A licensing system meant to ensure Android applications were properly downloaded has been hacked, and Google is looking into the issue.
Google introduced a new licensing system for the Android Market in late July in response to concerns that it was too easy to obtain Android applications without paying for them or without proper authorization. However, that system itself can be bypassed relatively easily by someone with a little bit of coding knowledge, according to an investigation done by Android Police.
Tim Bray, Google's Android developer evangelist, defended the licensing server in a blog post Tuesday as he acknowledged that "100% piracy protection is never possible in any system that runs third-party code." The new server is a step up from the old copy-protection system used in the Android Market, Bray said, and "when correctly implemented and customized for your app, is designed to dramatically increase the cost and difficulty of pirating."
Developers can prevent their apps from being pirated by "obfuscating" the sample authentication code that is part of the server, making it harder for those bent on stealing applications to find the parts of the code they need to bypass the authentication process, Bray said. He said Google would provide additional details on how to do this, but some information is available here.
It's situations like these that underscore some of the fundamental philosophical differences between Google's approach to mobile application distribution and Apple's, and the different problems those approaches can create for the companies.
Apple, of course, must approve every iOS application before it can be listed in the only place iOS users can download iOS applications: the App Store. That makes distribution much easier and greatly reduces pirating, but makes developers incumbent on Apple for every single little incremental update they may want to add to their app and creates a ton of work for Apple.
Google, on the other hand, allows partners and developers to have more of a hand in application distribution but that obviously requires it to put less of a lockdown on its code, which can make life easier for those bent on pirating apps. Bray said Google will improve the licensing server and that the best way to combat software piracy is to make it simple and easy to obtain mobile apps.