Yesterday, we posted about the Google Android Licensing Verification Library (LVL) crack, and the video. Google’s Tim Bray responded by saying that “the first release shipped with the simplest, most transparent imaginable sample implementation,” which was written to be easy to understand and modify, rather than security-focused. He recommends developers to obfuscate the code and to use other implementations.
Tim Bray also says that “the best attack on pirates is to make their work more difficult and expensive, while simultaneously making the legal path to products straightforward, easy, and fast. Piracy is a bad business to be in when the user has a choice between easily purchasing the app and visiting an untrustworthy, black-market site.” And, that “100% piracy protection is never possible in any system that runs third-party code,” but the licensing server, when correctly implemented and customized for your app, is designed to dramatically increase the cost and difficulty of pirating.”