Google Adds Licensing Server DRM To Android Market 184
eldavojohn writes "According to AfterDawn, Google has given app makers the option to use a license server as DRM to ensure the user has paid for an app before they can download it. Reportedly, the Market app will communicate with a Google license server using RSA encryption. It is important to note this is only available for non-free apps (built with SDK 1.5 and later), and it was instituted to provide a better solution to the old and widely criticized copy protection scheme that was susceptible to Android app piracy (like sideloading). For better or for worse, Android's Marketplace appears to now have an optional, phone-home form of DRM."
Following news of the new licensing service, Hexage Ltd, makers of a popular Android game called Radiant, released the data they had collected on piracy of Radiant over a 10-month period beginning last October. A series of charts shows total users, paid users and the piracy rate, by region.
Re:"Do no evil" (Score:5, Informative)
Also, a lot of people disagree with paying for apps as that goes against the purpose and concept of free software
http://www.gnu.org/philosophy/selling.html [gnu.org]
Paying for apps (Score:3, Informative)
Also, a lot of people disagree with paying for apps as that goes against the purpose and concept of free software (and associated benefits/gains).
Except there are several genres of application that free software developers have so far failed to deliver. I've listed several other as-yet-uncloned apps in this comment [slashdot.org].
Explaining Piracy Figures (Score:5, Informative)
You can see in the charts something like 98% piracy in South America.
This happens because... there's no way to buy applications if you're in South America. So, anyone with a paid application here *has* to pirate it.
Re:"Do no evil" (Score:4, Informative)
As in you can get the source, change it, compile it, get it to work with your own hardware, and redistribute it.
Or even improve [cyanogenmod.com] it.
Re:If only Google could actually get it *RIGHT*... (Score:3, Informative)
As for "developer's option" whether or not to cache, let's be honest... at least half the developers publishing commercial apps don't have the slightest clue in HELL how to implement a secure caching scheme, and they aren't going to purchase a proprietary one that demands more money up front than they're likely to earn from the app's sale. So, anybody care to guess what's going to happen? Most apps in Market are going to end up checking the server every goddamn time, because the alternatives are too hard/expensive for most Android publishers to deal with.
First of all, the devs don't have to implement very much else than an API call ("LicenseChecker.checkAccess()") and supplying code for the two callbacks "allow()" and "dontAllow()". See http://developer.android.com/guide/publishing/licensing.html [android.com] (yeah, they call it a "licensing service" rather than DRM, no real surprise).
Second, it's very easy for devs to choose the best (from our point of view) option: you use an instance of either "ServerManagedPolicy" (uses cache fallback) or "StrictPolicy" (insists on connection).