On Mon, Jul 11, 2011 at 11:28 PM, Richard <[email protected]> wrote: > Ok, but is there any way to be sure that it's the original package? I > use open key to encode data in my app so hacker never sees comparison > explicitly, but of course if he know my signature open key this > doesn't help. What can you advise? As I see Android does everything to > make all our efforts useless - even with ProGuard. Using several tools > everyone can open your package, almost restore source files, > resources, edit the code and compile again. Virtually no way to fight > against piracy.
You can do stuff using native code and that makes it considerably harder. Whether you need to go that far is up to you/your app. > But I thought if I can check modifications, I'll have > the cure. > Do you happen to know is there a way to check package's CRC? Popular tools will just replace the APIs you use to calculate CRC, etc., so it's not really a cure. Watch this for some ideas, especially the first part: http://www.google.com/events/io/2011/sessions/evading-pirates-and-stopping-vampires-using-license-verification-library-in-app-billing-and-app-engine.html -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
