Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

iOS Protecting your application from piracy?

Soulstorm

Soulstorm

macrumors 68000
Original poster
Feb 1, 2005
1,887
1
Is there anything to do to decrease piracy to your application on the App store? Seems piracy is increasing nowadays, and having my application ready, I would like to know if there is anything I can do to prevent as much as possible pirated copies of my App roam for free on the Internet.
 
Soulstorm said:
Is there anything to do to decrease piracy to your application on the App store? Seems piracy is increasing nowadays, and having my application ready, I would like to know if there is anything I can do to prevent as much as possible pirated copies of my App roam for free on the Internet.
Click to expand...

People have come up with ways to detect whether the app was pirated at runtime and change the behavior if so.

My opinion is that piracy is a fact of life for software developers and you're better off just ignoring it and putting your efforts into making the app better for (potential) paying customers. I guarantee that few if any of the top selling apps do anything special to deter pirates.

I know my own app has probably been downloaded 10s of thousands of times by pirates, but it has still been more than profitable in the App Store.
 
Bear in mind that you'll have to be quite clever as a good cracker (the ones that don't just use an automated tool) will know the common ways of detecting cracks. If you use plain text strings (say for checking the existance of certain keys) then they will search for them and just replace the string. You will have to build the string bit by bit and hope the compiler doesn't just optimize it out anyway.

I do use a basic antipiracy routine in my apps. It's nothing special but I haven't seen a crack of my apps since I started using it.
 
Troglodyte said:
Bear in mind that you'll have to be quite clever as a good cracker (the ones that don't just use an automated tool) will know the common ways of detecting cracks. If you use plain text strings (say for checking the existance of certain keys) then they will search for them and just replace the string. You will have to build the string bit by bit and hope the compiler doesn't just optimize it out anyway.
Click to expand...

What do you mean? What keys should I search for? Do crackers after the cracking of a certain app put their own keys in a certain place?

Troglodyte said:
I do use a basic antipiracy routine in my apps. It's nothing special but I haven't seen a crack of my apps since I started using it.
Click to expand...

If it's not a problem, could you point me into the right direction? Into what logic is your routine based? If you are not afraid that giving me some info could compromise the security of your applications, then please do so!
 
Soulstorm said:
What do you mean? What keys should I search for? Do crackers after the cracking of a certain app put their own keys in a certain place?
Click to expand...
Cracked IPAs have an additional key 'SignerIdentity' in their Info.plist. It should never be there for a legitimate app. But if you do the simple key check for SignerIdentity then it will appear in plain text in your app and can therefore be searched for. So you obfuscate the string so it's harder to search for.
If it's not a problem, could you point me into the right direction? Into what logic is your routine based? If you are not afraid that giving me some info could compromise the security of your applications, then please do so!
Click to expand...
You can do it whenever (more than one place is best - don't put it in a separate method though). It's probably bad form to terminate the app but you could just open safari at your company webpage for example so they might buy it (you'll have a link to app store there but you won't know this url when you submit your app for the first time).

There are other things to check. Info.plist should be a binary plist for example. You could check the file modification date for info.plist - if it's been cracked it will be quite a bit later than the dates of the rest of the files in the app.

There is a code snippet here which shows all of this. Don't copy it verbatim though as it's best to roll your own version to make it harder for automated cracks.

None of this is foolproof and any cracker could break it if they really really wanted. It's better than nothing though.
 
Piracy is just a way of life, Just Focus on making quality applications and people will buy it regardless.

Microsoft, Adobe, etc.. Spend Millions of dollars trying to stop Piracy and they fail miserably. (And to me putting all that anti piracy (Serial#, Online Activation) just puts more pain on the paying customer. The pirated version is better than the retail version because all those hassles of activation,etc.. are stripped anyway.


This is One of the reason i love apple, most of there software products don't require a serial or activation. Most people are honest and Apple understands that if you make quality products people will buy it and you are going to make money regardless.
 
This sort of check doesn't affect legitimate buyers in any way so I fail to see how there's a downside to using it.
 
forcesteeler said:
Piracy is just a way of life, Just Focus on making quality applications and people will buy it regardless.

Microsoft, Adobe, etc.. Spend Millions of dollars trying to stop Piracy and they fail miserably. (And to me putting all that anti piracy (Serial#, Online Activation) just puts more pain on the paying customer. The pirated version is better than the retail version because all those hassles of activation,etc.. are stripped anyway.


This is One of the reason i love apple, most of there software products don't require a serial or activation. Most people are honest and Apple understands that if you make quality products people will buy it and you are going to make money regardless.
Click to expand...

I totally agree with you, but I think you forget one basic thing: Apple sells software that runs in their own hardware. So, even if you crack their applications, you will have already given them some money to buy a machine of theirs. That's not the case with microsoft.

Returning to the topic, I think that Troglodyte is right. My application has been rejected today, because of a mistake I had made in the application icons. I will submit my new binary with a basic protection... And let's hope for the best!
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back