Android Market's App Licensing Scheme Has Serious Flaws

Android Market's App Licensing Scheme Has Serious Flaws

We covered the announcement by Android Developers about a month ago of a system designed to fight Android App piracy, but it seems that Google's steps might not have gone far enough. Android Police is reporting that the method developed, titled the Android License Verification Library (LVL),  is too easily bypassed, and will not be enough to dissuade determined pirates.

Engadget writes that the discovery is a blow for consumers and developers:

A new exposé on Android Police claims that it's actually pretty easy to get around -- easy enough so that the crack could probably be packaged into some sort of automated script that breaks protected apps en masse for distribution through pirate-friendly channels. Though that's obviously bad news for developers, it's just as bad for consumers on Android devices who've customarily had less support from top-tier software brands and game studios...

Androinica adds that an "average Joe may not discover this trick, but plenty of people with the right knowledge will still be able to crack apps and continue to distribute illegal copies of Android apps."

Below is the YouTube video from Android Police demonstrating the method:

Androinica points out that Android Police's discovery "is an expected but nonetheless disappointing development. I’m awaiting a response from Google about these claims."

According to the author of the Android Police article, he is a supporter of Google's method, and the purpose of the video is to improve the system:

For now, Google’s Licensing Service is still, in my opinion, the best option for copy protection; however, we really need to see a better solution, such as checking the apk for alterations or ways to confirm an application was installed through official means.

I will continue to investigate copy protection methods on Android, and will hopefully have an update soon. I will possibly be releasing an add-on class for LVL soon, to help protect against out of market installs and unauthorized modifications of apps.

Check out the full post on Android Police for the in-depth details on how the technique works.

Other Sources: Androinica, Engadget

Image from Android Developers

Source: Android Police

Latest articles at NextPit

Recommended by NextPit

1 Comment

Write new comment:
All changes will be saved. No drafts are saved when editing
Write new comment:
All changes will be saved. No drafts are saved when editing