问题
Recently I released an app into Android Market using the licensing system with the ServerManagedPolicy model.
Some days ago someone cracked the apk making it always response "Using cached license response" and allow access.
How can I avoid that in future apps? Thanks!
回答1:
I agree with @Tom van der Woerdt Implement your own licensing library
I'd also refer you to check out this from Google I/O 2011:
Evading Pirates and Stopping Vampires
http://www.youtube.com/watch?v=TnSNCXR9fbY
EDIT:
The Presentation Notes from Evading Pirates and Stopping Vampires
Some basic keypoints
- Modify the LVL
- Implement LVL Tamper Resistance
- Use obfuscation
- Add reflection
回答2:
There's no perfect solution. Even Apple's iOS has issues like this, but on a far smaller scale. If your app is very popular or good, it will be cracked. I'd say consider it a compliment.
Of course, using standard libraries for licensing is always a bad idea, because crackers can simply re-use their cracking tools for every application that was built using the same library. Implement your own licensing library, which will make cracking your app a lot harder.
Interesting fact: Apple's OS X App Store also has a licensing system built-in, but developers have to write their own libraries to use it. This way crackers can't crack multiple applications simultaneously, because every application has a different implementation of the licensing system.
来源:https://stackoverflow.com/questions/8679437/avoid-apk-cracked