Was just wondering what peoples thoughts were on using the Android Licensing copy protection in their apps? Do you use it and do you spend a lot of time on it or have any creative ways to help enforce it?
As we all know any kind of drm will always be cracked but I just wanted to know if people found it worthwhile to have..
I'm using In-app-billing, because I found that even licensed apps can be copied.
And yes, all apps can be cracked eventually, but most of the publishers of cracked apps remove them if you ask to. So that's what I'm gonna do!
Sent from my Nexus 4 running Android 4.2 JB
I don't like license checks that force you to be online, but I do like to have 'something' in place...
Recently I started working with some OEMs in India who wanted to pre-load my apps on their devices. Very exciting obviously, but I didn't know if I could trust them as I'd never heard of them.
So what I did was get the app to load a web page on one of my servers off the screen (9000%x...) so that it couldn't be seen. The page it linked to was empty, but if I wanted to I could modify the code to include a redirect that would send it to another page. Then in my 'onPageOverride' event I just said if URL = 'stopapp.htm' then do whatever it was I wanted to do.
What I actually have it do in that event is to fill the entire screen with that web page. The user then can't interact with the app underneath, but they get a message that I can create at the time saying 'This app has been illegally distributed' or whatever else I want to say. I can even forward them on to the download page if I want this way.
This works well too because if the user isn't online, the page just doesn't load and nothing happens. But if I want to stop offline use as well I can save a file in File.DirInternal and have the app check for that. 'SwitchOff.txt'. They get caught once, then they can't use the app.
Obviously this doesn't work quite like a license check, but what you *could* do with it is to have the app pop up with a message to people using an old version that's not updated. That's probably downloaded off of some file sharing site, so you could then just keep pestering them to 'update' and send them to the Play Store to do so. You can also check how many of the users on that version of your app are legitimate by looking at your Play Developer Console.
One thing to note is that the redirect URLs you use will need to be different in every version of your app that you release.
Hope this helps someone! I wish I'd done it sooner, one of my apps is all over the web grrrr...
pretty much the same as what I'm doing atm except I just ping a server in the background and display a popup if the result meets certain conditions.. I don't disable the app either as I can't be 100% certain it's pirated, instead I display a "scary" popup saying if they're using a pirated copy this is illegal etc.. your average user won't know how the popup was generated so it should be enough to make them think "someone" is onto them and go the proper route.. With the added bonus a genuine user can just press ok and carry on using the app
Sent from my Nexus 4 using Tapatalk 4
Currently, none of my apps use licensing.
For one of my paid apps, about 5% of the downloads are from non-Google Play sources, meaning, I'm not seeing any revenue from those 5%.
There is an Android API, that allows developers to see which platform their app was downloaded from. So, I've been thinking about adding that hidden feature to my apps and maybe do something fun with it. But, haven't got around to it yet. My thinking has been that if somebody downloaded a pirated copy of my app, then they probably weren't going to pay for it in the first place. And, hopefully, they will tell their friends about it and maybe one of them will actually purchase it through Google Play.
I already have all my licensing code in place and commented out. Since my app is pretty new I want to see how it does before adding licensing. Since the app is free and income is from IAP its not too bad. I'd only turn on licensing in the next release if I see a pressing need for it.
Currently, none of my apps use licensing.
Related
http://digitizor.com/2011/07/21/android-malware/
Android has had its fair share of malware problems. Whenever malware are detected, Google reacts swiftly and remove them. However, according to security researcher Neil Daswani, around 8% of the apps on the Android market are leaking private user data.
Neil Daswani, who is also the CTO of security firm Dasient, says that they have studied around 10,000 Android apps and have found that 800 of them are leaking private information of the user to an unauthorized server. Neil Daswani is scheduled to present the full findings at the Black Hat Conference in Las Vegas which starts on July 30th.
The Dasient researchers also found out that 11 of the apps they have examined are sending unwanted SMS messages.
Google needs to take charge
This malware problem on Android has become too much. One of the main reason that we see malicious apps in the market is because of the lack of regulation in the apps that get into the Android Market.
Sure, the lack of regulation can be good. It means that developers can make their apps without worrying if Google will accept their apps or not. It fits into the pre-existing application distribution model where anyone can develop and publish their own apps.
However, this comes at a price - the malware problem. Yes, most of the problems with these malicious apps can be avoided if only users read the permission requirements of the apps. But, what percentage of the users actually read the permission requirements of all the apps they download?
I think that it is time that Google make approval of the apps a requirement before it gets into the Market. They do not need to do it like Apple, but a basic security check before an app gets on the market will be nice.
If nothing is done about and this problem is allowed to grow, it will end up killing the platform.
Ur a good man
Sent from my PG86100 using XDA Premium App
Get an iPhone then.
Don't know if apple should approve or disaproove since that can slow down the release of new apps, but they need to check, that's for sure.
Yeah, just read permissions when installing applications. A lot of them will state access to personal data (such as contacts, browser history, etc.)
Such apps like MP3 downloaders contain ALOT of this malware.
if you're that paranoid.....LBE Privacy Guard + Droidwall = #winning
This article is very true in sense of lacking of control on big G part. My friend developed an app and he was able to get it into market almost instantly. I was very shocked to find that no scanning or checking was done.
Therefore, it's a risk that we take everyday to use these apps, specially, custom ROMs because who knows what it installed really. Users just need to be aware of their action, and don't use bank apps on rooted devices, or corporate email on rooted devices, or email yourself passwords to your online banking from your rooted devices. My thought is that, if it's out there then somebody can get it these days with all the technologies.
A little bit of common sense when installing apps can go a long way. You stifle the market too much when you cater to the lowest common denominator but then if you don't you get stuff like this.
+1 on Droidwall too, great app. Just don't turn it on and then forget about it before getting it set up properly, it's a pain figuring out why you can't use the internet on anything lol
xHausx said:
A little bit of common sense when installing apps can go a long way. You stifle the market too much when you cater to the lowest common denominator but then if you don't you get stuff like this.
+1 on Droidwall too, great app. Just don't turn it on and then forget about it before getting it set up properly, it's a pain figuring out why you can't use the internet on anything lol
Click to expand...
Click to collapse
hahaha, was tryna to download a new app and wondering why it just stalled kept on saying, downloading..... downloading paused....blah blah!!! lol
turns out it was droidwall (even with market enabled) lol
Yea when a simple clock widget wants to read your contact, data and location but has no ads or settings, I avoided that one.
I prefer the risk of an open system to the purgatory that is a closed system ruled by a draconian company any day.
Oh look iOS does this too.
/troll
DoctorComrade said:
Oh look iOS does this too.
/troll
Click to expand...
Click to collapse
hah, they're at almost 50%
I posted this in another forum but I want to know what you guys here think about android security.
How worried are you all about security on the android platform? Don't you find it a little unnerving that anybody could upload and app to the android market and there is no verification of the app like on IOS platform. Anybody could write an app that looks legit but does devious things. All this along with there are very very few security applications and they are in the infant state. Don't you find it very dangerous? How do you try to maintain security on your android device? Don't download apps? Only download from known publishers? Or do you roll the dice and download anything? If you use a security app which one?
the_main_app said:
I posted this in another forum but I want to know what you guys here think about android security.
How worried are you all about security on the android platform? Don't you find it a little unnerving that anybody could upload and app to the android market and there is no verification of the app like on IOS platform. Anybody could write an app that looks legit but does devious things. All this along with there are very very few security applications and they are in the infant state. Don't you find it very dangerous? How do you try to maintain security on your android device? Don't download apps? Only download from known publishers? Or do you roll the dice and download anything? If you use a security app which one?
Click to expand...
Click to collapse
There are viruses for Android.....right ?
Besides , if you're smart enough you can check whether an app needs such permissions when installing , through the Mart or an .apk .
I don't like the way iOS works , they give too limited functionality .
Forever living in my Galaxy Ace using XDA App
the_main_app said:
I posted this in another forum but I want to know what you guys here think about android security.
How worried are you all about security on the android platform? Don't you find it a little unnerving that anybody could upload and app to the android market and there is no verification of the app like on IOS platform. Anybody could write an app that looks legit but does devious things. All this along with there are very very few security applications and they are in the infant state. Don't you find it very dangerous? How do you try to maintain security on your android device? Don't download apps? Only download from known publishers? Or do you roll the dice and download anything? If you use a security app which one?
Click to expand...
Click to collapse
i dont use a security app, i use common sense.
a game doesn't need access to my contacts...
notepad app doesn't need access to my private information...
this is why android phones are for the power users and shouldn't be used by soccer moms and grandmas - because they have no clue what they are doing with these phones except for when a phone call or text message comes in... let them have the iphones.
but if you are tech savvy, and want to squeeze every bit of user capability out of your phone, a high end android phone is for you.
the people that are tech savvy also have the awareness because they treat their phone like a computer, and not a phone.
just my thoughts.
I think the best thing would be if android embraced that the user can choose which permissions to give to apps. I mean, an app may want to know your location, you denies it, and the app continnues happily without using that functionality, or quits saying its essantial.
cobraboy85 said:
i dont use a security app, i use common sense.
a game doesn't need access to my contacts...
notepad app doesn't need access to my private information...
this is why android phones are for the power users and shouldn't be used by soccer moms and grandmas - because they have no clue what they are doing with these phones except for when a phone call or text message comes in... let them have the iphones.
but if you are tech savvy, and want to squeeze every bit of user capability out of your phone, a high end android phone is for you.
the people that are tech savvy also have the awareness because they treat their phone like a computer, and not a phone.
just my thoughts.
Click to expand...
Click to collapse
very well put, unfortunately most dont think like this..
It is always a good habit to check the permissions an app needs before installation.I personally think that a system should be implemented in android market where all apps are erquested to give informaation on "Why they need certain permissions?".Certain apps do that.
An antivirus program is also useful in my opinion.I use Lookout antivirus,as i find it simple to use and does not slow down my phone.I tried avg but it slowed down my phone terribly.
hiitti said:
I think the best thing would be if android embraced that the user can choose which permissions to give to apps. I mean, an app may want to know your location, you denies it, and the app continnues happily without using that functionality, or quits saying its essantial.
Click to expand...
Click to collapse
But, as a matter of degree, this just what we wish. The fact may be far beyond our imagination. Sometimes, malware still run certain functionalities even you cancel it. It's worse that some apps run secretly in system. I'm a little scared about security issue based on my PC.
cobraboy85 said:
i dont use a security app, i use common sense.
a game doesn't need access to my contacts...
notepad app doesn't need access to my private information...
this is why android phones are for the power users and shouldn't be used by soccer moms and grandmas - because they have no clue what they are doing with these phones except for when a phone call or text message comes in... let them have the iphones.
but if you are tech savvy, and want to squeeze every bit of user capability out of your phone, a high end android phone is for you.
the people that are tech savvy also have the awareness because they treat their phone like a computer, and not a phone.
just my thoughts.
Click to expand...
Click to collapse
But a game might ask for internet/network permissions which you would probably accept. How do you guard against this? How can you prevent a malicious app that asks for relavent permissions but abuses them?
I never take the time to study the permissions required when I download an app from the market.
I tend to avoid the low number of d'load apps..... partly as there is less feedback to judge.... and partly as any app thats worth the download will have high stars and many d'loads.
Works for me so far.
Netquins running in the background just in case...... but whose to say they dont upload my contacts for spamming?
Prof Peach said:
I never take the time to study the permissions required when I download an app from the market.
I tend to avoid the low number of d'load apps..... partly as there is less feedback to judge.... and partly as any app thats worth the download will have high stars and many d'loads.
Works for me so far.
Netquins running in the background just in case...... but whose to say they dont upload my contacts for spamming?
Click to expand...
Click to collapse
But what about new apps that may be legit? They won't have any reviews yet or stars. If everybody did the same as you it would never get reviews or stars? There's got to be a better way, don't you agree?
the_main_app said:
But a game might ask for internet/network permissions which you would probably accept. How do you guard against this? How can you prevent a malicious app that asks for relavent permissions but abuses them?
Click to expand...
Click to collapse
That's the only question above that can't be answered by LBE Privacy Guard.
Someone mentioned a game that wants access to your contacts. What if you really want the game? You just don't allow it access to your contacts and then play it anyway.
Most apps ask for access to your IMEI (you'd be surprised how many!) With LBE they don't get it.
Antivirus software is all well and good, but it's not the same as on a PC where pattern matching can be used. AV software on Android basically opens the apk file and has a look round to see if anything looks suspicious. Other than that, there's nothing it can do to stop a clever developer bypassing it.
Seriously, if you have concerns then get LBE and start restricting permissions access on an app-by-app basis.
johncmolyneux said:
That's the only question above that can't be answered by LBE Privacy Guard.
Someone mentioned a game that wants access to your contacts. What if you really want the game? You just don't allow it access to your contacts and then play it anyway.
Most apps ask for access to your IMEI (you'd be surprised how many!) With LBE they don't get it.
Antivirus software is all well and good, but it's not the same as on a PC where pattern matching can be used. AV software on Android basically opens the apk file and has a look round to see if anything looks suspicious. Other than that, there's nothing it can do to stop a clever developer bypassing it.
Seriously, if you have concerns then get LBE and start restricting permissions access on an app-by-app basis.
Click to expand...
Click to collapse
this.
i was JUST about to say the same thing about the android "anti-virus" scam... not really a scam, but a false sense of security. as you said, not the same at ALL. people need to get out of the PC mindset with these phones. this is not windows, it's linux.
and i'm going to give LBE a shot. seems pretty legit.
for all of those running antivirus "software" on your phone, how many of you have actually run a virus scan and had it give a detailed description of a malicious "virus"....
Liking lookout
Sent from my GT-I9100 using XDA App
ummm, anyone ever heard of antiviruses (Kapersky, maybe?)? Or at least look up the app's access to things... If it accesses something you don't want it to access (or think the app doesn't need to access it), don't install it!
I know out-of-the-box Androids aren't so vunerable to viruses, compared to rooted ones... So...?
First look up the developer of the app, then if you trust him, install, if you never heard of him, google it (or look at the comments at where you're downloading from), and if you had experience with the developer before (and if the experience is bad, like trojans, etc.), don't install!
(I don't understand half of what I'm typing XD...Don't blame me for misspellings, please )
Cant say I can rave or not when it comes to the anti virus apps.
Have used Lookout in the past and currently using netquin.... neither of which ever flagged up a virus, malware or whatever.
Its nice to think its running in the background but dont know whether it will do anything if its needed.
I was tempted to download a load of apps in a zip file but 20 secs in my Avast siad there was a virus. I'd like to think the market would have its own precautions but having searched the site, cant see any mention of its security for the apps we download.
Its a different thing altogether but we cant take the fact that its the market and relax...... the worst virus my laptop ever had came in an update from Microsoft...... and another directly from google tools.
Kapersky for Android then? You can pick up free full non-trial versions on the web...
About the Market - yes, that's true. You'd expect them to check if apps are infected or at least leave a bot to do it...
Sorta lame...
The best security is the brain.akp just like brain.exe is on windows - best thing it's free, godgiven and everyone got a copy
Zeze21 said:
The best security is the brain.akp just like brain.exe is on windows - best thing it's free, godgiven and everyone got a copy
Click to expand...
Click to collapse
yeah but not everyone got the full version. A few of my friends got a corrupted exe and then this girl I know got the 30 day trial
not that good
Prawesome said:
It is always a good habit to check the permissions an app needs before installation.I personally think that a system should be implemented in android market where all apps are erquested to give informaation on "Why they need certain permissions?".Certain apps do that.
An antivirus program is also useful in my opinion.I use Lookout antivirus,as i find it simple to use and does not slow down my phone.I tried avg but it slowed down my phone terribly.
Click to expand...
Click to collapse
I have both Lookout and AVG, neither has stopped my phone from getting up to 10 junk downloads, you have won an ipad, iphone etc., a day, not sms or email, I have to have every form of external contact turned off, the moment I get wifi or mobile access it starts downloading spam.
If anyone knows of a way to stop it I would appreciate the feedback
Moved to proper section
I installed the black market alpha .apk on my phone and it works perfectly. tonight i downloaded Easy Voice Recorder Pro on my phone from BMA which is supposed to be 3.99 from the play store and on BMA it had the price crossed out through the number with a line and i downloaded it without a problem. the app opens and works fine. Here's The Conundrum. when i try to make a recording it stops itself after one second and says could not find market license!! so what i don't understand is, what is the point of black market alpha even though it does work and gets the app if the app still knows you don't have the license and doesn't give you permission?
i should also add the fact that i noticed the free version, easy voice recorder(without the pro) works by having advertisements and if you are rooted and use ad away you can just have no ads anyway. although there also seems to be some other limitations such as recording time length etc
but really my question stands, what is the point of BMA if the app can still not find license permission? perhaps easy voice recorder pro is atypical of most things and most other pay apps don't have this issue off of BMA but i was rather shocked. the bottom line is this app in particular still wont function even if obtained off of BMA
This is against the rules. Xda doesn't allow threads that deal with, or distribute warez ( paid stuff for free ). Please make an effort to read the xda rules
Reported
i should also add that other PAY apps i've obtained off of BMA haven't had this issue and this is the first i've run into. but it gave me serious pause for concern. should i expect more apps to follow suit in the future? if an app developer is aware of this and can simply make the app need the market license so it wont work if obtained from BMA so you have to pay for it from the play store anyway then i would expect at some point the BMA would just become completely useless and redundant
my apologies. i was under the impression that using BMA was in the same vein as rooting and apps that use SU perms. i'm quite sure that ad away which uses root SU perms would be just as frowned upon since it blocks ads from apps
No its not the same. Pirating payed for apps is not the same as blocking ads that no one clicks on anyway. You will find not help here on this. Thread closed.
Sent from the Bat Cave
Ok, I am looking at an online Android/iPhone app builder. They either offer the option to build one for free with unlimited downloads or you can pay yearly with different tiers for different download limits. The difference being that the free one has ads.
Anyways, when asked about just creating the app with their site, then hosting it on your own server and having everyone download it from there instead of paying the yearly fees, the site owner made this statement.
" my personal opinion in the long run you will pay more in this case because every time when apple releaes new iOS (like 6 now) or android has new phone (like samsung galaxy S 3 now) you will have to purchase new binary code from us that supports the latest updates/fixes."
Is this true? I don't see how each new device that comes out will require an update in your app.
Also, as stated, if you pay the yearly fee for the lowest amount of downloads, I assume they can only track downloads from Google Play or the Apple app store. I don't see any way they can track downloads from my own server hosting the .apk file. Anyone have any insight on this to correct me if I'm wrong?
For the record, I'm just looking to develop an app to play my Shoutcast Streaming audio station. I make no profit on the station, so have no capital to spend over $1K a year to have an Android and iPhone app. I mainly want to give it to my friends, and make it available to anyone who visits my Website. I really like the design that I did with this site, and am willing to pay something for it, just not worth $1K./year....
Anybody?
Have you tried installing the official Android Software Development Kit on your computer, and making the app yourself? You don't need to use an online service, and you choose exactly what gets compiled into the apk (ads, Google analytics, etc.).
post-mortem said:
Have you tried installing the official Android Software Development Kit on your computer, and making the app yourself? You don't need to use an online service, and you choose exactly what gets compiled into the apk (ads, Google analytics, etc.).
Click to expand...
Click to collapse
Thank you for the reply.
I actually do have the SDK installed, and am looking into what it takes to make my own app. But, don't I have to know xml and Java to create apps using the SDK?
You do need to know those two languages.
Sent from my Desire HD using xda premium
The Lepricon said:
But, don't I have to know xml and Java to create apps using the SDK?
Click to expand...
Click to collapse
That online service allows you to write apps without knowing xml or Java?
post-mortem said:
That online service allows you to write apps without knowing xml or Java?
Click to expand...
Click to collapse
Yes, it's kind of like Appinventor, all visual, just assemble the parts and stuff.
It's nice, just kinda pricey. I once posted the job on freelancer.com and got offers for about as much as this company is asking, and with freelancer I would have owned the app afterwards.
But, again, it's kinda hard to foot the bill when it's a non profit app.
Ok, I'm off to learn XML and Java.......
Oh, almost forgot.... the original questions...
" my personal opinion in the long run you will pay more in this case because every time when apple releaes new iOS (like 6 now) or android has new phone (like samsung galaxy S 3 now) you will have to purchase new binary code from us that supports the latest updates/fixes."
Is this true? I don't see how each new device that comes out will require an update in your app.
Also, as stated, if you pay the yearly fee for the lowest amount of downloads, I assume they can only track downloads from Google Play or the Apple app store. I don't see any way they can track downloads from my own server hosting the .apk file. Anyone have any insight on this to correct me if I'm wrong?
any ideas anyone?
I think he means every time Google releases an update to Android (updated OS, not new device). So, for example, you build your app to run on Jelly Bean. But when Key Lime Pie comes out, your app may not work as expected on those devices running KLP. Then, you'd have to pay them to recompile your app with updated binaries, or risk losing market share.
If your app is really simple and would run fine on Android 2.2 and up, then that "purchase new binary" thing is not applicable.
But, hell, if you're willing to learn XML & Java... go for it!
Hello. I recently bought a Huawei P40 Lite, without GMS and installed the apps using googlefier. Everything goes well except some errors that are fixed by swiping and blocking them, and one bigger issue: location. Some local apps (the phone is for my mom so she has a lot of shopping apps for local supermarkets with discounts, cards, vouchers etc) require you to set your location through google, so instead of the app showing the map and allowing you to choose your store, you're stuck at a "Google Play services are updated" screen. Is there any fix for this?
How it looks on my P20 Lite (with factory GMS)
How it looks on my P40 Lite (with googlefier GMS)
Also, does anyone know any better solution of installing the google services? As said, this phone is for my mom and I really don't want to have to fix something every week, so I'm up to even root and mess with things so I can have a more permanent fix.
Welcome to XDA
Yes, well... no idea what the solution is but there's no way I leave that junkware run on my phone.
With a user like that always keep in mind it may be malware, a virus or rootkit causing it.
An Android is only as secure as its user...
blackhawk said:
Welcome to XDA
Yes, well... no idea what the solution is but there's no way I leave that junkware run on my phone.
With a user like that always keep in mind it may be malware, a virus or rootkit causing it.
An Android is only as secure as its user...
Click to expand...
Click to collapse
Well it's not junk or malware. It's a genuine app from the playstore for a supermarket chain named Lidl. She's had it for months, you basically get a qr code and you have to scan that code at the cash register to get some discounts. The app shows her each week what products have discounts and what products are gonna have discounts next week. The app is legit.
As for the user, yeah I agree my mom isn't the most careful out there but i managed to teach her to not install or press any buttons and everytime she gets a weird message or notification she comes to me to figure out what it is. Even when a normal app requires a permission, for example "facebook requires permission to take pictures", she comes to me, so I'm pretty sure she'll be fine with it.
Is there any proper way of installing GMS without having these types of issues even if it involves rooting or god knows what else? At the price of this phone there's nothing better than it and I don't really want to downgrade to a bad samsung just for that.
Just because it's on Playstore doesn't make it safe
FB? Bah-ha-ha-ha.... is pure social malware.
Purveyors of disinformation and far, far worse.
No way that be on my phone. I punched out of FB 13 years ago after a month... the puppet cut the strings.
Meh, it's a lick on you... do what you will, but actions have consequences.
blackhawk said:
Just because it's on Playstore doesn't make it safe
FB? Bah-ha-ha-ha.... is pure social malware.
Purveyors of disinformation and far, far worse.
No way that be on my phone. I punched out of FB 13 years ago after a month... the puppet cut the strings.
Meh, it's a lick on you... do what you will, but actions have consequences.
Click to expand...
Click to collapse
It's not that deep. Like I said, all she does is talk about flowers, plants and work-related subjects. I taught her how not to fall in the hands of scammers and how she should come and show me everytime she gets any weird request. She doesn't download any apps without me, doesn't access weird websites, i think it's safe enough for a mature person.
Yes, I know that it isn't safe just because it's on the playstore, I'm just trying to tell you that it's a legit app, developed my the supermarket chain that has over 11k stores in Europe and there isn't any sensitive information apart from her name and a qr code that she has to scan, instead of the typical physical discount card.
On another note, since the topic has been moved to another category, does anybody have any idea on how to fix my issue?
@goldieczr did you find a solution?
I've got the exact same problem on my Hisense a6l.
I got these files (in the rar) from an official seller. With these you can install google service and magisk.
Both files are executable zips that can be opend. All you need is the password from the text file.
Same thing with the installation, just copy paste the passwords when ask.