Menu
Recently I released an app into Android Market using the licensing system with the ServerManagedPolicy model.
Some days ago someone cracked the apk making it always response "Using cached license response" and allow access.
How can I avoid that in future apps? Thanks!
519
Tip: Keep your private key (. keystore file) out of source control and in a separately secured and backed-up system. The app signature will be broken if the . apk is altered in any way — unsigned apps cannot typically be installed.
The Download Sources for Cracked Apps Are Often Malicious In continuation of the first point, not only are cracked apps a threat to your security, but the websites and third-party app stores that offer these apps are also dangerous to use. That's because most of them are malware-ridden.
Online decompiler 🔗 The quickest and easiest way to decompile an APK is to just use an online service. You just upload the APK and get an archive with all the resources and decompiled files.
I agree with @Tom van der Woerdt Implement your own licensing library
I'd also refer you to check out this from Google I/O 2011:
Evading Pirates and Stopping Vampires
http://www.youtube.com/watch?v=TnSNCXR9fbY
EDIT:
The Presentation Notes from Evading Pirates and Stopping Vampires
Some basic keypoints
111
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
