August 24, 2010 | by Andrew Kameka
It was discovered yesterday that an Android developer has discovered a relatively simple workaround that allows him to break the Android Market License Verification Library. All it takes is some hacking knowledge and changing an app’s code.
Google Developer Advocate Tim Bray has responded to the claims by clarifying a few things about the protection system. Bray makes it a point to concede that “100% piracy protection is never possible in any system that runs third-party code.” However, Bray says that with the right security and execution, it can become incredibly difficult and costly for people to attempt to pirate.
According to a post on the Google Developer’s blog, the LVL is young and shipped with the most simplest of possible protections, which is why it was so easy to crack. As the system grows and becomes more sophisticated, developers will have more tools at their disposal. Developers behind the apps featured in the exploit used the LVL samples “as is” rather than develop a more complicated method, such as intentionally designing their code to confuse others. Google plans to offer more details on how Android developers can enhance security using the LVL.
The best effort to fight piracy is something that I’ve been saying for months. Since you’ve already heard my comments on the issue, I’ll let Bray wrap things up
The best attack on pirates is to make their work more difficult and expensive, while simultaneously making the legal path to products straightforward, easy, and fast. Piracy is a bad business to be in when the user has a choice between easily purchasing the app and visiting an untrustworthy, black-market site.