Anti piracy and app identification. iPhone SDK

2019-04-11 02:27发布

问题:

How easy is it to determine whether an iPhone application is cracked and report that device ID to a server rather than block it / or turning the app into a lite version? Would patching remove these methods to the server?

It is mainly a losing battle preventing an app being cracked, but i want a system not dissimilar to product keys / or identifying a binary. Is it possible to have every app downloaded from the app store to have a unique identifier hard coded into it?

Thanks and sorry for barrage of questions!

回答1:

Take a look at AntiCrack

http://www.drobnik.com/touch/anticrack/

Though not free, it's donation-ware with no ongoing payments.

I have no affiliation with them, but will be rolling their code into my next project.

To answer your how do I tell if my App is cracked question - probably the best way is to see if your App still contains any encrypted sections. Whenever a pirate cracks an application it strips the encryption in order to run it.

-t



回答2:

We'll see. It's a constant arms race. They've been trying to create effective copy protection for at least 25 years now on the desktop, and still the apps get cracked before they even hit the shelves. A jailbroken iPhone is just a computer, so we shouldn't expect any difference.

For €30, as long as the tool doesn't cause problems of its own for your legitimate users, why not? But that's a major caveat. You have to figure the cost of the tool, the cost of your deploying it, and the cost of every lost customer due to problems, against the number of additional sales you actually make due to freeloaders now paying for your product. Very few freeloaders actually become paying customers; most will just not use the software. So there's not a lot of revenue available to offset the cost of protection.

Remember that last bit; very few freeloaders will ever become paying customers, and their using your product costs you nothing. In fact, it gives you a level of free advertising. So I generally encourage developers to spend their time making their product so awesome that their legitimate customers make them tons of money. Fighting freeloaders mostly distracts from that.

After having watched this problem for several more years, there is a rising problem of freeloaders who actually cost you money because they impact your server, especially if you pay some per-transaction cost. This makes the problem more difficult to ignore, but unfortunately does not change the challenge of solving it. If your business model relies on people not cracking your client, then you either have to employ ongoing diligence, watching for cracks and quickly patching them, or you need a new business model.

My expectation: Hackulous will figure out how to crack AntiCrack automatically (since it's a single target), making it worthless. AntiCrack will release a new version, making it worthwhile (at which point you'll need to rev your software). Hackulous will crack it again. AntiCrack will update, and so will you. Wash, rinse, repeat.

(Looking back several years later, the last update of AntiCrack was in 2009. That suggests that it either (a) was cracked long ago and not updated, (b) not used widely enough to be attacked. I don't mean any insult here to Oliver. I've met him and even got to hang out with him at WWDC for a while. He's very smart and I like his code. It's just not really a solvable problem.)

Apple spends big bucks to prevent jailbreaking. They have control over the hardware and software. How's that worked for them? Anyone think a €30 magic bullet is going to fare better?