Slashdot Mirror

← Back to Stories (view on slashdot.org)

Google Adds Licensing Server DRM To Android Market

Posted by Soulskill on from the do-androids-dream-of-electric-rights dept.

eldavojohn writes "According to AfterDawn, Google has given app makers the option to use a license server as DRM to ensure the user has paid for an app before they can download it. Reportedly, the Market app will communicate with a Google license server using RSA encryption. It is important to note this is only available for non-free apps (built with SDK 1.5 and later), and it was instituted to provide a better solution to the old and widely criticized copy protection scheme that was susceptible to Android app piracy (like sideloading). For better or for worse, Android's Marketplace appears to now have an optional, phone-home form of DRM." Following news of the new licensing service, Hexage Ltd, makers of a popular Android game called Radiant, released the data they had collected on piracy of Radiant over a 10-month period beginning last October. A series of charts shows total users, paid users and the piracy rate, by region.

5 of 184 comments (clear)

  1. Call me paranoid by MikeyVB · · Score: 3, Interesting

    With recent news about certain Android apps sending private information to whomever created it, I have recently installed DroidWall to filter access (e.g. - Battery meter apps!? Puh-leez!) to my phone's data connection.

    If some app expects me to allow a data connection just to prove I am not a thief, sorry, I won't be buying it! And yes, I do purchase apps that I consider worthy.

    And what happens if someone is abroad? Would they have to pay $20 in roaming charges to play some bubble bobble game for an hour while waiting in some airport?

    1. Re:Call me paranoid by yincrash · · Score: 2, Interesting

      I believe that this doesn't actually require the app to need the Internet permission. I believe it just requests the pay information from the Market app and the Market app uses the Internet, so you'd have to use droidwall to block market's internet access.

  2. Looking at piracy figures... by SuperKendall · · Score: 2, Interesting

    ... now I see why we have always been at war with Oceania - they are apparently stealing all our apps.

    It's pretty amazing the North America piracy figure is so much lower. I wonder if that's the result of a far larger user base in NA? Or are Europeans (where I thought the figure would be similar) just have a more pirate-prone culture?

    It would also be interesting to see beyond this static view, how many users they saw going from pirated to paid. That I think is the key figure to understand if piracy is a problem or a marketing tool.

    --
    "There is more worth loving than we have strength to love." - Brian Jay Stanley
  3. If only Google could actually get it *RIGHT*... by Miamicanes · · Score: 2, Interesting

    There were (at least) two fundamental flaws with the original Android Market protection scheme, neither of which appears to have been rectified by this change (besides possibly to make matters worse for end users):

    * As everyone has already noted, lots of people around the world with Android phones can't actually buy apps from Android Market, EVEN IF they have a Mastercard/Visa/AMEX card with dollar-denominated account. That's just plain fucked.

    * You can't officially purchase and run protected Market apps if your phone is running an unblessed "Developer" kernel. Of course, there's not a single goddamn phone from HTC, Samsung, or Motorola with Google-blessed kernel that has BlueZ Bluetooth HID profile compiled into it, so it's impossible to build your own kernel with it enabled without being formally exiled from 99% of commercial Android apps. At least, unless you crack them. Any DRM scheme that forces legitimate users to crack apps they purchased in order to use them is fundamentally broken, especially when there are still gaping holes in Android phones that need a customer kernel to fix.

    As for "developer's option" whether or not to cache, let's be honest... at least half the developers publishing commercial apps don't have the slightest clue in HELL how to implement a secure caching scheme, and they aren't going to purchase a proprietary one that demands more money up front than they're likely to earn from the app's sale. So, anybody care to guess what's going to happen? Most apps in Market are going to end up checking the server every goddamn time, because the alternatives are too hard/expensive for most Android publishers to deal with. IMHO, Google got THAT part EGREGIOUSLY wrong. They should have distributed the Android DRM module themselves, and made it free & easy for publishers to do cached checking, but left it difficult and minimally-documented how to bypass that caching and check the server every time.

    I love Android. I really do. But it's so incredibly frustrating when Google turns around and fucks things up in ways that CAN'T be fixed by end users with access to Android's sourcecode... usually, mistakes that are almost incomprehensible given the amount of in-house talent and expertise Google has available to it. At times, Google actually manages to make even *Microsoft* look coherent and customer-focused.

  4. Re:In today's world, libre implies gratis by h4rr4r · · Score: 3, Interesting

    Sell binaries offer only sources as no cost. That will compel most to pay.