Cocoaheads Ireland and Northern Ireland
What to do about this?
Replies to This Discussion
-
Permalink Reply by Damian OSuilleabhain on -
Bad form on Philip's part. I think we should have a procedure for this. I propose the following;
-
Permalink Reply by Paul Reilly on -
That would seriously piss me off.
The problem is there is zero protection for data held within the bundle. Anyone can unzip the .ipa
and extract your graphics, audio, media files, databases etc. I was thinking of implementing my own
encryption scheme to encode my bundle data, but it is on the back burner. I would be interested in a
community project along these lines, because apple so far has done nothing to protect IP within the bundle.
-
Permalink Reply by Vinny Coyne on -
That sucks, Padraig. I hope you guys can come to some agreement over this.
I see some comments where people are suggesting encrypting the SQLite database and hardcoding a key. Is this possible?
I'm working on an app with a sizeable database of unique info and I'm worried that the same might happen to it when it hits the store. Any tips on how to do this?
-
Permalink Reply by Damian OSuilleabhain on
-
You should have a look at SQLCipher. Sounds like just what you need.
http://www.mobileorchard.com/interview-transparent-encryption-of-ip...
Vinny Coyne said:That sucks, Padraig. I hope you guys can come to some agreement over this. I see some comments where people are suggesting encrypting the SQLite database and hardcoding a key. Is this possible?
I'm working on an app with a sizeable database of unique info and I'm worried that the same might happen to it when it hits the store. Any tips on how to do this?
-
Permalink Reply by Padraig Kennedy on -
I don't want to jinx it, but we're pretty close to an agreement, so I hope we can put it all behind us soon.
The encryption thing is a funny one. It's possible, but:
1) By this line of thinking, you should encrypt all your resources, but you can't reasonably decrypt a large amount of data every time the app runs or it'll be slow as shit.
2) It's totally hackable since the key will have to be in your binary.
Still, it might discourage the casual hacker from just having a look.
-
Permalink Reply by Padraig Kennedy on
-
If you have an obvious case though Apple will take them off the store, so that's probably a better solution.
-
Permalink Reply by Vinny Coyne on
-
Cheers, Damo! :)
Damian OSuilleabhain said:You should have a look at SQLCipher. Sounds like just what you need.
http://www.mobileorchard.com/interview-transparent-encryption-of-ip...
Vinny Coyne said:That sucks, Padraig. I hope you guys can come to some agreement over this. I see some comments where people are suggesting encrypting the SQLite database and hardcoding a key. Is this possible?
I'm working on an app with a sizeable database of unique info and I'm worried that the same might happen to it when it hits the store. Any tips on how to do this?
-
Permalink Reply by Matt Johnston on -
Padraig Kennedy said:If you have an obvious case though Apple will take them off the store, so that's probably a better solution.
The problem being that someone who copies you can raise an objection and have YOU taken off the store.
This sort of thing can get very dirty.
-
Permalink Reply by Matt Johnston on
-
If you want to obscure and hide your data, obviously you'd hide your handy 'importantdata.db' file as 'littleicon.png' - or at least that's what I would do if I was trying to hide data (like, for instance, I'd taken it from somewhere else).
Rather than hashing the data with a key which will slow it down, is it possible to seed it with some incorrect data items and tell the algorithm to ignore those data items?
-
Permalink Reply by Padraig Kennedy on
-
I guess my feeling on this is the same as what everyone's been saying about piracy: There's no quick, perfect solution, so put all your effort into making a great app.
If you are going down this road, I think you have to weigh up each app and it's data individually as well: In my case it probably would have been feasible to encrypt / decrypt key parts to at least make the hacking difficult. Another app might make extensive use of images or audio that could just as easily be ripped off. What's the solution for them?
One attitude I've seen, that sucks, but still holds some weight is to act as if it's the wild west. Focus on what can't easily be copied: a great UI for example. In my case, the app was very basic (hey it was my first!) but if I had made a totally kick ass app, being ripped off wouldn't have affected sales much. Someone has since released a completely free app, making the whole discussion irrelevant (in terms of money at least).
But I don't like that attitude — it blames the victim. And we're not in the wild west.
If you're making real money out of your app, and someone rips you off, the legal route is completely feasible. There's even an EU directive that basically says that it can't be excessively expensive for someone to protect their IP. Outside of that, Apple _will_ take the culprit off the store if you've got a good case.
I'd argue that it isn't a tech problem, so don't try to solve it that way.
-
Permalink Reply by Padraig Kennedy on
-
Matt Johnston said:Padraig Kennedy said:If you have an obvious case though Apple will take them off the store, so that's probably a better solution.
The problem being that someone who copies you can raise an objection and have YOU taken off the store.
This sort of thing can get very dirty.
Ouch, that would be awful. Has it happened to anyone?
I'm sure Apple has a full archive of the apps uploaded along with dates etc.. so they could easily avoid it by checking who was first.
© 2013 Created by Matt Johnston.
Powered by
