AfterDawn: Tech news

Google adds 'phone home' DRM to Android Market

Written by Rich Fiscus (Google+) @ 29 Jul 2010 20:32 User comments (23)

Google adds 'phone home' DRM to Android Market Google has added a licensing server to the Android Marketplace which will allow an app to verify whether the user has purchased it or not before opening.
In order to use the new service an app must be sold through Google's Android Market store and be on a device running Android 1.5 or later which also has the Market app installed. Free apps can't make use of the service.

Communication with the licensing server will be done exclusively by the Market app itself using RSA public-key encryption.



This is intended to replace the current copy protection scheme, which has been widely criticized by both developers and consumers. Under the old system, an app compiled as copy protected can't be downloaded from the Market by anyone using a phone which has been rooted or is even just running a custom ROM instead of the OS provided by the manufacturer.

This often leads to frustration for consumers who wished to purchase these apps in the Market, but is easily circumvented by anyone who downloads an unauthorized copy of such an app. In other words it's only effective against people who want to pay, not those who want to pirate.

While apps can be written to handle the response from the licensing server in any way the developer desires, Google is providing two preconfigured implementations.

Both will stop an app from running if the server doesn't verify the app's licens, but one will use a cached response from the last time the app was run if no connection to the Market is available. The other will only allow the app to start if the server is available to verify the license.

Topics Gadgets Phones
Previous Next

Related news

 

23 user comments

129.7.2010 20:49

sigh yet another retarded phone home scheme. i'll tell you one thing i wont be phoning home with an android now.

229.7.2010 22:06

Guess what I'm not buying.

329.7.2010 22:09

The "Androids" are becoming 'self-aware'. Soon, SkyNet will take over.

429.7.2010 22:21

oh lord. Android market is going to become like Itunes. this is so gay!

i used apps i didnt install from the store. this is gonna force some people to root when they never intended too.

529.7.2010 23:07

So one option is not to run the app if it cant find the server. Hmm that is some BS. What if I want to use the app while I am in my home where I get very little service? What if I want to use it while on the subway?

629.7.2010 23:07

Son of a $^(*@! Android just took a serious step back...always-on DRM? It didn't even work with PCs using cable modems! Oh, and so much for apps starting fast...now that they have to go online and wait for a response from some server every time they want to start.

Yes, their current protection methods are very dumb (I no longer buy apps...as they always disappear from the market permanently as soon as I buy them)...but that does not mean that you need DRM that makes apple look reasonable. The fact is that even with the ease of copying apps, at least 95% of users are going to just buy the app for $2...remove all the DRM crap, and the increase in sales to people like me would overpower any additional piracy. Maybe by the time my contract runs out, we will have linux mobile phones, and I can leave android to die in the grips of DRM.

729.7.2010 23:56
EntrepreNerd
Unverified new user

Did anyone here read up on what this REALLY is, or did you all just see "DRM", which this is NOT, and freak the hell out?

This is a "voluntary" system the developers of Apps can use if they choose, to help prevent piracy. This is NOT being forced on anyone and there are 1000's of apps, like most of the popular pay-for apps on Android and iPhone, that already use this method as a means of countering piracy. The only difference is that most App companies are forced to host their own authentication servers, instead of using the Google provided option.

All this will do is allow those one man shop developers, who lack the know-how or resources to setup and run an authentication server, the option to use Google's as a means to protect there App from piracy.

TO BE CLEAR: Most of the Apps you use on your iPhone or Android phone ALREADY use this type of technology.

830.7.2010 0:07

Originally posted by EntrepreNerd:
TO BE CLEAR: Most of the Apps you use on your iPhone or Android phone ALREADY use this type of technology.
As I said earlier, all the apps I bought vanished from the market as soon as I bought them. Because of this, I had to download them from torrents...they all work fine.

By making this kind of DRM both easy and free, they are enabling every developer to easily prevent people from backing up their apps. Considering the fact that the google market is not getting changed, that means that the current problems are not going away...they are just adding more problems.

930.7.2010 0:54

Originally posted by DoomLight:
oh lord. Android market is going to become like Itunes. this is so gay!

i used apps i didnt install from the store. this is gonna force some people to root when they never intended too.
How is this like the App store? They aren't doing anything except offering a better licensing service to protect apps from being illegally loaded. You can still use the install from unknown sources, this just prevents paid apps from being easily available for free to pirates. Its only blocking pirating, not changing how the market actually works.

1030.7.2010 7:42

Originally posted by superlinkx:

How is this like the App store? They aren't doing anything except offering a better licensing service to protect apps from being illegally loaded. You can still use the install from unknown sources, this just prevents paid apps from being easily available for free to pirates. Its only blocking pirating, not changing how the market actually works.
This will mean nothing to software pirates as the drm will be circumvented or stripped from the application before they start distributing it to anyone. Most of the release groups don't just download the stuff and share it as is you know. Anyone who thinks loading drm on their software to block pirates are stupid and its just more costly for them and frustrating people who try to legally purchase a copy. If you have a good app people will pay for it. If someone downloaded it for free and it was great that's free publicity via word of mouth because you tell your friends how awesome it is and it spreads. If it is a piece of shit they are going to try it and delete it and tell their friends how shitty it was which would damage your reputation.

1130.7.2010 8:20

When it comes to $50 pieces of software, piracy becomes a semi-reasonable concern...but when your app is $1, most people will happily pay $1 to download it right then and there from the phone, rather than trying to find a torrent of it, wait for it to complete, and then install some outdated version of the app that won't get updates. Focus on making a good quality app that starts fast and does not have any delays or hangs or crashes...and you will have great sales, no matter how easy it is to pirate.

...If that fails, just make a slightly better version of one of the other ad-supported apps...they seem to make a lot of money, and it would not be difficult to improve on some of those terrible apps.

1230.7.2010 9:41

Originally posted by EntrepreNerd:
Did anyone here read up on what this REALLY is, or did you all just see "DRM", which this is NOT, and freak the hell out?

How is it not DRM? It controls whether you can run the app, just like Windows Media DRM controls whether you can play protected files. This is neither attacking nor defending the new DRM, but that's definitely what it is.

Quote:
TO BE CLEAR: Most of the Apps you use on your iPhone or Android phone ALREADY use this type of technology.

Can you name one? Because I don't have any on either my iPod Touch or Android phone. Granted, most of the apps on both are free, but I've never heard of even a commercial iPhone or Android phone app using it.

1330.7.2010 9:51

Originally posted by DoomLight:
i used apps i didnt install from the store. this is gonna force some people to root when they never intended too.

Unless you're talking about commercial apps you didn't buy it won't have any effect. You can still use apps loaded from other sources. You just can't use commercial apps which require a license verification from the Android Market server unless you've purchased them. As EntrepreNerd pointed out, this is completely voluntary. Furthermore, as the article points out, how each app responds to the results of a license query is also up to the developer. While it can be used as DRM, it could also be used by developers who aren't deluded enough to think they can stop piracy just to find out how many unlicensed copies of their apps are in use.

1430.7.2010 9:54

Originally posted by klassic:
So one option is not to run the app if it cant find the server. Hmm that is some BS. What if I want to use the app while I am in my home where I get very little service? What if I want to use it while on the subway?

Don't buy the app then. Your best weapon against overly restrictive DRM is your wallet.
This message has been edited since its posting. Latest edit was made on 30 Jul 2010 @ 9:57

1530.7.2010 20:18

Now i feel a bit better gettin an iphone 4 as a present :)

1631.7.2010 8:18

Originally posted by Josipher:
Now i feel a bit better gettin an iphone 4 as a present :)
Sadly, I feel google might be headed down the same path as apple...while I still feel that Android is the best phone OS currently available, I also hope that by the time I get my next phone, I will be able to choose something that is 100% open source, no need for leaks, no need for complex de-ODEX'ing...just open, like Linux...and maybe it could even be a full version of linux by then...the dual core 1.2GHZ chips should be in phones soon...

1731.7.2010 21:07

Lol at most of you complaining over $1 dollar apps. Considering android's sdk is free and open any hobby-ist developer can make an app. Sure the market is cluttered with crappy apps but there are top notch apps out there that I don't mind paying for.

Granted the Big thing with Android piracy is that some apps don't appear on some markets due to the way it's set up to purchase them. That's a Google problem. This was bound to happen sooner or later anyway so I don't see why all of you are freaking out.

Google didn't say "Hey we're closing the source and charging you to use our SDK." Did they?

181.8.2010 11:06

Well most of android isnt exactly open source.

In fact if we take away all non open-source components from android what is stripped is camera, GPS, WIFI, Sensors, 3D, Bluetooth, Market.

But why are people angry at this. All app developers have the right to implement DRM for their apps. If you worked hard on a map, wouldnt you want it not to be priated?


191.8.2010 13:09

Originally posted by shaffaaf:
Well most of android isnt exactly open source.

In fact if we take away all non open-source components from android what is stripped is camera, GPS, WIFI, Sensors, 3D, Bluetooth, Market.

But why are people angry at this. All app developers have the right to implement DRM for their apps. If you worked hard on a map, wouldnt you want it not to be priated?



The problem with this argument is that it doesn't really stop the apps from being pirated. Any reduction in piracy is more likely to come from people who couldn't even see, let alone buy, protected apps from the Android Market. Simply removing the protection would have done the same thing.

Having said that, if a developer wants to use DRM of whatever kind it's certainly their prerogative. That doesn't make it good for customer relations or the developer's bottom line, but far be it from me to tell someone they aren't allowed to make unwise decisions.

201.8.2010 23:43

Yes, if a developer wants to put DRM in their app, they can. And if they want to shoot themselves in the foot, then they can do that to...it seems Google has given them the gun.

Google Market has been very broken for a long time. Instead of fixing the problems, they are ignoring the current problems, and adding new ones. When they went from 2.1 to 2.2, they went back to basics and made everything work (mostly) how it was meant to...they need to do the same with the market.

212.8.2010 1:49

who or what pirate would bother to circumvent the copy right protection anyway is beyond me you got an app for a dollar. what incentive besides the (hey look what i cando)does the pirate have to strip it out.

225.8.2010 5:38

Originally posted by DXR88:
who or what pirate would bother to circumvent the copy right protection anyway is beyond me you got an app for a dollar. what incentive besides the (hey look what i cando)does the pirate have to strip it out.
LOL...that is just the problem here...

Clearly if someone thinks an app is so valuable that they will block it from working if there is no 3G signal, then someone else must think it is valuable enough to steal. Alternately, a paying customer may get tired of being prevented from using an app whenever they go into a dead zone, or they might just get tired of waiting 10 seconds for the app to talk to the google server. Either way, they are not stealing the app when they crack it...they are only improving it.

I know my phone is full of semi-pirate software; I paid for it all, but whenever I buy something from the market, it permanently disappears from the market before I can download it...so I only buy apps if I can find them in a torrent...I download them, test them to make sure they work, and then I buy them. This is because of Google's current insane DRM scheme. If they were replacing that with this, it would be an improvement, but they are not...they are just adding more problems to the existing problems.

2312.8.2010 14:29
goalweiser
Unverified new user

Originally posted by KillerBug:
Originally posted by DXR88:
who or what pirate would bother to circumvent the copy right protection anyway is beyond me you got an app for a dollar. what incentive besides the (hey look what i cando)does the pirate have to strip it out.
LOL...that is just the problem here...

Clearly if someone thinks an app is so valuable that they will block it from working if there is no 3G signal, then someone else must think it is valuable enough to steal. Alternately, a paying customer may get tired of being prevented from using an app whenever they go into a dead zone, or they might just get tired of waiting 10 seconds for the app to talk to the google server. Either way, they are not stealing the app when they crack it...they are only improving it.

I know my phone is full of semi-pirate software; I paid for it all, but whenever I buy something from the market, it permanently disappears from the market before I can download it...so I only buy apps if I can find them in a torrent...I download them, test them to make sure they work, and then I buy them. This is because of Google's current insane DRM scheme. If they were replacing that with this, it would be an improvement, but they are not...they are just adding more problems to the existing problems.
I'm sorry. Your logic is completely wrong.

They have a right to put on the DRM. You have no rights until you pay for them. It doesn't matter if the app disappears or not. You can back it up with Appbrain.com or you can get a refund from the developer within 48 hours so that whole download a torrent to try it out thing is lame.

You want to circumvent the rules and use "disappearing apps" for a reason. Name ten apps you've downloaded that have disappeared from the market? You can't! If apps were disappearing at that rate, the total number would be decreasing not leaping by 20,000 each quarter.

As far as your 3G "deadzone argument goes," you're wrong again. It clearly states in the last paragraph:


"Both will stop an app from running if the server doesn't verify the app's licens, but one will use a cached response from the last time the app was run if no connection to the Market is available. The other will only allow the app to start if the server is available to verify the license."

Which means there's an option for developers to let you use your original cached verification to start your app up regardless of your phone's internet / date connection. Consequently that also means delay of app's starting up is not necessary. Apps could use cached verification to start up every time after the first time.

Stop making excuses and try to do things the legal way.

Comments have been disabled for this article.

News archive