In this screenshot, an Android user downloading the MyTracks app is informed of the data and resources the app has access to. (Credit: Google) Updated 4:30 p.m. PDTto change headline to reflect that SMobile says it isn't criticizing the Android model and Updated 10:30 a.m. PDTto change misleading headline and add information throughout stating that users are granting permission to apps when they download them. be aware of what your Android app does | InSecurity
Google has just announced a new licensing service allowing Android developers to better protect their applications from unauthorized use. The free service is utilizes a secure mechanism to access to all paid apps on the Android Market, available for apps running on Android 1.5 firmwares or higher. To protect their work, developers must include a set of libraries provided by Google that query the Android Market upon launch to determine the license status of the apps users. The service then returns information on the user if they are authorized to access the app based on stored sales records. The service provides a real time solution to protecting a developers work, without having to enforce copy protection, something that Apple deploys on iOS with its Fairplay DRM. Google Launches Licensing Service For Android Applications
[Update: 8/24/10 @ 7:45 PM EST by Aaron] Tim Bray responded to Justin's article, but seems to have misunderstood the goal. Thus, Justin has written a follow-up article here. Preface This article was not written to teach people how to pirate or ridicule Google's Android License Verification Library (LVL) that handles communication with Google's Android Market Licensing Service. I am very much against piracy, and very much pro-Google. [EXCLUSIVE] Report: Google’s Android Market License Verification Easily Circumvented, Will Not Stop Pirates | Android News, Reviews, Applications, Games, Phones, Devices, Tips, Hacks, Videos, Podcasts - Android Police
Google’s new Android Market piracy prevention system circumvented At the end of July we reported on a new anti-piracy measure from Google that was aimed at cutting the number of pirate apps available for download outside of the Android Market. It appears that the new licensing service has been circumvented already, allowing a would-be application cracker to completely strip an app of any licensing protection, opening them up for unofficial distribution and pirating. Android Police has an explanation of how the licensing system can be bypassed which centers on disassembling an application using a .APK disassembler called smali/baksmali. Because the licensing verification library is not part of the app itself, developers have to include it inside their apps, meaning that an “attacker” can manually strip out the library, reassemble the app and then distribute it as he/she sees fit. At the moment, the process is a simple proof of concept.
2 out of 3 Android apps use private data 'suspiciously'