implementation of basically the same approach, obfuscation will be
critical. With AAL, it took about three days for someone to crack the
app. The process looks something like this: decompile the apk using
a freely available open source tool, find the code that invokes the
licensing check, skip it, recompile and repackage the apk.
Obsfucation will make this more difficult, but not all that tough
given the usage of intents for communication between LVL and the
Don't get me wrong, I think that LVL will offer a much needed road
bump for pirates -- stealing apps will actually require a crack of
each app. This is a viable approach to license verification and
that's why I took the same route with AAL months ago. It certainly
seems like google could have gone further though.
The coverage of this has been very extensive in the press, and I would
guess the coverage of the first released crack within a week or two
will also make a fairly big splash, which won't look great for the
All told though, I think LVL is a positive step for the platform.
Speaking as someone that was seeing 90%+ piracy rates before
implementing something very similar to LVL in my own apps, I'm happy
to see google addressing the problem.
On Jul 27, 5:44 pm, sblantipodi <perini.dav...@dpsoftware.org> wrote:
> I haven't understood if using this library external obfuscation
> (proguard for example) is needed
> for security reason or if we can avoid using external obfuscator, it's
> quite a pain using proguard in netbeans plus android sdk.
> On Jul 27, 10:24 pm, Sebastian Rodriguez <srodrig...@gmail.com> wrote:
> > I agree with Anton Persson. When will Google realize that opening the paid
> > market to all the other countries is crucial for the market environment :(
> > We don't have access to them here in Singapore either.
> > But this is a major step already, let's hope for even better!
> > Seb
> > On 28 July 2010 04:19, Kaj Bjurman <kaj.bjur...@gmail.com> wrote:
> > > I saw that entry, and have a question.
> > > What will happen if the user doesn't have network connectivity? Many
> > > users turn of data traffic when they travel to other countries, but
> > > the probably still want to use the licensed applications.
> > > On 27 Juli, 19:55, Trevor Johns <trevorjo...@google.com> wrote:
> > > > Android fans,
> > > > For those of you who haven't already heard through our blog, we've
> > > > just launched the Android Market licensing service:
> > > >http://android-developers.blogspot.com/2010/07/licensing-service-for-...
> > > > From the above blog post:
> > > > "This simple and free service provides a secure mechanism to manage
> > > > access to all Android Market paid applications targeting Android 1.5
> > > > or higher. At run time, with the inclusion of a set of libraries
> > > > provided by us, your application can query the Android Market
> > > > licensing server to determine the license status of your users. It
> > > > returns information on whether your users are authorized to use the
> > > > app based on stored sales records."
> > > > Developer documentation is available here:
> > > >http://developer.android.com/guide/publishing/licensing.html
> > > > Happy coding!
> > > > --
> > > > Trevor Johns
> > > > Google Developer Programs, Androidhttp://developer.android.com
> > > --
> > > You received this message because you are subscribed to the Google
> > > Groups "Android Developers" group.
> > > To post to this group, send email to firstname.lastname@example.org
> > > To unsubscribe from this group, send email to
> > > email@example.com<android-developers%2Bunsubs firstname.lastname@example.org>
> > > For more options, visit this group at
> > >http://groups.google.com/group/android-developers?hl=en
> > --
> > Sebastien Rodriguez
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to email@example.com
To unsubscribe from this group, send email to
For more options, visit this group at
Post a Comment