User topics

Article topics

Log in Sign up

Google sets Android on pirates

Android now comes with an API allowing applications to phone home to check for a licence when launched, locking out pirates and anyone with an unreliable data connection. The "Licensing Verification Library" does allow the developer to permit caching of responses, so an application shouldn't stop working when one gets on a …

COMMENTS

House rules Send corrections

This topic is closed for new posts.

Thursday 29th July 2010 12:24 GMT MarkOne

Non-news

My applications already do this using their own bespoke setup (MyBackupPro for example). This system just allows everyone to do the same without writing lots of code and hosting your own authentication servers, Google will do all that for you.

I think this is win/win. It's a win for Developers, it's a win for Android consumers, it's a win for Google. Obviously the only people that will be upset are the pikey freeloaders.

1 6
1. Thursday 29th July 2010 13:06 GMT Anonymous Coward
  
  Confused
  
  If you think it's great news (and it is)... how can you class it as non-news?
  
  0 0
2. Thursday 29th July 2010 13:06 GMT lglethal
  
  Until google decide to monetise this too...
  
  ... by sending back everything you do...
  
  "Dont be evil - unless there's money to be made from it" (the true google slogan)
  
  3 0
3. Thursday 29th July 2010 13:11 GMT ChrisC
  
  Obviously the only people that will be upset are the pikey freeloaders.
  
  Or anyone on a foreign holiday who returns home to find their monthly bill bumped up by roaming data charges...
  
  Or anyone who gets locked out of their app in areas of poor/non-existent data reception because the developer chose to apply an overly-strict phone-home policy...
  
  Or anyone who doesn't like the idea of their app usage being potentially tracked...
  
  I don't have an issue with developers wanting to protect their work, but I do have an issue with any protection scheme which has real potential to screw things up for genuine purchasers of said work. If I had a pound for every time I've heard someone say "I've bought the original, but I still use a pirate copy because it works better" then I'd be pretty damned rich by now. I'd also have had to pay myself a few quid, because I'm one of those people who've been bitten by over-zealous protection schemes preventing me from using stuff I've paid for until I found a crack.
  
  9 1
  1. Friday 30th July 2010 12:15 GMT Anonymous Coward
    
    @ChrisC
    
    Exactly!!!
    
    And depending on how this is implemented it may not stop the pirates anyway.
    
    0 0
4. Friday 30th July 2010 09:21 GMT A J Stiles
  
  Who are the real freeloaders anyway?
  
  Is it "freeloading" to expect to be able to use a piece of software for nothing?
  
  Or is it "freeloading" to expect to be paid a sum of money every time someone uses a piece of software that you wrote?
  
  1 0
Thursday 29th July 2010 13:06 GMT Gary Wood

Great until ...

... I go on holiday and disable data for 3 weeks.

As long as they set sensible limits, I'm happy with this ... maybe a big re-validate all button on the Android config screen to give you a month of grace?

0 0
Thursday 29th July 2010 13:06 GMT Anonymous Coward

Very nice,

But I've not seen any copy protection that works 100% (apart from the PS3, and that's because its partially hardware).

People will just end up cracking either android or the software or both like they do on iPhone.

A nice idea for software trials for the average user though... but piracy always finds a way I'm afraid.

2 0
1. Thursday 29th July 2010 23:43 GMT Paul Crawford
  
  But "good enough"?
  
  I think you may have missed the point here, much like a lot of folk, and it comes down to finding a balance that (a) keeps enough income for you, the developer, and (b) avoids pissing the legitimate customer off.
  
  If you keep say 80% of users paying a quid or two for their apps, and no one really has trouble, then you could sell millions and you have won financially.
  
  If, on the other hand you piss off your users but enforce 99.9% pay rates then you could end up getting a few quid from just a couple of thousand. FAIL.
  
  Sadly a lot of companies fall in to the 2nd category because the believe their IP is so damn precious they can't allow anyone to bypass the increasingly complex, expensive, and inconvenient systems. Which often don't work for long as there need only be one hacker that is brighter, luckier, and/or more resourceful then them.
  
  Find the right balance and you will be rewarded, maybe Android will have it? Devil in the detail though.
  
  1 0
Thursday 29th July 2010 13:06 GMT Anonymous Coward

Sorry? This *is* news...

Copy and paste the body of the article into your favourite text editor, change all instances of "Google" to "Apple" and re-read it. If it were Apple doing this, the majority of lazy commentards would be ranting apoplectically about how evil Jobs is and "HOW DARE THEY!!! IT"S MY DEVICE!!!" Et cetera...

6 6
1. Thursday 29th July 2010 14:15 GMT Anonymous Coward
  
  No
  
  People complain about Apple because Apple dictate what software can and can't be loaded on the phone. This is merely about allowing developers that charge for their app to have some confidence it won't get ripped off by freetards.
  
  There's nothing wrong with this and the model chosen (especially the caching of responses and piping everything through Android Market to ensure apps don't need excessive privileges) seems quite well considered and thought out.
  
  4 3
2. Thursday 29th July 2010 14:46 GMT Maliciously Crafted Packet
  
  But its a tradition on the Reg comments...
  
  to give Android a free ride. Android is so perfect that it is beyond criticism.
  
  Despite the fact that its full of bloatware, has a fragmented OS/UI, and most android devices have dreadfully short battery life.
  
  If I was a developer I would stick to iOS. Your code wont get pirated and you have access to a much larger and growing ecosystem.
  
  According to this guestimate in Wired, iOS devices are selling "42 percent more than Android".
  
  http://www.wired.com/epicenter/2010/07/letter-from-silicon-valley-doing-the-androidapple-math/
  
  Do you really want to be stuck developing for a second tier platform where your code is open to freeloaders and the like.
  
  0 9
  1. Thursday 29th July 2010 15:57 GMT Anonymous Coward
    
    Allow me to retort from sanityland
    
    "to give Android a free ride. Android is so perfect that it is beyond criticism."
    
    Yes, there are a lot of Apple haters on El'Reg, who do side with Android. Just as many as there are Android haters who side with Apple. Since we're neither*, lets continue:
    
    "Despite the fact that its full of bloatware, has a fragmented OS/UI, and most android devices have dreadfully short battery life."
    
    The UI has stayed pretty much identical from the start, yes there are several versions and there are several versions in the wild, as with iOS. Your point being? OS's evolve, smartphones suck battery? Welcome to Earth.
    
    "If I was a developer I would stick to iOS. Your code wont get pirated and you have access to a much larger and growing ecosystem."
    
    I think you'll find that Android has the trumps on the larger and growing ecosystem. Just purely by the sheer number of devices running (and soon to be running) it. Piracy, did you read the article or just the title? That however is irrelevant, see below.
    
    "Do you really want to be stuck developing for a second tier platform where your code is open to freeloaders and the like."
    
    No, that's why I chose Apple and Android. This gives access to the two largest phone platforms and now thanks to Google, I have some piracy protection on Android.
    
    As a developer, I want profits. At the moment, they come from the iPhone, as Android grows and it's user base outgrows the iPhone's, the lower profits from Android will eventually gain on that made from the iPhone, and I'll be earning the best I can be.
    
    Like you say, you're not a developer, so you're posting on this article because? Ah yes, your previous comment titles:
    
    - Antennagate vs Bloatware
    
    - Flash version for Android
    
    - Open Android? In your dreams
    
    *You're an Apple fanboy aren't you?
    
    ;-)
    
    3 1
    1. Thursday 29th July 2010 23:43 GMT Blain Hamon
      
      It's all a matter of picking your poison.
      
      With regards to the original post, I do remember the outrage on Apple providing an optional means for developers to make money, called iAd. But really, any Apple and/or Android article brings out the flames and the juicy juicy page hits, eh?*
      
      I've got a T-mo G1 on 1.6** and Android has some things that still really really bug me. First, the fragmentation is very annoying: My less-than a year old android unable to upgrade to 2.0***, when two year old iPhones/iPods can run 4.0****.
      
      On the Android UI, ennnh. It's fragmented even within the same OS. Sending a text message, the 'send' button is above the keyboard. In other apps, the fame functionality is in the bottom of the keyboard.
      
      In the browser, there's no way to know if hitting the back button will exit the browser, go back one page, or close that window and return to another window. I've seen all three actions. Sometimes when you exit the browser and come back, all the windows are gone, and maybe even missing from history. Horribly inconsistent unless you've memorized how it functions and what state it's in.
      
      In messaging, if you switched by holding down home, sometimes hitting back will take you to all threads, sometimes it exits the app. If you use Menu>More>All Threads, it appears you've exited the thread, but if you hit back again, the thread you've exited from reappears.
      
      AC@15:57 is quite right; As a developer, follow the profits. I disagree with him that I am not sure that Android will be a stronger revenue source in the future. Or rather, that Android's marketplace will reach as many customers as things like OPhone and carrier customization fragment things. But that's the reason we don't put all our eggs in one basket.
      
      *Not that there's anything wrong with making an advertising buck. By the way, is it me, or did El Reg's flash-based adverts go away?
      
      **Yes, even though I'm an iPhone dev, because I want to give AT&T as least of my money as possible. I used to have a Sidekick, but MSFT killed that off.
      
      ***I'm aware that if I were to root and hack my system I *might* cobble together a 2.1 build. But that'd be like saying the iPhone doesn't have app store restrictions because you can jailbreak it.
      
      ****Technically you can install iPhone OS 4 on a 3G, but I'd heavily advise against it, which is a nice way of saying, 'it sucks on the 3G'.
      
      1 0
    2. Friday 30th July 2010 15:54 GMT Mitch Kent
      
      Bazinga
      
      Served...
      
      0 0
3. Thursday 29th July 2010 14:55 GMT Doc Savage
  
  Re: Sorry? This *is* news...
  
  Exactly as Arkasha said, and to add to that, you do still have a choice. Nobody forces you to use the Android Market provided by Google, you can choose another app store, like SlideMe etc. That is what Android is about.
  
  If Apple had done this, the users wouldn't be able to choose another App Store.
  
  As a developer myself, this is a good thing.
  
  5 2
Thursday 29th July 2010 13:11 GMT Alan Bourke

Wait until the Daily Mail gets hold of this!

The Google docs say:

"The application provides its package name and a nonce"

Oi! You nonce!

0 0
1. Thursday 29th July 2010 14:16 GMT Anonymous Coward
  
  re: Wait until the Daily Mail gets hold of this!
  
  That's just Nonce Sense (etc.)
  
  1 0
Thursday 29th July 2010 13:12 GMT DrunkenMessiah

Good stuff

Glad Google is doing something about the rather easy piracy in Android, it's long overdue.

1 2
Thursday 29th July 2010 13:14 GMT Mark Broadhurst

Pikey Freeloaders ?

I don't have any problem with buying software but if I need to go to china currently it costs me a fortune to call back with my mobile or use data while I'm there.

This will just increase the cost unless developers set it to reasonable limits like checks once a fortnight or every 100 launches, rather than everyday or every launch.

4 0
Thursday 29th July 2010 13:15 GMT Tony W

Could cost

Some data roaming rates charge per day used and there is usually a 100 kb minimum charge per session. For visitors to the US for example, validation could soon cost more than a typical app price.

3 0
Thursday 29th July 2010 13:50 GMT PatC

Minimal problem on iPhones?!

.. apart from my missus (who works for apple) everyone I know with an i-cant-phone has it jail broken and rammed full of "trial" (read: stolen) apps ..

Of course, this could just say something about the sort of people I know (financial fools maybe, but at least minimally tech savvy) ..

3 1
Thursday 29th July 2010 13:50 GMT TomasF

"If it were Apple doing this, ..."

...it would be an improvement. Since it's Google doing this, people are upset. It's all about the baseline.

1984 avatar because... you know...

3 2
Thursday 29th July 2010 14:46 GMT Anonymous Coward

One can only hope..

..that this will screw those spamming tards all over the app store, spamming their pirate site-.All over the feckin' app store, a******p********d.com (I don't intend to give those meerkat mimsies a free advert).

As it is, done right, this will work like steam, as long as the caching is used properly.

1 1
Thursday 29th July 2010 14:50 GMT Steen Hive

Oh well

If this proves to be in the slightest inconvenient with respect to software I bought, or if I get a whiff that its is harvesting more data, I'll just replace the validation lib with something I wrote myself and give it away.

6 0
Thursday 29th July 2010 14:50 GMT Terry H

What part of open source did I miss

Well everyone else covered roaming data charges, and time bombed shiteware and most of the other good stuff. But I can still add this nugget:

Android is open source right? Even if they don't open source that module it wouldn't matter any at all. The API is known, most anyone with just a little time and a compiler should be able to defeat this or any other documented API in fairly short order. You say "Oh no, that would beak marketplace". WHY? I can wrap and rename marketplace - done and dusted. WAY easier than installing a custom build when you don't have root access. Well some people allege to have figured that out in some special cases. But it seems you must have physical access to the hardware to make that work, so no worries there.

I agree with not wanting your stuff pirated, but this seems trivially stupid.

3 0
1. Thursday 29th July 2010 23:44 GMT Blain Hamon
  
  The eternal arms race
  
  I haven't fully read the docs, but it does look like they use public key encryption to ensure that the response is a valid one coming from Google, and that some of the API is compiled into your app. That is, it's entirely possible that the only part the OS provides is the HTTP connection. If the verification also includes an encrypted timestamp to thwart repeating the verification, even replacing the OS might be insufficient to crack it.
  
  Of course, were you to modify the application, all bets are off already, open source or not.
  
  0 0
Thursday 29th July 2010 16:13 GMT Stephen W Harris

But what if I'm underground?

What if I (in New York) am on the New York subway; there's no signal there. Does that mean I can't launch my app? I regularly fire up an ebook reader or a game of solitaire or similar so I can pass the 1/2hr or so until I reach my destination without being bored.

Having a anti-piracy API require live-data access just doesn't work. It should create a cryptographically signed key which can be stored on the device and is specific to the device. Then the app can verify the key at startup regardless of data access.

1 0
Thursday 29th July 2010 23:43 GMT Anonymous Coward

An API that reports back to the mothership

...from the biggest data harvesters on the planet. Not especially surprising. I wouldn't have anything as personal as a phone with an OS written by Google. Looks shiny and everything, but just...no. Or an iPhone, for similar reasons.

0 0
Friday 30th July 2010 08:07 GMT gherone

Will not buy app which includes this technology

Any app with a "dial home in order to work" schema will not be installed on my phone. As listed by others, roaming and data charges are a big concern, but the bigger issue for me is the longevity of the developer. What happens if the developer is no longer around to provide authorization tokens? How will I get a refund for the application and my time spend to learn it when I can no longer use the application I paid for?

I tend to keep my apps around, and I have a VERY BIG issue with "I just fixed the help file, it is now a new version, please update / upgrade for only 50% of the original purchase price" which seems to be the trend in the industry. I have no issues with developers being paid, but I do have an issue with forced upgrades or mixing up a SALE (can use the software forever once I paid the license) with a TIME LIMITED RENTAL (until next rev comes around, 6 to 8 month down the road, then only the newer version gets tokens).

I still use once in a while my WordStar on a Kaypro 4 CP/M computer, and it still works, although none of the companies involved are still around (Digital Research for the OS, WordStart Corp. for the program and Kaypro for the hardware). If Google gets its way and this dial home for token schema takes off, you are SOL when, not if, any of the companies involved in the authorization chain goes out of business or decides to stop supporting the older versions of their software.

I've run into DRM issues with critical pieces of software which are no longer supported (vendors out of business, huge expenses to move over to a competitor) in the CAD and CAM world, and I see no reason to buy with my personal cash into the same problem on my cell phone.

Hope Marketplace clearly marks the apps which dial home in order to work, so I can avoid them like the plague....

1 0
Friday 30th July 2010 08:28 GMT Anonymous Coward

RE: Palm OS

"Palm OS had a nice feature locking applications to user names, which not only meant applications couldn't easily be copied between users but automatically allowed migration to new hardware."

Not very effective, though. There's an easy to use app that lets you spoof or reset names on a per-app basis.

0 0
Friday 30th July 2010 08:54 GMT Steve Roper

Just another reason not to use Android for me

While it's reasonable that developers should have some means of protecting their work, the features mentioned for the API in this article go way beyond that purpose. Giving developers the option to limit the number of times the app can be launched? That stinks of the same rip-off as that known as pay-per-view. If I pay for an application or media content, I get to keep it for as long as I want and use it whenever I want, without being forced to pay again and again for what I've already purchased. These artificial restrictions are tantamount to theft, because they take my money and then prevent me from using what I paid for. And it guarantees I won't be using the Android platform now or in the future.

0 0
Friday 30th July 2010 12:21 GMT D. M

Not on my phone

Phone home before I can use app I already paid? There is no way in hell I'm going to install any of those. If you happen to be overseas, as already pointed out here, the data charge would be huge (remember mobile data charge by a block of certain amount).

However, it is still miles better than Apple, at least, you don't have to use the "official" market.

0 0
Monday 2nd August 2010 08:14 GMT davenewman

Market app is not open, not on all Android phones

There is a problem with using the Market app to "call home". As it hasn't been released under an open source licence, only phones with licences from Google have it. Those using the fully open Android code (like Android on Freerunner) cannot use this code, since they cannot install the market app.

0 0

This topic is closed for new posts.

Other stories you might like

CISA in a flap as Chirp smart door locks can be trivially unlocked remotely

Hard-coded credentials last thing you want in home security app

Security 15 Apr 2024 | 49

Google One VPN axed for everyone but Pixel loyalists ... for now

Another one bytes the dust

Personal Tech 12 Apr 2024 | 7

Vodafone and Three's UK merger hits regulatory roadblock

Watchdog concerns about price hikes and consolidation remain unresolved

Networks 4 Apr 2024 | 11

Brits blissfully unbothered by snail-paced mobile network speeds

Too busy not using X to notice

Networks 20 Mar 2024 | 53

Microsoft drags Windows Subsystem for Android into the trash

Amazon Appstore tieup fizzles out, too

OSes 5 Mar 2024 | 55

Nano a nono: Pixel 8 phones too dumb for Google's smallest Gemini AI model

Updated Some might say a blessing in disguise

Personal Tech 8 Mar 2024 | 12

Lawsuit claims gift card fraud is the gift that keeps on giving, to Google

Play Store commissions are a nice little earner, wherever they come from

Cyber-crime 7 Mar 2024 | 22

Google debuts first Android 15 developer preview without a single mention of AI

Expect it to be stable in June, ready for release sometime after July

OSes 19 Feb 2024 | 10

More AI for cell networks as Intel rolls out vRAN platform

MWC Plus fresh edge compute system that may be able to run on existing infra

Systems 26 Feb 2024 |

AT&T's apology for Thursday's outage should stretch to a cup of coffee

Check your service level agreements to make sure you'll at least get a slice of cake when your vendor goes down

Networks 26 Feb 2024 | 13

Cybercriminals are stealing iOS users' face scans to break into mobile banking accounts

Deepfake-enabled attacks against Android and iPhone users are netting criminals serious cash

Research 15 Feb 2024 | 30

Nokia brainwave turns cell towers into cash cows with backup batteries

Lower operator energy costs or sell power back to grid for $$$

Networks 22 Feb 2024 | 28

The Register Biting the hand that feeds IT

About Us

Our Websites

Your Privacy

Situation Publishing

Copyright. All rights reserved © 1998–2024