Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 4 years ago.
Improve this question
I've been familiar with the idea since a long time that Apks are easily modifiable. Doing a simple google search shows tons of resources to do it personally or there are handful of websites that provides modified Apks already.
So what are we exactly talking about here! The fact that anyone can easily download a modified version of SnapChat that would no longer send the notification when the person screenshots the story. Or the fact that Pro version of Spotify can be downloaded with a single click giving access to full library of Spotify. Or the fact that any game available has a modified Apks version that would give unlimited coins or whatever virtual currency is used. This seems to me a very alarming situation but for reasons has been the same since years and no one talk about it(and seriously no one talk about it, doing a google search only points out to link telling how to modify Apks easily).
I just don't get why this has been the same for so many year. Every year there is a yet another version of android with "minor" UI improvements, but this problem is not addressed at all.
One last thing I would like to call out is that, on the other side of spectrum there are platforms like IOS and Windows, where this doesn't seems to be a problem. The way Windows 10 packing system works is similar to android, an Appx can be distributed from or without the Microsoft Store, but there are no modified Appx available or atleast one I know of!
"Or the fact that any game available has a modified Apks version that would give unlimited coins or whatever virtual currency is used" - that is why you track in game currency (and all important data for that matter) on the server.
"Or the fact that Pro version of Spotify can be downloaded with a single click giving access to full library of Spotify" - proper way of handling this is to associate the "Pro" with the account and only grant access to some features to those accounts having the "Pro" flag. Once again this is handled on the server. Even a modified client cannot access "Pro" features if the server blocks access.
iOS has modified ipa files as well. The "problem" is that if they are modified they are no longer signed and cannot be installed as easily - only with a jailbroken device where you skip the signing verification.
"This seems to me a very alarming situation" - no. The client can never be trusted, you always have to write proper server code for anything that you really want to validate. Same way you dont do the password verification in javascript on the client but on the server.
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about programming within the scope defined in the help center.
Closed 6 years ago.
Improve this question
I am preparing myself to submit my first app to the Google Play Store, and have the following questions regarding the process, which might have been covered or not covered before, so I apologize if there are any duplicates beforehand, because I could not understand some of them.
In submission of an app to the Play Store, what is the expected time duration which it will get accepted or rejected?
Because I do not live in an area where Google Payments is accessible, what are the payment schemes that I can get for my app?
Is it possible to submit a complete rewrite of the same app as an update at a later date? If so, is there a specific method (e.g. signing schemes)
Thank you in advance.
From my experiences to avoid rejection or suspension do not put copyright protected contents on your apps and store listing.
Do not make apps that having harmful behavior.
If you collect user data make sure you have a well documented privacy policy.
Try to avoid spam words for your app name (like flappy,candy crush, clash of clans etc.. Avoid these words)
Avoid putting ads against their policy
Be clear with the UI. Don't confuse user with UI elements that leads to any kind of promotional contents without proper description.
App approval time may vary according to their job loads and types of app you are submitting, Apps now go through both machine and human verification, usually games get faster approval than apps. Average time I feel is around 4 - 5 hours for initial launch, updates get faster approval.
They give enough time to repair the problems.
App Rejections are easier to get through but App suspension are difficult.
It is hard to win a dispute with Google :)
Especially if you get a copyright issues you can't even pass machine verification and can't argue with algorithms ;)
Now it's much more easier because they have human verification too. They point out most of the problems. Before that it was a total mess. They reply with some pre generated generic replys
Good luck with your venture.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 8 years ago.
Improve this question
Minor background here: not an app programmer here.
If you look at the tags for this post, you can see that I tried to choose the ones that I know (please let me know of any other that I may have missed) of that are wrappers around the native language of the phones, namely iphone and android.
So, someone wants to know if it is easy to update an app once it's been downloaded on a phone?
And how easy/hard is it for the creator to update the app?
Thanks in advance.
edit
the person in question forwarded me the questions as she wanted them to be:
how easy/difficult will it be to update the app? So for example, if we want to add a new restaurant to the list, or a silent auction item, how much time and effort will it take?
Let's say I download the app from the website on Monday. On Wednesday we update the app with new restaurants and other items. Will the version of the app on my phone update automatically?
second edit
is it possible to have an app available via web and not through formal measures via Apple's iTune, etc? It's mostly informational and meant to benefit a charity.
third edit
Ok, normally I don't care about the downvotes. Still don't. But since this question is getting downvoted a little too much, I just wanted state that this is a genuine question. Really. And honestly, do you realize how much information there is online when you're trying to google for specific question on an arena you're not that familiar with to begin with?
The answer is it depends.
I can speak to Android, but for iOS, an update to the source code that's pushed through the store takes an average of 6ish days between submitting it to Apple and the update showing on the store.
This means if you downloaded your App on Monday of week 1, and I pushed an update on Wednesday of Week 1, it's probably Tuesday of week 2 at the EARLIEST that Apple has approved the app and put it on the store.
From here, the updated version isn't automatically the version on your phone necessarily. Some people have automatic app updates, some don't.
But, and this is a massive but... sending source code updates through the app store isn't the only way to "update" your app.
The updates you talk about aren't what many developers would consider updates at all--they certainly don't require source code changes or pushes through the app store. All you're "updating" is your backing data.
A well designed app would grab this data from the web, and in this case, the app can be updated immediately.
For IOS you have to submit the compiled code to apple and wait for them to approve and test your app (for new apps or updates) and it might take some days sometimes 1 or 2 weeks. Android, I think you can upload it almost instantly. And as "nhgrif" stated, you should feed any dynamic info on an app from a web server so you don't have to update frequently.
For both iOS and Android, it is possible to have a file online (APK for Android, IPA for iOS) that allows users to install the app. There are no real restriction on Android, but there are on iOS. apparently you can only install on a max of 200 devices, there might be some certificate issues, etc.
Take a look at this question to see what restriction on iOS are: iOS installing apps without app store
The iOS restrictions might be circumvented with TestFlight (But just maybe).
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
Looking at some postings at stackoverflow, as of writing, there seems to be really no way to effectively prevent app piracy.
is anyone here actually losing money from app piracy?
what's your current solution (free or non-free) against app crackers?
what are some of the popular & reliable solutions for protecting enterprise level apps?
Use the LVL (License Verification Library) provided via Google, its a server side verification that the user actually bought your app.
http://developer.android.com/guide/market/licensing/index.html
Use other techniques to detect if you application has been tampered with, there are a few and they are covered in this blog post and the I/O video. Assume it was pirated if tampered with. (Double extra check to make sure you don't mess this up and annoy real users)
http://android-developers.blogspot.com/2010/09/securing-android-lvl-applications.html
http://www.youtube.com/watch?v=TnSNCXR9fbY
Use AntiLVL against your own application, attack it like a cracker! This is actually really fun and educational, see how much work it takes to crack your app. The blog/tool go over the known weaknesses and you can make some educated decisions about how to stop the automated tools from working. Stopping dedicated pirates is no ones priority, but stopping people from using a 1-click tool is easily obtainable.
http://androidcracking.blogspot.com/
EDIT 1:
Make a free version with ads and/or less features. Crackers just want free stuff, so make it easy on them :) If you detect they are using a cracked version of your paid app you can try and convert them to using the free version or upsell them to the paid version. Currently about 1/4 of the people cracking one of my apps will open the Google Play for the full paid version (although less actually buy it)
This google IO 2011 video should be your bible: Evading Pirates and Stopping Vampires using License Verification Library, In-App Billing, and App Engine
It talks about many things you can do to defend yourself.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about programming within the scope defined in the help center.
Closed 7 years ago.
Improve this question
I'm using Google Code to host my application code, its conveniant and the SVN repository means I don't have to worry about backups
When you create a project on there you need to select a license, I chose GNU GPL v3.
By doing so, does that prevent me from selling my application on the Android market place?
It doesn't prevent you selling it, despite the license you still own the code and can issue it under whatever licenses you so desire. It does mean that anyone can take your code, compile it and install it on their Android without paying you a penny but that's probably a small portion of those who might want a good app.
No. It just means no one can distribute your software without including the source or an offer to send the source.
You should really read the license before you choose to use it...
Many people believe that the spirit of the GNU Project is that you should not charge money for distributing copies of software, or that you should charge as little as possible — just enough to cover the cost. This is a misunderstanding.
...
Distributing free software is an opportunity to raise funds for development. Don't waste it!
http://www.gnu.org/philosophy/selling.html
It doesn't prevent you from selling your app on the market or anywhere else.
However the source code must be available to everyone who bought it and you cannot prevent copying and modification.
An important thing about GPL is that there are no such thing as "end users" : you have no more rights than your users. For example they can take your app, modify (or not) it and publish it under another name as long as they include the (modified) source code. This is called "forking".
However you still own your code. It means that it you are the only developer, you can change the license of future releases. But keep in mind that switching to something more restrictive can result in forking.
To Wooble's answer I'd like to add that the GPL not only guarantees that people must (offer to) distribute the source code when distributing your program, but also that any changes they make must be compatibly licensed if they distribute the changes in compiled or source form. This latter part means that if someone else builds on your work, say by making their own app, they have to share it with the world under the same terms as you do.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 9 years ago.
Improve this question
Edit: I voted to close this question as it is off-topic. I asked it when I didn't know any better.
What's your experience distributing Android apps outside of the Android Market?
Which alternative markets an Android developer should consider? Any success/horror stories?
SlideME is worth taking a look at. My app is available on both Google's Market and SlideME. I also provide a plain download link to an APK file for people not interested in "markets".
There also are:
AppsLib http://appslib.com/ (Archos)
AndAppStore http://andappstore.com
Insyde Market http://www.insydemarket.com/
Camangi Market http://www.camangimarket.com
FileDir http://filedir.com (All apps in one place)
And probably some other..
Zedge will promote your app in Zedge Discovery Network. Registering here before the public release might give your app some buzz.
Other popular promotion and app sites: androlib.com, appbrain.com, androidpit.com and getjar.com
I have used AndAppStore and got between 1K-10K downloads for some apps. However, all those apps got much more downloads from the Android Market. I have yet to know an alternate market that produces more downloads than the official one.
AppsLib is interesting because it targets the unofficial Android tablet Archos 5 IT.
I have had decent success on a few of the alternate markets, but the total downloads of all of the alternate markets that I have seen are somewhere around 10% of the downloads on the main market. That doesn't mean that these people can't download from the main market, I just think that people like choices. I think the majority of my SlideMe purchases are from the USA, which surprised me.
I personally think that 10% is worth a little time. I also have faith that I'll eventually make the $100 minimum of SlideMe, but it could be a while.
Then Amazon came out with their app market and that is a game-changer.
Start with these:
Amazon
SlideMe.net
GetJar.net
There are DOZENS of others that I've checked out, and am in the process of blogging about. Start with the three above, however.
In my experience as of March 2013 I have found the following app stores most useful for distribution in terms of maximum downloads:
Samsung
Google Play
SlideMe
I also tried out InMobi App Publish today and did a small review here, it promises to distribute you app to 130+ store globally.
I have found Amazon, GetJar, CNet not to perform so well.