«

»

Feb 28

Print this Post

Android Market DRM not safe!

It’s quite a bit old of a news, but maybe some haven’t heard it yet. The android market DRM (Digital-Right-Management) isn’t save anymore. With a simple hack, it’s possible to copy protected software as well as paid applications.

This is an very serious issue, as it’s possible to buy an application, “backup” it and then request a refund, basically getting the application for free.

It’s said, that this is one of the reasons why the Android 1.1 Framework is not available yet outside of the USA.

It’s really scary how easy the system can be circumvented! There is basically no protection at all. All “protected” applications are simply stored in an hidden folder which can’t be normally accessed (only be the OS), but if you have an hacked/jailbreaked firmware on your G1 or an Dev G1, you have root access which allows you to access this hidden directory and copy/move the applications inside there.

All protected applications are stored inside the /data/app-private folder (which is normally invisible, unless you have root access).

Thanks to Tim over there at strazzere.com for finding this out and making people aware of it! Check out his Android Market DRM busted < 12 hours! post for more details about the very weak DRM protection of the Android Market!

If you’re an developer who offers paid applications, my suggestion would be to pull of your application from the Android Market, until the issues were address by Google, as this could seriously hurt your business!

Permanent link to this article: http://tseng-blog.nge-web.net/blog/2009/02/28/android-market-drm-not-safe/

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>