re: Licensing server, app cracked.
On Fri, Aug 27, 2010 at 12:32 PM, sblantipodi perini.dav...@dpsoftware.orgwrote: no news on the imminent guide where is this guide? On Tue, Aug 24, 2010 at 7:01 PM, Trevor Johns trevorjo...@google.com wrote: It's coming. We have two articles in the queue that will cover this topic. As soon as they're ready, we'll publish them. - TreKing http://sites.google.com/site/rezmobileapps/treking - Chicago transit tracking app for Android-powered devices -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Licensing server, app cracked.
There's lots of information on using ProGuard with Android apps if you just Google those terms. I implemented it once with one of my apps to see if it would help my frame rates, but decided not to ship it. Wasn't much performance improvement in my case and not sure if I want the extra annoyance of having to convert stack traces back. On Aug 27, 1:32 pm, sblantipodi perini.dav...@dpsoftware.org wrote: no news on the imminent guide where is this guide? On Aug 26, 5:37 pm, sblantipodi perini.dav...@dpsoftware.org wrote: Is this the guide you are talking about? To ensure the security of your application, particularly for a paid application that uses licensing and/or custom constraints and protections, it's very important to obfuscate your application code. Properly obfuscating your code makes it more difficult for a malicious user to decompile the application's bytecode, modify it — such as by removing the license check — and then recompile it. Several obfuscator programs are available for Android applications, including ProGuard, which also offers code-optimization features. The use of ProGuard or a similar program to obfuscate your code is strongly recommended for all applications that use Android Market Licensing. Is this a guide? On Aug 25, 1:26 am, Nick Richardson richardson.n...@gmail.com wrote: The guide is linked in the article you posted... On Tue, Aug 24, 2010 at 3:53 PM, sblantipodi perini.dav...@dpsoftware.orgwrote: As title, http://android-developers.blogspot.com/2010/08/licensing-server-news where is the guide to obfuscate our code? -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.comandroid-developers%2bunsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -- //Nick Richardson //richardson.n...@gmail.com -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Licensing server, app cracked.
Is this the guide you are talking about? To ensure the security of your application, particularly for a paid application that uses licensing and/or custom constraints and protections, it's very important to obfuscate your application code. Properly obfuscating your code makes it more difficult for a malicious user to decompile the application's bytecode, modify it — such as by removing the license check — and then recompile it. Several obfuscator programs are available for Android applications, including ProGuard, which also offers code-optimization features. The use of ProGuard or a similar program to obfuscate your code is strongly recommended for all applications that use Android Market Licensing. Is this a guide? On Aug 25, 1:26 am, Nick Richardson richardson.n...@gmail.com wrote: The guide is linked in the article you posted... On Tue, Aug 24, 2010 at 3:53 PM, sblantipodi perini.dav...@dpsoftware.orgwrote: As title, http://android-developers.blogspot.com/2010/08/licensing-server-news where is the guide to obfuscate our code? -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.comandroid-developers%2bunsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -- //Nick Richardson //richardson.n...@gmail.com -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Licensing server, app cracked.
Thanks to Trevor for his reply, I'm really impatient to see this new doc. To you keyeslabs, I'm actually using netbeans, what is the code you posted? An addition to build.xml for eclipse or Android SDK project? On Aug 25, 4:27 am, keyeslabs keyes...@gmail.com wrote: If you can't wait, here's something to get you started that worked for me. It's what I used to obfuscate AAL, which was a library not an Android App, and thus a bit simpler. You'll need to adjust what you keep (e.g., don't obfuscate) so that you don't shred classes that are referenced by your manifest, or you'll have to update your manifest after the fact. taskdef resource=proguard/ant/task.properties classpath=/adev/proguard4.4/lib/proguard.jar / proguard -libraryjars ${android-jar} -injars ${build-location}/license.jar -outjars ${build-location}/license-rel.jar -dontpreverify -dontoptimize -dontshrink -dontusemixedcaseclassnames -repackageclasses '' -allowaccessmodification -optimizationpasses 1 -verbose -keep public class com.keyes.license.LicenseManager { public *; } -keep public class com.keyes.license.CheckLicenseCallback { public *; } -keep public class com.keyes.license.LicenseException { public *; } /proguard Dave On Aug 24, 6:53 pm, sblantipodi perini.dav...@dpsoftware.org wrote: As title,http://android-developers.blogspot.com/2010/08/licensing-server-news where is the guide to obfuscate our code? -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Licensing server, app cracked.
That is code from the Ant task generated by the Android tooling. I added a new target to do obfuscation, and called it towards the end of the build process. What you see here is the contents of my obfuscate target. On Aug 25, 5:38 am, sblantipodi perini.dav...@dpsoftware.org wrote: Thanks to Trevor for his reply, I'm really impatient to see this new doc. To you keyeslabs, I'm actually using netbeans, what is the code you posted? An addition to build.xml for eclipse or Android SDK project? On Aug 25, 4:27 am, keyeslabs keyes...@gmail.com wrote: If you can't wait, here's something to get you started that worked for me. It's what I used to obfuscate AAL, which was a library not an Android App, and thus a bit simpler. You'll need to adjust what you keep (e.g., don't obfuscate) so that you don't shred classes that are referenced by your manifest, or you'll have to update your manifest after the fact. taskdef resource=proguard/ant/task.properties classpath=/adev/proguard4.4/lib/proguard.jar / proguard -libraryjars ${android-jar} -injars ${build-location}/license.jar -outjars ${build-location}/license-rel.jar -dontpreverify -dontoptimize -dontshrink -dontusemixedcaseclassnames -repackageclasses '' -allowaccessmodification -optimizationpasses 1 -verbose -keep public class com.keyes.license.LicenseManager { public *; } -keep public class com.keyes.license.CheckLicenseCallback { public *; } -keep public class com.keyes.license.LicenseException { public *; } /proguard Dave On Aug 24, 6:53 pm, sblantipodi perini.dav...@dpsoftware.org wrote: As title,http://android-developers.blogspot.com/2010/08/licensing-server-news where is the guide to obfuscate our code? -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Licensing server, app cracked.
Thanks for your reply, I will wait an official guide since I haven't used ant tooling and sincerely I have no intention to switch to it. On Aug 25, 8:04 pm, keyeslabs keyes...@gmail.com wrote: That is code from the Ant task generated by the Android tooling. I added a new target to do obfuscation, and called it towards the end of the build process. What you see here is the contents of my obfuscate target. On Aug 25, 5:38 am, sblantipodi perini.dav...@dpsoftware.org wrote: Thanks to Trevor for his reply, I'm really impatient to see this new doc. To you keyeslabs, I'm actually using netbeans, what is the code you posted? An addition to build.xml for eclipse or Android SDK project? On Aug 25, 4:27 am, keyeslabs keyes...@gmail.com wrote: If you can't wait, here's something to get you started that worked for me. It's what I used to obfuscate AAL, which was a library not an Android App, and thus a bit simpler. You'll need to adjust what you keep (e.g., don't obfuscate) so that you don't shred classes that are referenced by your manifest, or you'll have to update your manifest after the fact. taskdef resource=proguard/ant/task.properties classpath=/adev/proguard4.4/lib/proguard.jar / proguard -libraryjars ${android-jar} -injars ${build-location}/license.jar -outjars ${build-location}/license-rel.jar -dontpreverify -dontoptimize -dontshrink -dontusemixedcaseclassnames -repackageclasses '' -allowaccessmodification -optimizationpasses 1 -verbose -keep public class com.keyes.license.LicenseManager { public *; } -keep public class com.keyes.license.CheckLicenseCallback { public *; } -keep public class com.keyes.license.LicenseException { public *; } /proguard Dave On Aug 24, 6:53 pm, sblantipodi perini.dav...@dpsoftware.org wrote: As title,http://android-developers.blogspot.com/2010/08/licensing-server-news where is the guide to obfuscate our code? -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Licensing server, app cracked.
If you can't wait, here's something to get you started that worked for me. It's what I used to obfuscate AAL, which was a library not an Android App, and thus a bit simpler. You'll need to adjust what you keep (e.g., don't obfuscate) so that you don't shred classes that are referenced by your manifest, or you'll have to update your manifest after the fact. taskdef resource=proguard/ant/task.properties classpath=/adev/proguard4.4/lib/proguard.jar / proguard -libraryjars ${android-jar} -injars ${build-location}/license.jar -outjars ${build-location}/license-rel.jar -dontpreverify -dontoptimize -dontshrink -dontusemixedcaseclassnames -repackageclasses '' -allowaccessmodification -optimizationpasses 1 -verbose -keep public class com.keyes.license.LicenseManager { public *; } -keep public class com.keyes.license.CheckLicenseCallback { public *; } -keep public class com.keyes.license.LicenseException { public *; } /proguard Dave On Aug 24, 6:53 pm, sblantipodi perini.dav...@dpsoftware.org wrote: As title,http://android-developers.blogspot.com/2010/08/licensing-server-news where is the guide to obfuscate our code? -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Licensing - How/where do we manage the ServerManagedPolicy?
As for testing it in the field, our recommendation is to just register an anonymous Google account and buy your own app. You can always return it within 24 hours and not get charged. I'd like to test the licensing support BEFORE making the app publicly available. I don't want to punish early adopters with licensing errors. The logic behind not providing any server extras for a signed in developer eludes me. -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Licensing - How/where do we manage the ServerManagedPolicy?
On Aug 10, 1:47 pm, OldSkoolMark m...@sublimeslime.com wrote: As for testing it in the field, our recommendation is to just register an anonymous Google account and buy your own app. You can always return it within 24 hours and not get charged. I'd like to test the licensing support BEFORE making the app publicly available. I don't want to punish early adopters with licensing errors. I'd say you could keep that window pretty small. Get your test account ready, upload the app, purchase it from the test account, then immediately unpublish it. For extra safety, give it a description for this short period of TEST APP - DO NOT PURCHASE, and maybe a good high price, $50 or more. Just make sure you refund it with 24 hours! The logic behind not providing any server extras for a signed in developer eludes me. I can see it both ways. It's good to be able to disable caching for development, but it would be nice to be able to test the live configuration without the test-account-purchase rigmarole. String -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Licensing
It would be wonderful if this would work - but I don’t see it working. If your developing an app that frequently/occasionally requested info from a server, it would be very easy to detect pirates and deal with them. If not - you're doomed to deal with not making as much money as you should. Everything can be and has been cracked. Disabling functionality when it doesn’t communicate properly with an online resource is where you really deal with piracy. I'd say Google could be like the RIAA and sue the customers or really bad pirates, but that would only destroy the reputation for no good reason. I'm usually really optimistic about most matters, but this is a lost battle from the developer point of view. Blizzard/sc2 has the right idea but that's already cracked for campaign mode. Let Google do the passive agressive steps to stop piracy, and don't worry about piracy loss. I have spent over 3k hours developing a video game for the droid and I’m sure it will do well. If your app/game is good enough, it will make you money even if it is stolen by the pirates of the world. On Jul 28, 1:30 am, Mark Carter mjc1...@googlemail.com wrote: I'm sure (hope?) that must be in the Android team's long term plans. Not only in terms of paid/free licensing but also add-ons (e.g. in-app purchasing). On 28 July 2010 09:12, William Ferguson william.ferguson...@gmail.comwrote: I think that's an excellent suggestion Mark. I think it would be a good idea to allow for separate licnensing of different version of an app. Ie have a single app that can be licensed as 'freeware' 'fully-paid' etc and let the app change its behaviour based on the license that is returned. At the moment this is achieved by having multiple applications which splits the comments and populates the appstore space with duplicates. Just a thought. All in all I think the Licensing Service is a good thing. On Jul 28, 3:58 pm, Mark Carter mjc1...@googlemail.com wrote: Instead of just having the Test Accounts section, it would be much better to be able to specify responses for *individual* gmail accounts. This could then be used as a way to gift a paid app to a user (such as a major beta tester). Also, when testing, you probably want to have this finer grain of control anyway. -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.comandroid-developers%2bunsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en- Hide quoted text - - Show quoted text - -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Licensing
I think that's an excellent suggestion Mark. I think it would be a good idea to allow for separate licnensing of different version of an app. Ie have a single app that can be licensed as 'freeware' 'fully-paid' etc and let the app change its behaviour based on the license that is returned. At the moment this is achieved by having multiple applications which splits the comments and populates the appstore space with duplicates. Just a thought. All in all I think the Licensing Service is a good thing. On Jul 28, 3:58 pm, Mark Carter mjc1...@googlemail.com wrote: Instead of just having the Test Accounts section, it would be much better to be able to specify responses for *individual* gmail accounts. This could then be used as a way to gift a paid app to a user (such as a major beta tester). Also, when testing, you probably want to have this finer grain of control anyway. -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
Re: [android-developers] Re: Licensing
I'm sure (hope?) that must be in the Android team's long term plans. Not only in terms of paid/free licensing but also add-ons (e.g. in-app purchasing). On 28 July 2010 09:12, William Ferguson william.ferguson...@gmail.comwrote: I think that's an excellent suggestion Mark. I think it would be a good idea to allow for separate licnensing of different version of an app. Ie have a single app that can be licensed as 'freeware' 'fully-paid' etc and let the app change its behaviour based on the license that is returned. At the moment this is achieved by having multiple applications which splits the comments and populates the appstore space with duplicates. Just a thought. All in all I think the Licensing Service is a good thing. On Jul 28, 3:58 pm, Mark Carter mjc1...@googlemail.com wrote: Instead of just having the Test Accounts section, it would be much better to be able to specify responses for *individual* gmail accounts. This could then be used as a way to gift a paid app to a user (such as a major beta tester). Also, when testing, you probably want to have this finer grain of control anyway. -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.comandroid-developers%2bunsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
Re: [android-developers] Re: Licensing
In ILicensingService: private static final java.lang.String DESCRIPTOR = com.android.vending.licensing.ILicensingService; So, if a 3rd party market app implements its own licensing service it could simply ask apps to use the same LVL code and just change the above line. Would that work? If so, would be great if that was a configurable part of the LVL. On 28 July 2010 09:30, Mark Carter mjc1...@googlemail.com wrote: I'm sure (hope?) that must be in the Android team's long term plans. Not only in terms of paid/free licensing but also add-ons (e.g. in-app purchasing). On 28 July 2010 09:12, William Ferguson william.ferguson...@gmail.comwrote: I think that's an excellent suggestion Mark. I think it would be a good idea to allow for separate licnensing of different version of an app. Ie have a single app that can be licensed as 'freeware' 'fully-paid' etc and let the app change its behaviour based on the license that is returned. At the moment this is achieved by having multiple applications which splits the comments and populates the appstore space with duplicates. Just a thought. All in all I think the Licensing Service is a good thing. On Jul 28, 3:58 pm, Mark Carter mjc1...@googlemail.com wrote: Instead of just having the Test Accounts section, it would be much better to be able to specify responses for *individual* gmail accounts. This could then be used as a way to gift a paid app to a user (such as a major beta tester). Also, when testing, you probably want to have this finer grain of control anyway. -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.comandroid-developers%2bunsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Licensing
At AndAppStore we've had the same license server technologies in place for over a year, we just haven't had the LVL wrapper around it (see http://bit.ly/dbniJP for a post from April last year about it). We offered the implementation we developed in early 2009 which uses RSA secured licenses to Google as a starting point for a unified solution which all app stores could make use of in late march/early april 2009 and got a thanks but no thanks from the Market team via a member of the Android team (as I mentioned last August http://bit.ly/d9Deoi). So you can imagine we're, well, more than a little niggled to see the same technologies used in the same way with the LVL wrapper around it rolled out as a Market only proprietary solution. If you combine that with the fact that details of how to use the original Google copy protection system weren't given to 3rd parties in order to either use or implement a compatible solution, I think you've got a pretty clear sign of how Google view alternative markets. My initial thought is just to roll a compatibility library as a drop in replacement for Googles LVL so developers could compile a version to use the AndAppStore system if they wanted to sell on AndAppStore. Because the Google system uses the same crypto-secured design as AndAppStores existing solution it'd take less than a day to create, so my only question is if we did it would developers use it? As a side note; The main reason we didn't use our client as the marshall for license queries is because we can't guarantee it's on every device, and neither can Market. This is particularly important with Market because users of devices where it isn't installed may only be able to get access to many paid apps via pirated copies (if the developers don't list on alternative markets). If you're thinking that's a small market then, well, compared with Android 'phones then yes, you may be talking a few percent, but in terms of numbers you're looking at tens, if not hundreds, of thousands of devices. Al. -- * Looking for Android Apps? - Try http://andappstore.com/ * == Funky Android Limited is registered in England Wales with the company number 6741909. The views expressed in this email are those of the author and not necessarily those of Funky Android Limited, it's associates, or it's subsidiaries. On Jul 27, 7:56 pm, Raymond C. Rodgers raym...@badlucksoft.com wrote: On 7/27/2010 2:48 PM, Tommy wrote: It would be interesting if other android market apps could buy or lease the rights to the License Server or have their market checked just like it does the google market records. Im sure if google wanted they could find a way to make that work. I have no doubt that Google could license the technique or availability of the license server to other markets, but I'm not sure if they'll see that as being in their business' best interests, or how profitable they think it could be. Although they are allowing other markets to be built, and allow outside applications to be installed on Android if the user enables that feature, they aren't exactly going out of their way to support the development and establishment of competitors. But they aren't actively trying to eliminate them either. It's the job of the competition to adopt, adapt, or innovate, and since alternative markets might not be able to adopt this change, they'll have to adapt or innovate, and find a similar or better solution. Until or unless Google decides to let them in of course... :-) Raymond -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
Re: [android-developers] Re: Licensing
After going though the Google docs, it doesn't seem fundamentally different than what is out there with places like AndAppStore and has much of the same inherent weaknesses in terms of security (the whole package looks cool though and if I had a paid app on AM I would likely use it). I was expecting there would be platform level protection. I'm not sure why google thinks compiled-in apk security is better. Basically, if the OS has been tampered with, the Market shouldn't deliver the content at all and it has to secure the content from being removed, also handled by the platform. Anything else is subject to de-compiling. It's not a huge step over existing solutions in terms of security. So basically, I think it is a good implementation but Al is right, these ideas were tested out by places like AndAppStore, Keys Labs and then done internally within Google. It's definitely a damper to innovation when this happens. It also divides the community somewhat when devs only use a solution when Google provides it, effectively ignoring a similar solution from smaller players who are active within the community, as these smaller players won't bother with pushing the boundaries when this happens. On Tue, Jul 27, 2010 at 11:55 PM, Al Sutton a...@funkyandroid.com wrote: At AndAppStore we've had the same license server technologies in place for over a year, we just haven't had the LVL wrapper around it (see http://bit.ly/dbniJP for a post from April last year about it). We offered the implementation we developed in early 2009 which uses RSA secured licenses to Google as a starting point for a unified solution which all app stores could make use of in late march/early april 2009 and got a thanks but no thanks from the Market team via a member of the Android team (as I mentioned last August http://bit.ly/d9Deoi). So you can imagine we're, well, more than a little niggled to see the same technologies used in the same way with the LVL wrapper around it rolled out as a Market only proprietary solution. If you combine that with the fact that details of how to use the original Google copy protection system weren't given to 3rd parties in order to either use or implement a compatible solution, I think you've got a pretty clear sign of how Google view alternative markets. My initial thought is just to roll a compatibility library as a drop in replacement for Googles LVL so developers could compile a version to use the AndAppStore system if they wanted to sell on AndAppStore. Because the Google system uses the same crypto-secured design as AndAppStores existing solution it'd take less than a day to create, so my only question is if we did it would developers use it? As a side note; The main reason we didn't use our client as the marshall for license queries is because we can't guarantee it's on every device, and neither can Market. This is particularly important with Market because users of devices where it isn't installed may only be able to get access to many paid apps via pirated copies (if the developers don't list on alternative markets). If you're thinking that's a small market then, well, compared with Android 'phones then yes, you may be talking a few percent, but in terms of numbers you're looking at tens, if not hundreds, of thousands of devices. Al. -- * Looking for Android Apps? - Try http://andappstore.com/ * == Funky Android Limited is registered in England Wales with the company number 6741909. The views expressed in this email are those of the author and not necessarily those of Funky Android Limited, it's associates, or it's subsidiaries. On Jul 27, 7:56 pm, Raymond C. Rodgers raym...@badlucksoft.com wrote: On 7/27/2010 2:48 PM, Tommy wrote: It would be interesting if other android market apps could buy or lease the rights to the License Server or have their market checked just like it does the google market records. Im sure if google wanted they could find a way to make that work. I have no doubt that Google could license the technique or availability of the license server to other markets, but I'm not sure if they'll see that as being in their business' best interests, or how profitable they think it could be. Although they are allowing other markets to be built, and allow outside applications to be installed on Android if the user enables that feature, they aren't exactly going out of their way to support the development and establishment of competitors. But they aren't actively trying to eliminate them either. It's the job of the competition to adopt, adapt, or innovate, and since alternative markets might not be able to adopt this change, they'll have to adapt or innovate, and find a similar or better solution. Until or unless Google decides to let them in of course... :-) Raymond -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this
[android-developers] Re: Licensing
It's very new and I just notice it this morning. I want to know how google handle something like DNS fraud. If the app connect to licensing.google.com for licensing checking, what if the user point the host name to his server which can provide fake licensing result? Regards, Ken On 7月28日, 下午1時58分, Mark Carter mjc1...@googlemail.com wrote: Instead of just having the Test Accounts section, it would be much better to be able to specify responses for *individual* gmail accounts. This could then be used as a way to gift a paid app to a user (such as a major beta tester). Also, when testing, you probably want to have this finer grain of control anyway. -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Licensing
it's very new and i just notice it this morning. i want to know how google handle something like dns fraud? for example, if google is connecting to licensing.google.com for licensing checking, what if the one manually point the host name to his server which can providing fake licensing result? Regards, Ken On 7月28日, 下午1時58分, Mark Carter mjc1...@googlemail.com wrote: Instead of just having the Test Accounts section, it would be much better to be able to specify responses for *individual* gmail accounts. This could then be used as a way to gift a paid app to a user (such as a major beta tester). Also, when testing, you probably want to have this finer grain of control anyway. -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
Re: [android-developers] Re: Licensing
That would mean the 3rd party system would need to run a service on the device which tends to be unpopular with users and isn't reliable unless the application embeds the service code. I know from experience many users buy apps through AndAppStore, install the client, download the app, then uninstall the AndAppStore client to free up space on their device, so putting the service in the client isn't an option. Al. -- * Looking for Android Apps? - Try http://andappstore.com/ * == Funky Android Limited is registered in England Wales with the company number 6741909. The views expressed in this email are those of the author and not necessarily those of Funky Android Limited, it's associates, or it's subsidiaries. On 28 Jul 2010, at 08:42, Mark Carter wrote: In ILicensingService: private static final java.lang.String DESCRIPTOR = com.android.vending.licensing.ILicensingService; So, if a 3rd party market app implements its own licensing service it could simply ask apps to use the same LVL code and just change the above line. Would that work? If so, would be great if that was a configurable part of the LVL. On 28 July 2010 09:30, Mark Carter mjc1...@googlemail.com wrote: I'm sure (hope?) that must be in the Android team's long term plans. Not only in terms of paid/free licensing but also add-ons (e.g. in-app purchasing). On 28 July 2010 09:12, William Ferguson william.ferguson...@gmail.com wrote: I think that's an excellent suggestion Mark. I think it would be a good idea to allow for separate licnensing of different version of an app. Ie have a single app that can be licensed as 'freeware' 'fully-paid' etc and let the app change its behaviour based on the license that is returned. At the moment this is achieved by having multiple applications which splits the comments and populates the appstore space with duplicates. Just a thought. All in all I think the Licensing Service is a good thing. On Jul 28, 3:58 pm, Mark Carter mjc1...@googlemail.com wrote: Instead of just having the Test Accounts section, it would be much better to be able to specify responses for *individual* gmail accounts. This could then be used as a way to gift a paid app to a user (such as a major beta tester). Also, when testing, you probably want to have this finer grain of control anyway. -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
Re: [android-developers] Re: Licensing
On Tue, Jul 27, 2010 at 11:54 PM, Ken kentsan...@gmail.com wrote: it's very new and i just notice it this morning. i want to know how google handle something like dns fraud? for example, if google is connecting to licensing.google.com for licensing checking, what if the one manually point the host name to his server which can providing fake licensing result? Regards, Ken That's why we use public-key cryptography to sign license responses. The fake licensing server wouldn't have access to the private key. As a result, the forged license response would fail verification. -- Trevor Johns Google Developer Programs, Android http://developer.android.com -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Licensing
Al, I think there is a clear need in the market for a single app that brokers the licences for all market providers. If this could also include the official market all the better, but I think developers could live with two. As to guarenteeing the licencing service is available on the device, one way that springs to mind would be to release a market client app like AndAppStore client that aggregartes apps from all market providers. With an offering like that available I think that a lot of users would use it instead of the oficial market client. If so then it could host the licencing service. As a side note, if that generic market client were to also aggregate the official market apps (perhaps even putting them in place or ahread of the same app from another market) then you might be able to side step the anti-compete agreement and actually have the aggregated market client hosted on market. On Jul 28, 4:55 pm, Al Sutton a...@funkyandroid.com wrote: At AndAppStore we've had the same license server technologies in place for over a year, we just haven't had the LVL wrapper around it (seehttp://bit.ly/dbniJPfor a post from April last year about it). We offered the implementation we developed in early 2009 which uses RSA secured licenses to Google as a starting point for a unified solution which all app stores could make use of in late march/early april 2009 and got a thanks but no thanks from the Market team via a member of the Android team (as I mentioned last Augusthttp://bit.ly/d9Deoi). ... My initial thought is just to roll a compatibility library as a drop in replacement for Googles LVL so developers could compile a version to use the AndAppStore system if they wanted to sell on AndAppStore. Because the Google system uses the same crypto-secured design as AndAppStores existing solution it'd take less than a day to create, so my only question is if we did it would developers use it? As a side note; The main reason we didn't use our client as the marshall for license queries is because we can't guarantee it's on every device, and neither can Market. This is particularly important with Market because users of devices where it isn't installed may only be able to get access to many paid apps via pirated copies (if the developers don't list on alternative markets). If you're thinking that's a small market then, well, compared with Android 'phones then yes, you may be talking a few percent, but in terms of numbers you're looking at tens, if not hundreds, of thousands of devices. Al. -- * Looking for Android Apps? - Tryhttp://andappstore.com/* == Funky Android Limited is registered in England Wales with the company number 6741909. The views expressed in this email are those of the author and not necessarily those of Funky Android Limited, it's associates, or it's subsidiaries. On Jul 27, 7:56 pm, Raymond C. Rodgers raym...@badlucksoft.com wrote: On 7/27/2010 2:48 PM, Tommy wrote: It would be interesting if other android market apps could buy or lease the rights to the License Server or have their market checked just like it does the google market records. Im sure if google wanted they could find a way to make that work. I have no doubt that Google could license the technique or availability of the license server to other markets, but I'm not sure if they'll see that as being in their business' best interests, or how profitable they think it could be. Although they are allowing other markets to be built, and allow outside applications to be installed on Android if the user enables that feature, they aren't exactly going out of their way to support the development and establishment of competitors. But they aren't actively trying to eliminate them either. It's the job of the competition to adopt, adapt, or innovate, and since alternative markets might not be able to adopt this change, they'll have to adapt or innovate, and find a similar or better solution. Until or unless Google decides to let them in of course... :-) Raymond -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Licensing
I found this line confusing: Adding licensing to an application does not affect the way the application functions when run on a device that does not offer Android Market. I assume they don't mean that licensing checks are bypassed if there is no Android Market (!) since this is down to the app's licensing implementation... On Jul 27, 8:20 pm, Raymond C. Rodgers raym...@badlucksoft.com wrote: On 7/27/2010 2:11 PM, Shane Isbell wrote: It's addressing a direct need of developers. From my perspective, I wonder what the impact will be for alternative stores, as they can't use the service. http://groups.google.com/group/android-developers?hl=en I imagine the alternative stores will implement a system very similar if not identical. Although this solution is new to Android, it's hardly unique or particularly difficult to implement, not to mention Google almost gives implementation details in the blog post and documentation. If the other stores don't adopt, adapt, or innovate, they likely won't be around long. Raymond -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
Re: [android-developers] Re: Licensing
On Tue, Jul 27, 2010 at 11:28 AM, Mark Carter mjc1...@googlemail.comwrote: I found this line confusing: Adding licensing to an application does not affect the way the application functions when run on a device that does not offer Android Market. The way I read it is to not allow rooted devices to download the application, but once the app is pulled off, it's in the clear. In theory, if the application is in a protected space, this would be a reasonably secure solution. Once an app leaves the protected space, any DRM system has failed. I assume they don't mean that licensing checks are bypassed if there is no Android Market (!) since this is down to the app's licensing implementation... On Jul 27, 8:20 pm, Raymond C. Rodgers raym...@badlucksoft.com wrote: On 7/27/2010 2:11 PM, Shane Isbell wrote: It's addressing a direct need of developers. From my perspective, I wonder what the impact will be for alternative stores, as they can't use the service. http://groups.google.com/group/android-developers?hl=en I imagine the alternative stores will implement a system very similar if not identical. Although this solution is new to Android, it's hardly unique or particularly difficult to implement, not to mention Google almost gives implementation details in the blog post and documentation. If the other stores don't adopt, adapt, or innovate, they likely won't be around long. Raymond -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.comandroid-developers%2bunsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -- Shane Isbell (Founder of ZappMarket) http://apps.facebook.com/zappmarket/ -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
Re: [android-developers] Re: Licensing
On 7/27/2010 2:28 PM, Mark Carter wrote: I found this line confusing: Adding licensing to an application does not affect the way the application functions when run on a device that does not offer Android Market. I assume they don't mean that licensing checks are bypassed if there is no Android Market (!) since this is down to the app's licensing implementation... I'm not really the person to ask, but it makes some sense. Basically, the whole thing is built around communication with and through the Android Market app. If the app isn't there, then the licensing doesn't work. I imagine, that the library will tell the application that the license checking failed and that the app isn't authorized to run on the device. However, theoretically, it's also possible then to build an app that will run on devices that don't have Android Market, and yet take advantage of the licensing if the device does. Take the Barnes and Noble Nook for example. I don't know if it has Android Market on it, but the device version should be able to run on all Nooks. If it were a paid app in the Market, not free like it currently is, they could then license it so that people can't get it for free through piracy. Of course, this is just a guess and some rationalization has taken place... :-) Raymond -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
Re: [android-developers] Re: Licensing
On Tue, Jul 27, 2010 at 11:28 AM, Mark Carter mjc1...@googlemail.comwrote: I found this line confusing: Adding licensing to an application does not affect the way the application functions when run on a device that does not offer Android Market. I assume they don't mean that licensing checks are bypassed if there is no Android Market (!) since this is down to the app's licensing implementation... Correct. Licensing checks are not bypassed. However, since this is a runtime check, developers can decide how to handle this failure case. They could, for example, create an single APK that checks with multiple licensing services. -- Trevor Johns Google Developer Programs, Android http://developer.android.com -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Licensing
Many (most?) Android developers can still not sell applications on Android market, and people who got free apps usually don't care about licensing. On 27 Juli, 19:29, Chris Stewart cstewart...@gmail.com wrote: With the just announced licensing feature for Android (http://developer.android.com/guide/publishing/licensing.html), I'm curious to hear what you all think about it. Is piracy a big enough problem on Android that this is a breath of fresh air, or more of a precaution for the future? Chris Stewart cstewart...@gmail.comhttp://www.androidsdkforum.com -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Licensing an Android application programatically.
Hi, # 1 - I believe you can do this when signing your certificate. # 2 - you can store the number of times your app is invoked on the Preferences then just check if it already exceeds your limit but then it can easily be broken by just uninstalling the application and download it again. I haven't tried this yet. Just my idea. Marc 2. Usage based ( 100 invocations of the application). On Wed, Jun 3, 2009 at 5:24 PM, aayush abhatnagar192...@gmail.com wrote: Hello list.. I had a query: If i wish to attach an evaluation license to my android application, how can that be achieved ? As for example, i may want to provide an evaluation license based application that expires in one of the following ways: 1. Time based (30 days etc) 2. Usage based ( 100 invocations of the application). Once the application's license expires, i need to restrict access to it from the user. Thanks in advance.. Best Regards aayush --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers-unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~--~~~~--~~--~--~---
[android-developers] Re: Licensing an Android application programatically.
okay..thanks for the answer Marc. For #1 i believe i need to create my own certificate by using the keytool utility and sign it as you suggest. Time based is my only requirement..as of now. Usage based is not a priority for me. aayush On Jun 3, 2:34 pm, Marc Lester Tan mail...@gmail.com wrote: Hi, # 1 - I believe you can do this when signing your certificate. # 2 - you can store the number of times your app is invoked on the Preferences then just check if it already exceeds your limit but then it can easily be broken by just uninstalling the application and download it again. I haven't tried this yet. Just my idea. Marc 2. Usage based ( 100 invocations of the application). On Wed, Jun 3, 2009 at 5:24 PM, aayush abhatnagar192...@gmail.com wrote: Hello list.. I had a query: If i wish to attach an evaluation license to my android application, how can that be achieved ? As for example, i may want to provide an evaluation license based application that expires in one of the following ways: 1. Time based (30 days etc) 2. Usage based ( 100 invocations of the application). Once the application's license expires, i need to restrict access to it from the user. Thanks in advance.. Best Regards aayush --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers-unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~--~~~~--~~--~--~---
[android-developers] Re: Licensing an Android application programatically.
if i were u if my app already interacts with the web then i'll initially hit a url from the app with may the phone's unique id... i'll take care of everythin else at the web-side... this will make sure that there's not much change in my app's performance... but i dont exactly no if an android phone has any sort of unique id the possibilities to get such an id... if not the id u may go for the google acc registered with the phone... but this may have some limitations... On Wed, Jun 3, 2009 at 3:20 PM, aayush abhatnagar192...@gmail.com wrote: okay..thanks for the answer Marc. For #1 i believe i need to create my own certificate by using the keytool utility and sign it as you suggest. Time based is my only requirement..as of now. Usage based is not a priority for me. aayush On Jun 3, 2:34 pm, Marc Lester Tan mail...@gmail.com wrote: Hi, # 1 - I believe you can do this when signing your certificate. # 2 - you can store the number of times your app is invoked on the Preferences then just check if it already exceeds your limit but then it can easily be broken by just uninstalling the application and download it again. I haven't tried this yet. Just my idea. Marc 2. Usage based ( 100 invocations of the application). On Wed, Jun 3, 2009 at 5:24 PM, aayush abhatnagar192...@gmail.com wrote: Hello list.. I had a query: If i wish to attach an evaluation license to my android application, how can that be achieved ? As for example, i may want to provide an evaluation license based application that expires in one of the following ways: 1. Time based (30 days etc) 2. Usage based ( 100 invocations of the application). Once the application's license expires, i need to restrict access to it from the user. Thanks in advance.. Best Regards aayush -- Regards, Sujay George Bernard Shawhttp://www.brainyquote.com/quotes/authors/g/george_bernard_shaw.html - A government that robs Peter to pay Paul can always depend on the support of Paul. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers-unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~--~~~~--~~--~--~---
[android-developers] Re: Licensing an Android application programatically.
I would do the same. Get the android ID like this: String android_id = android.provider.Settings.System.getString (this.getContentResolver(), android.provider.Settings.System.ANDROID_ID); Then send it to your back-end and query the number of times you've made the same call or the date you firstly made a call against the unique ID. Hope it helps! On Jun 3, 11:02 am, Sujay Krishna Suresh sujay.coold...@gmail.com wrote: if i were u if my app already interacts with the web then i'll initially hit a url from the app with may the phone's unique id... i'll take care of everythin else at the web-side... this will make sure that there's not much change in my app's performance... but i dont exactly no if an android phone has any sort of unique id the possibilities to get such an id... if not the id u may go for the google acc registered with the phone... but this may have some limitations... On Wed, Jun 3, 2009 at 3:20 PM, aayush abhatnagar192...@gmail.com wrote: okay..thanks for the answer Marc. For #1 i believe i need to create my own certificate by using the keytool utility and sign it as you suggest. Time based is my only requirement..as of now. Usage based is not a priority for me. aayush On Jun 3, 2:34 pm, Marc Lester Tan mail...@gmail.com wrote: Hi, # 1 - I believe you can do this when signing your certificate. # 2 - you can store the number of times your app is invoked on the Preferences then just check if it already exceeds your limit but then it can easily be broken by just uninstalling the application and download it again. I haven't tried this yet. Just my idea. Marc 2. Usage based ( 100 invocations of the application). On Wed, Jun 3, 2009 at 5:24 PM, aayush abhatnagar192...@gmail.com wrote: Hello list.. I had a query: If i wish to attach an evaluation license to my android application, how can that be achieved ? As for example, i may want to provide an evaluation license based application that expires in one of the following ways: 1. Time based (30 days etc) 2. Usage based ( 100 invocations of the application). Once the application's license expires, i need to restrict access to it from the user. Thanks in advance.. Best Regards aayush -- Regards, Sujay George Bernard Shawhttp://www.brainyquote.com/quotes/authors/g/george_bernard_shaw.html - A government that robs Peter to pay Paul can always depend on the support of Paul. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers-unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~--~~~~--~~--~--~---
[android-developers] Re: Licensing an Android application programatically.
Thanks so much for the detailed suggestions. I really appreciate it. Basically, the web based alternative will require the users of the application to run it with an internet connection. My app is a telco application, usually tested in an isolated lab environment on a private LAN. Performance may be an issue, as you guys correctly pointed out..but for an evaluation copy..it may be acceptable. For the real production ready (paid app), i wont use such a license. But still, i want to understand the performance penalty on using a client side licence solution. Is it that heavy that it will impair the performance of my app? if i remember correctly, i think the android app certificate needs to be assigned a validity date..and it can be password protected. Maybe it can be utilized for my needs? aayush On Jun 3, 10:09 am, mobilekid mobilek...@googlemail.com wrote: I would do the same. Get the android ID like this: String android_id = android.provider.Settings.System.getString (this.getContentResolver(), android.provider.Settings.System.ANDROID_ID); Then send it to your back-end and query the number of times you've made the same call or the date you firstly made a call against the unique ID. Hope it helps! On Jun 3, 11:02 am, Sujay Krishna Suresh sujay.coold...@gmail.com wrote: if i were u if my app already interacts with the web then i'll initially hit a url from the app with may the phone's unique id... i'll take care of everythin else at the web-side... this will make sure that there's not much change in my app's performance... but i dont exactly no if an android phone has any sort of unique id the possibilities to get such an id... if not the id u may go for the google acc registered with the phone... but this may have some limitations... On Wed, Jun 3, 2009 at 3:20 PM, aayush abhatnagar192...@gmail.com wrote: okay..thanks for the answer Marc. For #1 i believe i need to create my own certificate by using the keytool utility and sign it as you suggest. Time based is my only requirement..as of now. Usage based is not a priority for me. aayush On Jun 3, 2:34 pm, Marc Lester Tan mail...@gmail.com wrote: Hi, # 1 - I believe you can do this when signing your certificate. # 2 - you can store the number of times your app is invoked on the Preferences then just check if it already exceeds your limit but then it can easily be broken by just uninstalling the application and download it again. I haven't tried this yet. Just my idea. Marc 2. Usage based ( 100 invocations of the application). On Wed, Jun 3, 2009 at 5:24 PM, aayush abhatnagar192...@gmail.com wrote: Hello list.. I had a query: If i wish to attach an evaluation license to my android application, how can that be achieved ? As for example, i may want to provide an evaluation license based application that expires in one of the following ways: 1. Time based (30 days etc) 2. Usage based ( 100 invocations of the application). Once the application's license expires, i need to restrict access to it from the user. Thanks in advance.. Best Regards aayush -- Regards, Sujay George Bernard Shawhttp://www.brainyquote.com/quotes/authors/g/george_bernard_shaw.html - A government that robs Peter to pay Paul can always depend on the support of Paul. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers-unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~--~~~~--~~--~--~---
[android-developers] Re: Licensing an Android application programatically.
For one thing, it's Secure.ANDROID_ID not System.ANDROID_ID. But the documentation on that is a bit vague. It seems to be related to your Google login information, so that brings up two questions: 1. is it sensitive information? 2. does it change if you log in to another Google account? On Jun 3, 12:09 pm, mobilekid mobilek...@googlemail.com wrote: I would do the same. Get the android ID like this: String android_id = android.provider.Settings.System.getString (this.getContentResolver(), android.provider.Settings.System.ANDROID_ID); Then send it to your back-end and query the number of times you've made the same call or the date you firstly made a call against the unique ID. Hope it helps! On Jun 3, 11:02 am, Sujay Krishna Suresh sujay.coold...@gmail.com wrote: if i were u if my app already interacts with the web then i'll initially hit a url from the app with may the phone's unique id... i'll take care of everythin else at the web-side... this will make sure that there's not much change in my app's performance... but i dont exactly no if an android phone has any sort of unique id the possibilities to get such an id... if not the id u may go for the google acc registered with the phone... but this may have some limitations... On Wed, Jun 3, 2009 at 3:20 PM, aayush abhatnagar192...@gmail.com wrote: okay..thanks for the answer Marc. For #1 i believe i need to create my own certificate by using the keytool utility and sign it as you suggest. Time based is my only requirement..as of now. Usage based is not a priority for me. aayush On Jun 3, 2:34 pm, Marc Lester Tan mail...@gmail.com wrote: Hi, # 1 - I believe you can do this when signing your certificate. # 2 - you can store the number of times your app is invoked on the Preferences then just check if it already exceeds your limit but then it can easily be broken by just uninstalling the application and download it again. I haven't tried this yet. Just my idea. Marc 2. Usage based ( 100 invocations of the application). On Wed, Jun 3, 2009 at 5:24 PM, aayush abhatnagar192...@gmail.com wrote: Hello list.. I had a query: If i wish to attach an evaluation license to my android application, how can that be achieved ? As for example, i may want to provide an evaluation license based application that expires in one of the following ways: 1. Time based (30 days etc) 2. Usage based ( 100 invocations of the application). Once the application's license expires, i need to restrict access to it from the user. Thanks in advance.. Best Regards aayush -- Regards, Sujay George Bernard Shawhttp://www.brainyquote.com/quotes/authors/g/george_bernard_shaw.html - A government that robs Peter to pay Paul can always depend on the support of Paul. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers-unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~--~~~~--~~--~--~---
[android-developers] Re: Licensing an Android application programatically.
aayush, if u r goin for client-side implementations then i'm very sure that there're many workarounds... one of it was mentioned by marc earlier... N plz be clear whether ur app is standalone or does it make use of web in ur LAN?? On Wed, Jun 3, 2009 at 5:15 PM, Neil neilb...@gmail.com wrote: For one thing, it's Secure.ANDROID_ID not System.ANDROID_ID. But the documentation on that is a bit vague. It seems to be related to your Google login information, so that brings up two questions: 1. is it sensitive information? 2. does it change if you log in to another Google account? On Jun 3, 12:09 pm, mobilekid mobilek...@googlemail.com wrote: I would do the same. Get the android ID like this: String android_id = android.provider.Settings.System.getString (this.getContentResolver(), android.provider.Settings.System.ANDROID_ID); Then send it to your back-end and query the number of times you've made the same call or the date you firstly made a call against the unique ID. Hope it helps! On Jun 3, 11:02 am, Sujay Krishna Suresh sujay.coold...@gmail.com wrote: if i were u if my app already interacts with the web then i'll initially hit a url from the app with may the phone's unique id... i'll take care of everythin else at the web-side... this will make sure that there's not much change in my app's performance... but i dont exactly no if an android phone has any sort of unique id the possibilities to get such an id... if not the id u may go for the google acc registered with the phone... but this may have some limitations... On Wed, Jun 3, 2009 at 3:20 PM, aayush abhatnagar192...@gmail.com wrote: okay..thanks for the answer Marc. For #1 i believe i need to create my own certificate by using the keytool utility and sign it as you suggest. Time based is my only requirement..as of now. Usage based is not a priority for me. aayush On Jun 3, 2:34 pm, Marc Lester Tan mail...@gmail.com wrote: Hi, # 1 - I believe you can do this when signing your certificate. # 2 - you can store the number of times your app is invoked on the Preferences then just check if it already exceeds your limit but then it can easily be broken by just uninstalling the application and download it again. I haven't tried this yet. Just my idea. Marc 2. Usage based ( 100 invocations of the application). On Wed, Jun 3, 2009 at 5:24 PM, aayush abhatnagar192...@gmail.com wrote: Hello list.. I had a query: If i wish to attach an evaluation license to my android application, how can that be achieved ? As for example, i may want to provide an evaluation license based application that expires in one of the following ways: 1. Time based (30 days etc) 2. Usage based ( 100 invocations of the application). Once the application's license expires, i need to restrict access to it from the user. Thanks in advance.. Best Regards aayush -- Regards, Sujay George Bernard Shaw http://www.brainyquote.com/quotes/authors/g/george_bernard_shaw.html - A government that robs Peter to pay Paul can always depend on the support of Paul. -- Regards, Sujay H. L. Mencken http://www.brainyquote.com/quotes/authors/h/h_l_mencken.html - Nobody ever went broke underestimating the taste of the American public. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers-unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~--~~~~--~~--~--~---
[android-developers] Re: Licensing an Android application programatically.
N one of my friends suggested that u make use of the serial key system for differentiating bet licensed unlicensed users... it sounds good... the first time a user uses ur app... jus ask for their key... also have an option for evaluate.. if the user selects evaluate set a preference to null string or if the user enters a correct key set it to smthin else... the key validation is a onetime job... so i guess this will also not bother ur performance... On Wed, Jun 3, 2009 at 5:26 PM, Sujay Krishna Suresh sujay.coold...@gmail.com wrote: aayush, if u r goin for client-side implementations then i'm very sure that there're many workarounds... one of it was mentioned by marc earlier... N plz be clear whether ur app is standalone or does it make use of web in ur LAN?? On Wed, Jun 3, 2009 at 5:15 PM, Neil neilb...@gmail.com wrote: For one thing, it's Secure.ANDROID_ID not System.ANDROID_ID. But the documentation on that is a bit vague. It seems to be related to your Google login information, so that brings up two questions: 1. is it sensitive information? 2. does it change if you log in to another Google account? On Jun 3, 12:09 pm, mobilekid mobilek...@googlemail.com wrote: I would do the same. Get the android ID like this: String android_id = android.provider.Settings.System.getString (this.getContentResolver(), android.provider.Settings.System.ANDROID_ID); Then send it to your back-end and query the number of times you've made the same call or the date you firstly made a call against the unique ID. Hope it helps! On Jun 3, 11:02 am, Sujay Krishna Suresh sujay.coold...@gmail.com wrote: if i were u if my app already interacts with the web then i'll initially hit a url from the app with may the phone's unique id... i'll take care of everythin else at the web-side... this will make sure that there's not much change in my app's performance... but i dont exactly no if an android phone has any sort of unique id the possibilities to get such an id... if not the id u may go for the google acc registered with the phone... but this may have some limitations... On Wed, Jun 3, 2009 at 3:20 PM, aayush abhatnagar192...@gmail.com wrote: okay..thanks for the answer Marc. For #1 i believe i need to create my own certificate by using the keytool utility and sign it as you suggest. Time based is my only requirement..as of now. Usage based is not a priority for me. aayush On Jun 3, 2:34 pm, Marc Lester Tan mail...@gmail.com wrote: Hi, # 1 - I believe you can do this when signing your certificate. # 2 - you can store the number of times your app is invoked on the Preferences then just check if it already exceeds your limit but then it can easily be broken by just uninstalling the application and download it again. I haven't tried this yet. Just my idea. Marc 2. Usage based ( 100 invocations of the application). On Wed, Jun 3, 2009 at 5:24 PM, aayush abhatnagar192...@gmail.com wrote: Hello list.. I had a query: If i wish to attach an evaluation license to my android application, how can that be achieved ? As for example, i may want to provide an evaluation license based application that expires in one of the following ways: 1. Time based (30 days etc) 2. Usage based ( 100 invocations of the application). Once the application's license expires, i need to restrict access to it from the user. Thanks in advance.. Best Regards aayush -- Regards, Sujay George Bernard Shaw http://www.brainyquote.com/quotes/authors/g/george_bernard_shaw.html - A government that robs Peter to pay Paul can always depend on the support of Paul. -- Regards, Sujay H. L. Menckenhttp://www.brainyquote.com/quotes/authors/h/h_l_mencken.html - Nobody ever went broke underestimating the taste of the American public. -- Regards, Sujay Mark Twain http://www.brainyquote.com/quotes/authors/m/mark_twain.html - There is no sadder sight than a young pessimist. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers-unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~--~~~~--~~--~--~---
[android-developers] Re: Licensing an Android application programatically.
But a drawback is that if not properly checked,the same key could be used with any no of ur apps... On Wed, Jun 3, 2009 at 5:29 PM, Sujay Krishna Suresh sujay.coold...@gmail.com wrote: N one of my friends suggested that u make use of the serial key system for differentiating bet licensed unlicensed users... it sounds good... the first time a user uses ur app... jus ask for their key... also have an option for evaluate.. if the user selects evaluate set a preference to null string or if the user enters a correct key set it to smthin else... the key validation is a onetime job... so i guess this will also not bother ur performance... On Wed, Jun 3, 2009 at 5:26 PM, Sujay Krishna Suresh sujay.coold...@gmail.com wrote: aayush, if u r goin for client-side implementations then i'm very sure that there're many workarounds... one of it was mentioned by marc earlier... N plz be clear whether ur app is standalone or does it make use of web in ur LAN?? On Wed, Jun 3, 2009 at 5:15 PM, Neil neilb...@gmail.com wrote: For one thing, it's Secure.ANDROID_ID not System.ANDROID_ID. But the documentation on that is a bit vague. It seems to be related to your Google login information, so that brings up two questions: 1. is it sensitive information? 2. does it change if you log in to another Google account? On Jun 3, 12:09 pm, mobilekid mobilek...@googlemail.com wrote: I would do the same. Get the android ID like this: String android_id = android.provider.Settings.System.getString (this.getContentResolver(), android.provider.Settings.System.ANDROID_ID); Then send it to your back-end and query the number of times you've made the same call or the date you firstly made a call against the unique ID. Hope it helps! On Jun 3, 11:02 am, Sujay Krishna Suresh sujay.coold...@gmail.com wrote: if i were u if my app already interacts with the web then i'll initially hit a url from the app with may the phone's unique id... i'll take care of everythin else at the web-side... this will make sure that there's not much change in my app's performance... but i dont exactly no if an android phone has any sort of unique id the possibilities to get such an id... if not the id u may go for the google acc registered with the phone... but this may have some limitations... On Wed, Jun 3, 2009 at 3:20 PM, aayush abhatnagar192...@gmail.com wrote: okay..thanks for the answer Marc. For #1 i believe i need to create my own certificate by using the keytool utility and sign it as you suggest. Time based is my only requirement..as of now. Usage based is not a priority for me. aayush On Jun 3, 2:34 pm, Marc Lester Tan mail...@gmail.com wrote: Hi, # 1 - I believe you can do this when signing your certificate. # 2 - you can store the number of times your app is invoked on the Preferences then just check if it already exceeds your limit but then it can easily be broken by just uninstalling the application and download it again. I haven't tried this yet. Just my idea. Marc 2. Usage based ( 100 invocations of the application). On Wed, Jun 3, 2009 at 5:24 PM, aayush abhatnagar192...@gmail.com wrote: Hello list.. I had a query: If i wish to attach an evaluation license to my android application, how can that be achieved ? As for example, i may want to provide an evaluation license based application that expires in one of the following ways: 1. Time based (30 days etc) 2. Usage based ( 100 invocations of the application). Once the application's license expires, i need to restrict access to it from the user. Thanks in advance.. Best Regards aayush -- Regards, Sujay George Bernard Shaw http://www.brainyquote.com/quotes/authors/g/george_bernard_shaw.html - A government that robs Peter to pay Paul can always depend on the support of Paul. -- Regards, Sujay H. L. Menckenhttp://www.brainyquote.com/quotes/authors/h/h_l_mencken.html - Nobody ever went broke underestimating the taste of the American public. -- Regards, Sujay Mark Twain http://www.brainyquote.com/quotes/authors/m/mark_twain.html - There is no sadder sight than a young pessimist. -- Regards, Sujay H. L. Mencken http://www.brainyquote.com/quotes/authors/h/h_l_mencken.html - Nobody ever went broke underestimating the taste of the American public. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers-unsubscr...@googlegroups.com For more options, visit this group at
[android-developers] Re: Licensing an Android application programatically.
Yes...sounds neat indeed.. On Jun 3, 12:09 pm, mobilekid mobilek...@googlemail.com wrote: I would do the same. Get the android ID like this: String android_id = android.provider.Settings.System.getString (this.getContentResolver(), android.provider.Settings.System.ANDROID_ID); Then send it to your back-end and query the number of times you've made the same call or the date you firstly made a call against the unique ID. Hope it helps! On Jun 3, 11:02 am, Sujay Krishna Suresh sujay.coold...@gmail.com wrote: if i were u if my app already interacts with the web then i'll initially hit a url from the app with may the phone's unique id... i'll take care of everythin else at the web-side... this will make sure that there's not much change in my app's performance... but i dont exactly no if an android phone has any sort of unique id the possibilities to get such an id... if not the id u may go for the google acc registered with the phone... but this may have some limitations... On Wed, Jun 3, 2009 at 3:20 PM, aayush abhatnagar192...@gmail.com wrote: okay..thanks for the answer Marc. For #1 i believe i need to create my own certificate by using the keytool utility and sign it as you suggest. Time based is my only requirement..as of now. Usage based is not a priority for me. aayush On Jun 3, 2:34 pm, Marc Lester Tan mail...@gmail.com wrote: Hi, # 1 - I believe you can do this when signing your certificate. # 2 - you can store the number of times your app is invoked on the Preferences then just check if it already exceeds your limit but then it can easily be broken by just uninstalling the application and download it again. I haven't tried this yet. Just my idea. Marc 2. Usage based ( 100 invocations of the application). On Wed, Jun 3, 2009 at 5:24 PM, aayush abhatnagar192...@gmail.com wrote: Hello list.. I had a query: If i wish to attach an evaluation license to my android application, how can that be achieved ? As for example, i may want to provide an evaluation license based application that expires in one of the following ways: 1. Time based (30 days etc) 2. Usage based ( 100 invocations of the application). Once the application's license expires, i need to restrict access to it from the user. Thanks in advance.. Best Regards aayush -- Regards, Sujay George Bernard Shaw http://www.brainyquote.com/quotes/authors/g/george_bernard_shaw.html - A government that robs Peter to pay Paul can always depend on the support of Paul. -- Regards, Sujay H. L. Menckenhttp://www.brainyquote.com/quotes/authors/h/h_l_mencken.html - Nobody ever went broke underestimating the taste of the American public. -- Regards, Sujay Mark Twain http://www.brainyquote.com/quotes/authors/m/mark_twain.html - There is no sadder sight than a young pessimist. -- Regards, Sujay H. L. Mencken http://www.brainyquote.com/quotes/authors/h/h_l_mencken.html - Nobody ever went broke underestimating the taste of the American public. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers-unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~--~~~~--~~--~--~---
[android-developers] Re: Licensing an Android application programatically.
Excellent Al. Looks great. -Original Message- From: android-developers@googlegroups.com [mailto:android-develop...@googlegroups.com] On Behalf Of aayush Sent: 03 June 2009 14:05 To: Android Developers Subject: [android-developers] Re: Licensing an Android application programatically. I am still in the requirements gathering stage, trying to make some use cases for the licensing requirements. Starting this thread really helped. For understanding and reference..i am using this resource: http://java.sun.com/javase/6/docs/technotes/guides/security/crypto/CryptoSpec.html On Jun 3, 12:41 pm, Sujay Krishna Suresh sujay.coold...@gmail.com wrote: btw aayush... if u r plannin to implement this can u plz temme how u r checkin the validity of a key?? 'm very bad with cryptography... On Wed, Jun 3, 2009 at 6:04 PM, aayush abhatnagar192...@gmail.com wrote: Yes...sounds neat indeed.. On Jun 3, 12:09 pm, mobilekid mobilek...@googlemail.com wrote: I would do the same. Get the android ID like this: String android_id = android.provider.Settings.System.getString (this.getContentResolver(), android.provider.Settings.System.ANDROID_ID); Then send it to your back-end and query the number of times you've made the same call or the date you firstly made a call against the unique ID. Hope it helps! On Jun 3, 11:02 am, Sujay Krishna Suresh sujay.coold...@gmail.com wrote: if i were u if my app already interacts with the web then i'll initially hit a url from the app with may the phone's unique id... i'll take care of everythin else at the web-side... this will make sure that there's not much change in my app's performance... but i dont exactly no if an android phone has any sort of unique id the possibilities to get such an id... if not the id u may go for the google acc registered with the phone... but this may have some limitations... On Wed, Jun 3, 2009 at 3:20 PM, aayush abhatnagar192...@gmail.com wrote: okay..thanks for the answer Marc. For #1 i believe i need to create my own certificate by using the keytool utility and sign it as you suggest. Time based is my only requirement..as of now. Usage based is not a priority for me. aayush On Jun 3, 2:34 pm, Marc Lester Tan mail...@gmail.com wrote: Hi, # 1 - I believe you can do this when signing your certificate. # 2 - you can store the number of times your app is invoked on the Preferences then just check if it already exceeds your limit but then it can easily be broken by just uninstalling the application and download it again. I haven't tried this yet. Just my idea. Marc 2. Usage based ( 100 invocations of the application). On Wed, Jun 3, 2009 at 5:24 PM, aayush abhatnagar192...@gmail.com wrote: Hello list.. I had a query: If i wish to attach an evaluation license to my android application, how can that be achieved ? As for example, i may want to provide an evaluation license based application that expires in one of the following ways: 1. Time based (30 days etc) 2. Usage based ( 100 invocations of the application). Once the application's license expires, i need to restrict access to it from the user. Thanks in advance.. Best Regards aayush -- Regards, Sujay George Bernard Shaw http://www.brainyquote.com/quotes/authors/g/george_bernard_shaw.html - A government that robs Peter to pay Paul can always depend on the support of Paul. -- Regards, Sujay H. L. Mencken http://www.brainyquote.com/quotes/authors/h/h_l_mencken.html - Nobody ever went broke underestimating the taste of the American public. -- Regards, Sujay Mark Twain http://www.brainyquote.com/quotes/authors/m/mark_twain.html - There is no sadder sight than a young pessimist. -- Regards, Sujay H. L. Mencken http://www.brainyquote.com/quotes/authors/h/h_l_mencken.html - Nobody ever went broke underestimating the taste of the American public. -- Regards, Sujay H. L. Mencken http://www.brainyquote.com/quotes/authors/h/h_l_mencken.html - Nobody ever went broke underestimating the taste of the American public. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from
[android-developers] Re: Licensing/Protecting apps
Al Sutton wrote: We've made an application licensing system available which will allow you to lock your apps down to a device, phone number, or expire on a date. It's currently free to use for anyone and we'd appreciate any feedback developers have to give. More details are at http://localhost/AndroidPhoneApplications/licensing.jsp This too is a localhost URL. -- Mark Murphy (a Commons Guy) http://commonsware.com Android Training on the Ranch! -- Mar 16-20, 2009 http://www.bignerdranch.com/schedule.shtml --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers-unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~--~~~~--~~--~--~---
[android-developers] Re: Licensing/Protecting apps
Maybe the live URL would be useful... http://andappstore.com/AndroidPhoneApplications/licensing.jsp :) Al. Al Sutton wrote: We've made an application licensing system available which will allow you to lock your apps down to a device, phone number, or expire on a date. It's currently free to use for anyone and we'd appreciate any feedback developers have to give. More details are at http://localhost/AndroidPhoneApplications/licensing.jsp Al. http://andappstore.com/ -- == Funky Android Limited is registered in England Wales with the company number 6741909. The registered head office is Kemp House, 152-160 City Road, London, EC1V 2NX, UK. The views expressed in this email are those of the author and not necessarily those of Funky Android Limited, it's associates, or it's subsidiaries. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers-unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~--~~~~--~~--~--~---
[android-developers] Re: Licensing question pertaining to the dex compilation process
Is this requirement coming from your reading of some license (like the LGPL)? If so, it is probably not a correct reading, since most licenses do not actually *require* dynamic linking (for example, the LGPL does not require dynamic linking, it just happens to be the method most often used to fulfill one of it's disjunctive clauses). To answer the immediate question, .dex files are not statically linked normally when produced, but are prelinked on the device by odex to everything in the bootclasspath. It is still possible to have external references in .dex files that are resolved at runtime (to .dex files not on the bootclasspath). So, effectively, the .dex files produced prior to being on the device are dynamically linked, get prelinked to stuff on the bootclasspath when put on the device, and any remaining references are resolved at runtime. So it is a mixture of static and dynamic linking. On Nov 20, 11:22 am, Nik Bhattacharya [EMAIL PROTECTED] wrote: I have a requirement that any 3rd party libraries that I use in my Android project should be dynamically linked from our source. I have put third party jars into a lib directory and use those jars on the classpath for my project. However, with the dex compilation process, all of the classes are compiled into a single dex file that then gets wrapped into the apk. Does this now constitute a statically linked 3rd party library. Thanks, Nik --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~--~~~~--~~--~--~---
[android-developers] Re: Licensing and Trial Software, the starts of a solution?
Technically I can't why, if you show an adsense advert and the user clicks the link, it wouldn't be valid, and we andsense mobile ads when you visit andappstore.com from an android device so I know the size of the ad is good for an android app, but I know from experience that Adsense uses the URL of the page to work out relevant ads (see below), so you may find that unless your using a web page to display the adsense ad you'll get non-relevant ads and/or they clicks may be suspicious because Google couldn't find the page which is the source of the ads. Al. http://andappstore.com/ Funny-ish side note on Adsense; One of the projects I'm involved in is a website which gives ratings on horse owners to stable yard owners. When a stable yard provides a stable for a horse for a fee it's called a livery stable (and the horse owners are commonly referred to as liveries), so the website is liveries.info. Adsense picked this up and started displaying ads about Liver disease and Alcohol abuse. not really relevant, but amusing... so I changed the subdirectory the app is located in to /StableYardReferences/ and the ads changed to ads about horse equipment :). barisistanbul wrote: What if I call a special web page from a WebView and add it to a adsense code. When I tried it I see I can do it but will this click count as invalid by adsense? I can alos see the advertiser web page... And what about handango store for android application? Anybody tried or will try? Thanks Baris On Oct 23, 9:03 pm, Al Sutton [EMAIL PROTECTED] wrote: This might be useful to some of you looking for a solution to the Trial/Pay-for dilemma; I've just made available some code athttp://www.andlicensing.com/which will allow you to create a license file which is a set of encrypted properties on one machine (such as a web server), and decrypt it on an Android device. It's not an all-singing all-dancing licensing solution, but what it will do is allow you to write your apps in a way where they can ask the user for a license file, store the encrypted license, and then enable or disable functionality based whether the license exists and what properties it contains. Anyway, hope it's useful. Al. Ed Burnette wrote: How about this idea: Call your program Beta for now and then in February (or whenever) retire the Beta version and come out with a new non-Beta version that has a charge. The only trick would be to prevent people from auto-updating from Beta to the commercial version without annoying them. IMHO Google did the developer community a disservice by not allowing for paid apps from day one. A lot of the developer energy on iPhone comes from dreams of riches made in the App Store. If at all possible, please get paid apps in place by this December at the latest. --Ed Hello, Android - now in 7th beta http://www.pragprog.com/titles/eband/hello-android On Oct 22, 4:25 pm, atrus123 [EMAIL PROTECTED] wrote: Another thing I was wondering if it would be possible to simply start charging for the app once that becomes an option. So we'd post our stuff now... free... and then go in and edit the price later on. It might be a good option; by then we'd have feedback, and any popularity might drive future revenue. I'd love to hear from a Google employee about how they expect this to work. On Oct 22, 4:07 pm, cyntacks [EMAIL PROTECTED] wrote: Hi Al, Great stuuf, to be honest I'm not as adept at licensing as I should be, given my job description and all! But there is def. a need for licensing of some sort. I'm really surprised we have to wait until Q1 (which, as we all know could mean as late as March 31!). It just really puts a damper on the whole thing and is going to create headaches for most of us. Time-to-Market is huge in this industry, and those of us who worked very long days for too long toiling in the dark will not be able to benefit (read $) from the vacuum created when the new store goes live on Monday. Just a shame, that's all... But then again, I guess we could use the opportunity to perfect our products, or create more apps. Keep on coding, and def. let me know about the licensing idea, very interested. Kevin On Oct 22, 3:57 pm, Al Sutton [EMAIL PROTECTED] wrote: Hi Kevin, I think you'll end up with two apps initially. I'm looking at working on a licensing solution because there seems to be a need. Do you have any tips as to what you'd like to see? Al. cyntacks wrote: Hi Al, I guess that is the question. Does Android support this type of transaction (i.e. lite version)? I don't recall seeing anything in the API about this. Of course I can just disable parts of the app, but how would the user upgrade to the full version?
[android-developers] Re: Licensing and Trial Software, the starts of a solution?
What if I call a special web page from a WebView and add it to a adsense code. When I tried it I see I can do it but will this click count as invalid by adsense? I can alos see the advertiser web page... And what about handango store for android application? Anybody tried or will try? Thanks Baris On Oct 23, 9:03 pm, Al Sutton [EMAIL PROTECTED] wrote: This might be useful to some of you looking for a solution to the Trial/Pay-for dilemma; I've just made available some code athttp://www.andlicensing.com/which will allow you to create a license file which is a set of encrypted properties on one machine (such as a web server), and decrypt it on an Android device. It's not an all-singing all-dancing licensing solution, but what it will do is allow you to write your apps in a way where they can ask the user for a license file, store the encrypted license, and then enable or disable functionality based whether the license exists and what properties it contains. Anyway, hope it's useful. Al. Ed Burnette wrote: How about this idea: Call your program Beta for now and then in February (or whenever) retire the Beta version and come out with a new non-Beta version that has a charge. The only trick would be to prevent people from auto-updating from Beta to the commercial version without annoying them. IMHO Google did the developer community a disservice by not allowing for paid apps from day one. A lot of the developer energy on iPhone comes from dreams of riches made in the App Store. If at all possible, please get paid apps in place by this December at the latest. --Ed Hello, Android - now in 7th beta http://www.pragprog.com/titles/eband/hello-android On Oct 22, 4:25 pm, atrus123 [EMAIL PROTECTED] wrote: Another thing I was wondering if it would be possible to simply start charging for the app once that becomes an option. So we'd post our stuff now... free... and then go in and edit the price later on. It might be a good option; by then we'd have feedback, and any popularity might drive future revenue. I'd love to hear from a Google employee about how they expect this to work. On Oct 22, 4:07 pm, cyntacks [EMAIL PROTECTED] wrote: Hi Al, Great stuuf, to be honest I'm not as adept at licensing as I should be, given my job description and all! But there is def. a need for licensing of some sort. I'm really surprised we have to wait until Q1 (which, as we all know could mean as late as March 31!). It just really puts a damper on the whole thing and is going to create headaches for most of us. Time-to-Market is huge in this industry, and those of us who worked very long days for too long toiling in the dark will not be able to benefit (read $) from the vacuum created when the new store goes live on Monday. Just a shame, that's all... But then again, I guess we could use the opportunity to perfect our products, or create more apps. Keep on coding, and def. let me know about the licensing idea, very interested. Kevin On Oct 22, 3:57 pm, Al Sutton [EMAIL PROTECTED] wrote: Hi Kevin, I think you'll end up with two apps initially. I'm looking at working on a licensing solution because there seems to be a need. Do you have any tips as to what you'd like to see? Al. cyntacks wrote: Hi Al, I guess that is the question. Does Android support this type of transaction (i.e. lite version)? I don't recall seeing anything in the API about this. Of course I can just disable parts of the app, but how would the user upgrade to the full version? Am I making to much out of this, will it all make sense come Monday morning? Kevin On Oct 22, 3:44 pm, Al Sutton [EMAIL PROTECTED] wrote: Can you not ship a cut down lite version with an option to pay for a fuller version? Al. atrus123 wrote: I'm disappointed that we won't be able to charge until next quarter, and it does put a slight dent in my plans. I guess I'll just sigh and deploy. On Oct 22, 1:56 pm, cyntacks [EMAIL PROTECTED] wrote: Ok, so the Market Place will be live on Monday, AWESOME! AWESOME! AWESOME! But here is a question for all you developers like us who are hoping to make some revenue off months of hard work. Does the API currently support a way to make our applications trial software? That is, making them free until March 1st or some other date, at which time the user will have to pay? Obviously getting on the phone and receiving user reviews is extremely important, but giving away all of our hard work just seems wrong. I have read that over 1 million people have pre-ordered the phone, that is a lot of free software giveaways.. What is everyone else doing? Waiting? Sayhing the heck with it and deploying? Just looking for some advice. Kevin -- Al Sutton W:www.alsutton.com B: alsutton.wordpress.com T: twitter.com/alsutton