We have a pretty good system of fraud prevention. It's either working 100%
or is totally flawed as I've never detected a single incident of piracy.
Our zero piracy rate may also be due to the nature of the app: Freemium in
the weather category. Pretty boring.
-John Coryat
--
--
You received
Just for the fun of it, I've read all the answers here. And Rob H. is the
one deserving my +1 ;)
Still, the idea of your solution is good, but it is even easier to pirate
your app. This is because the in-app purchase system is flawed an has
already been broken. It is enough for any user to have
don't have a paid version of your app in the market is a non
solution: ad supported apps don't make real money for the mid range
developers (with the top 1-2% of app developers perhaps being able
make a modest profit).
I know of at least one study to show users actually end up paying a
good
Yeah your right, my post might have sounded like just do ad-based free
apps, but I never meant to say you shall not have a paid version (that was
why I used the word version).
My key point is that you reduce the users motivation to look for pirated
versions if you have a free add supported
I think the point is that there's no way to stop pirates (0% piracy of apps
will never happen in this universe)- it's all about finding a balance
between user frustration and developer protection.
100% developer protection = forcing users to submit to total background
checks showing up at
My take on things is that the less you piss off your users, the better.
Unfortunately, Google's default licensing mechanism is not only cracked in
5 seconds, but it also pisses off users if they try to use your app outside
of a network connection. You can still stay with Google's method, but
I think if you're interested in protecting your app from piracy the best
way to do it is via the in-app purchase system. If you're making a game,
put it up there with level 1 for free. Thousands of people will check it
out. If they want to continue on to the other levels, well here's an
I have had a read of this thread and have come to the conclusion that the
best method could be to offer a freely distributable demo version for
download on the Android market so people can try out your game. Then if
they like it enough to buy the full version they DO NOT purchase through
the
You could do that but you'd be in violation of the Google Play developer's
agreement:
3. Pricing and Payments.
However, if you want to collect fees after the free trial expires, you must
collect all fees for the full version of the Product through the Payment
Processor on the Market.
And on top of that:
1. You're going to have a small nightmare if you want to roll out updates
to your customers. You certainly wouldn't want to do that by email. A
customer's email box quota could have been reached, the attached APK could
be too big for the email provider... and it's just a
We can tell you're new to development, and spelling too.
On Wednesday, July 22, 2009 10:28:50 AM UTC-7, astrocogz wrote:
I'm new to this whole thing about being a developer but, if you think
making your app hack safe and, your app's are not going to lose you your
user base. Then say a
On Friday 24 July 2009 20:16:41 Juan Hernandez wrote:
How can you guys even use the term software piracy and propose the dead
on arrival DRM and use Linux as a platform? it's because of people like you
that the industry is driven by crappy corporations.
Shame on you. Go and develop something
Cédric Berger wrote:
On Sat, Jul 25, 2009 at 00:41, Brian Conradbrianjto...@gmail.com wrote:
I've had unlockable trial versions of software and versions which were
crippled demos. The crackers eventually broke or created keygens for
the unlockable versions. But they never broke the
What didn't you understand in my last reply? It is trivial unless I
have misunderstood something.
I guess you got unit tests? Now take the code below. Replace the
download/decrypt code in your unit tests with something like what I
posted previously:
Properties license = new Properties();
The confusion arose because your previous post said Replace the code
that downloads the certificate and encrypts it, in this post you're
talking about the download/decrypt code, the first is a combination
of client code (download) and server code (encryption), the latter is
client-only code.
As I said previously. I have tried to protected java applications, and
I have done what I described with pure java applications, without
having the source code (I have even done it in assembler/machine code
on non java applications). I don't know much about the dex format and
what tools that are
And as I've said before they would need to do a crack per app and
potentially per version of the app if the developer so desired. Its'
a technique I've used for several years on various applications and
I've always offered up the source code so people see for themselves
it's not a trivial thing
On Jul 24, 6:01 am, Kaj Bjurman kaj.bjur...@gmail.com wrote:
Crackers don't think about if a program is expensive or not. They only
want to get known for their talents, and they crack all popular
applications, even if they are almost for free. So all popular
applications get cracked,
Just FYI, Jesusfreke has posted a dex [de]compiler set:
http://jf.andblogs.net/ (Smali and baksmali).
So there are already tools to do that (and Al, if you want to put up a
bounty for a simple/repeatable hack, that'd go a lot farther than
handwaving. Everyone else, if you want to claim that
As AndAppStore doesn't make a profit there's little I can offer in the
way of a prize, but if you want to create a simple/repeatable hack to
shut me up you're more than welcome.
Al.
On Jul 24, 4:10 pm, Disconnect dc.disconn...@gmail.com wrote:
Just FYI, Jesusfreke has posted a dex [de]compiler
Al Sutton wrote:
As AndAppStore doesn't make a profit there's little I can offer in the
way of a prize, but if you want to create a simple/repeatable hack to
shut me up you're more than welcome.
Clearly, therefore, we need a bounty to raise a bounty for the
simple/repeatable hack...
*ducks
I will offer a bounty of 5 UK pounds if you can raise me a bounty of
1000 UK pounds :).
(don't worry, I'm leaving the stage already)
Al.
On Jul 24, 6:49 pm, Mark Murphy mmur...@commonsware.com wrote:
Al Sutton wrote:
As AndAppStore doesn't make a profit there's little I can offer in the
Ed wrote:
On Jul 24, 6:01 am, Kaj Bjurman kaj.bjur...@gmail.com wrote:
Crackers don't think about if a program is expensive or not. They only
want to get known for their talents, and they crack all popular
applications, even if they are almost for free. So all popular
applications get
On Sat, Jul 25, 2009 at 00:41, Brian Conradbrianjto...@gmail.com wrote:
I've had unlockable trial versions of software and versions which were
crippled demos. The crackers eventually broke or created keygens for
the unlockable versions. But they never broke the crippled demo version
I have implemented a buy on Android Market to donate system. My
application is available for free on XDA Developers as an APK. Many
people take the plunge and make the 99 cent purchase because they were
pleased with the APK download I provided.
In my opinion, this is the best way to distribute
Any DRM should be programmed in the NDK - Dalvik bytecode is too easy
to modify when disassembled.
On Jul 22, 9:30 am, Moto medicalsou...@gmail.com wrote:
Sorry but I'm very mad about this situation! I found one of my
applications on the web all over for free! Every time I do an update 1
day
How can you guys even use the term software piracy and propose the dead on
arrival DRM and use Linux as a platform? it's because of people like you
that the industry is driven by crappy corporations.
Shame on you. Go and develop something on Windows CE or the iPhone.
On Sat, Jul 25, 2009 at
Case 2 doesn't hold. It's still a bit of security by obscurity.
There are several ways to remove what you describe. One way would be
to run the program in the emulator/debugger and see where it fails.
Then check what that method does and correct the logic. Run it again
in the emulator to see if
I am the developer of a fairly successfull application for Android.
My solution to the piracy-problem was: Give away applications for
free, and instead insert ads from (-- your favorite Ad network here
--).
So far it has paid off okay, I think I get more from the ads than I
would have selling
On Jul 22, 10:47 pm, Kaj Bjurman kaj.bjur...@gmail.com wrote:
Well said. Piracy will always exist. Our task, as a developer, is to
create something that is so good so that people want to pay for it.
I think this make the point. We should expect people really feel it's
worthy.
As for now,
We don't provice jars specifically for this reason.
The code to decode a license is less than 15 lines long and uses
standard java classes (i.e. nothing specific to the system or even to
Android). The code to test license properties is less than 10 lines
and again uses only java classes. You can
Sorry to say, but there's a huge flaw in your examples. The snippet
below is taken from your link:
X509EncodedKeySpec keySpec = new X509EncodedKeySpec
(ANDAPPSTORE_APP_KEY);
KeyFactory factory = KeyFactory.getInstance(RSA);
PublicKey key = factory.generatePublic(keySpec);
Cipher cipher =
Is the rate of piracy on Android significantly different from that of
any other platform? I would guess not--it might even be less. In other
words, don't spend countless hours and dollars chasing a goal that has
been already proven many times over to be unattainable. Doing so would
impact a
On Thu, Jul 23, 2009 at 3:07 PM, Ededmundcl...@gmail.com wrote:
Is the rate of piracy on Android significantly different from that of
any other platform?
I'd guess otherwise: with the paid Market only available in a few
countries, others will have to resort to using the MarketEnabler (as I
Good point about the Market in other countries. However, I was not
only referring to cell phones, but all platforms and software in
general.
My wild guess that Android software is less pirated is simply because
of the installed base. Since there are so many more users of other
platforms and
In fact, using the pirating site listed previously as an example, here
is what I found for each cell phone platform:
Symbian OS9: 39 pages of apps, 24 pages of games
Symbian OS6-8: 41 pages of apps, 34 pages of games
Nokia S40: 9 pages total of apps and games
PocketPC/Palm: 19 pages of apps,
It seems there is a very simple answer to piracy on this platform
anyway. If the market would keep a record of the device ID's that
purchased the app, it would be extremely easy to tell (via a server
based solution) which installations are valid and which are not. Then
again, what do I know?
And doing what you say should cause the application to operate as if
no license is present (i.e. demo mode).
The demo code is to cover all bases for all types of license where the
properties in the license are unknown. If you know that you'll be
using a specific license property your app should
This is actually one of the forums which honored my request to remove
my app from offered to download.
However, i see that some now post links from other sites on this forum
(instead of hosting the apks on ip-forum itself) to download my, and
many other, apps.
On Jul 23, 12:01 am, NitroDesk
Shouldn't the code on the page say that in that case, and it's still
very easy to spoof. Replace the code that downloads the certificate
and encrypts it with code that does this:
Properties license = new Properties();
license.put(p, TelephonyMgr.getLine1Number());
license.put(d,
I'm new to this whole thing about being a developer but, if you think making
your app hack safe and, your app's are not going to lose you your user base.
Then say a hello to the new world order of android. Stop bitching and think
of it as contributing to your community. I don't steel but I don't
The only safe app is one that has a service connected to it. So if you are
that much in a Tiff about it have a free or charged dummy or real service
connected to your app and host that service too. ix3.com has hosting for 12
dollars a year stop the excuses and blaming. god I hate whiners people
We're going to update the page, but we'd kind of assumed it was an
obvious thing to check.
As for your latest idea, the download code downloads an encrypted file
so an error would be thrown during decryption which would show up
problmes with a spoof server or modified download code.
I think you
Same here.
I have successfully removed (by asking moderators of online forums) my
app from multiple forums where it could be downloaded freely, but I
have not been able to keep up lately :(
It's a fact of life, alas. Every piece of software is pirated. I just
hope that most people think that 99
Welcome to software development. There is no known way to stop
software piracy short of software as a service (and don't worry, many
very smart people have tried). If it really bothers you that much
then write your software as a service and have the installed
application be a dumb terminal.
2009/7/22 Micah mi...@ourmailbox.net
application be a dumb terminal. Android devices are always online so
What universe do you live in? There is no such thing as 100% network
coverage on any phone network.
--~--~-~--~~~---~--~~
You received this message
2009/7/22 Moto medicalsou...@gmail.com
Sorry but I'm very mad about this situation! I found one of my
applications on the web all over for free! Every time I do an update 1
day goes by and BAM! For free on the web...
Yes, Google's brilliant solution to protecting apps on phones is stupid
On Jul 22, 6:41 am, Streets Of Boston flyingdutc...@gmail.com
wrote:
A killswitch could do make it more difficult: Add code to your app
that disables versions older than a given version.
Described here
I couldn't find much documentation on the site, but it doesn't look
like it will stop piracy, only make it a bit harder. Once you get hold
of the apk file, just modify it so that it isn't using slidelock any
longer.
On 22 Juli, 16:07, John Smith deltafoxtrot...@gmail.com wrote:
2009/7/22 Moto
It's a fact of life, alas. Every piece of software is pirated. I just
hope that most people think that 99 cents or a couple of bucks is not
worth getting a pirated version.
Well said. Piracy will always exist. Our task, as a developer, is to
create something that is so good so that people
I know that piracy will never end, I mean I'm a solo developer trying
to fight a war that multi-million companies have spent many millions
on protecting their content and still they get pirated...
Well yes there could be some ugly side effect if google adds more anti-
pirating features, so I
Maybe an activation licensing key for each binary may be the solution for
this. But then again, its easier said than done.
On Wed, Jul 22, 2009 at 8:20 PM, Moto medicalsou...@gmail.com wrote:
I know that piracy will never end, I mean I'm a solo developer trying
to fight a war that
2009/7/23 Moto medicalsou...@gmail.com
I know this method would soon or later be hacked but it's a better way
than current methods, since we still have those faulty Android version
that allow rooting..
I disagree, this is the same silly logic google used in their app protection
methods and
2009/7/23 Android Development indodr...@gmail.com
Maybe an activation licensing key for each binary may be the solution for
this. But then again, its easier said than done.
That's what slidelock does...
--~--~-~--~~~---~--~~
You received this message because
okay. I think it is the only way out of this. A secret key that you generate
and provide for each instance of the application sold.
On Wed, Jul 22, 2009 at 8:27 PM, John Smith deltafoxtrot...@gmail.comwrote:
2009/7/23 Android Development indodr...@gmail.com
Maybe an activation licensing key
2009/7/23 Kaj Bjurman kaj.bjur...@gmail.com
I couldn't find much documentation on the site, but it doesn't look
like it will stop piracy, only make it a bit harder. Once you get hold
of the apk file, just modify it so that it isn't using slidelock any
longer.
The same could be said for all
The pirates will either strip out the licensing requests from the
application or they will spoof a licensing server. Meanwhile, your
legitimate users can't use your application when they don't have
access to the licensing server (it's down, they don't have internet
access, etc.).
On Jul 22,
A while back Alias|Wavefront (now AutoDesk) tried the licensing server
thing. If I'm not mistaken they even had a hardware token required to
run their application and it still got cracked. That's an application
that retails for $2000 a box, and they couldn't secure their software
with a
2009/7/23 Micah mi...@ourmailbox.net
A while back Alias|Wavefront (now AutoDesk) tried the licensing server
thing. If I'm not mistaken they even had a hardware token required to
run their application and it still got cracked. That's an application
that retails for $2000 a box, and they
Mmm slidelock sounds like I'm gonna try it... I guess that's another
way to distribute an app instead of using the Android Market...
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google
Groups Android Developers group.
To post
There is also LM-X licensing server, that is promising.
On Wed, Jul 22, 2009 at 9:03 PM, Moto medicalsou...@gmail.com wrote:
Mmm slidelock sounds like I'm gonna try it... I guess that's another
way to distribute an app instead of using the Android Market...
What does the Android market send the developer when an app is
purchased? Is there any sort of notification?
-John Coryat
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google
Groups Android Developers group.
To post to this
We've made an open offer to Google before (and it is still open) that
we'd be happy to give them details of the AndAppStore licensing system
which is documented at http://andappstore.com/AndroidApplications/licensing.jsp
It's cryptographically secure, doesn't need network access once the
license
Most games/applications that gets cracked use the same copy
protection. It takes some time to crack the first software, the rest
of them is just a walk in the park.
On Jul 22, 5:24 pm, John Smith deltafoxtrot...@gmail.com wrote:
2009/7/23 Micah mi...@ourmailbox.net
A while back
Correct, Removing the part that makes the requests, and just return
true is what people usually are doing.
On Jul 22, 5:01 pm, Micah mi...@ourmailbox.net wrote:
The pirates will either strip out the licensing requests from the
application or they will spoof a licensing server. Meanwhile,
That form of approach is one of the main reasons the AndAppStore
system can download an encrypted license to the device which can be
stored and decrypted as neccessary. This means developers can;
1) Occasionally check the license is still valid by retrying to
download it, and if it doesn't
You have to log into the Market Developer Console to see purchases.
They don't send email notifications like some of the other online stores do.
Maps.Huge.Info (Maps API Guru) wrote:
What does the Android market send the developer when an app is
purchased? Is there any sort of notification?
There is a parallel world out there where it is ok to distribute
applications that we all have shed sweat and blood to build
see here : http://www.ipmart-forum.com/archive/index.php/t-337082.html
Can't stop them, like someone pointed out earlier; not sure the
creators of Android would ever care,
68 matches
Mail list logo
