Screebl Anti-Piracy measures

[RichSmithSWM]

Is anyone else uncomfortable with the new Screebl Anti-Piracy measures? I've googled this and haven't found anything giving me details on it? And I can't find anything in the Market terms and conditions about getting a refund when an app you paid for changes what it can access on your phone. I don't want to give permisson to something that isn't explained in detail to me what it is and how it works. If this anti-piracy thing was Google suported I wouldn't have a problem with it. But I don't know who is doing the verification and feel uncomfortable with giving an app access to my Google account.

[jsh1120]

You can take a look at the details on the Screebl website.

Keyes Labs Portal

[RichSmithSWM]

I read their blurb. But it’s all about protecting the Developer and thwarting piracy. There’s nothing about protecting the legitimate customer. They don’t say exactly what it is doing to verify that you have a legitimate copy of the app. I’m guessing that it attempts to make a purchase of the product from the market. If you’ve already purchased the app there would be no charge. The problem with this is you’re authorizing an app to have access to your market account at any time to make a purchase. I could be totally wrong with this but, with no other information, I’m guessing it would be the easiest way to accomplish what they want. And, if that’s the case, I see it as a security risk. I may seem a little paranoid. I’m not a privacy fanatic. I do online banking. But I’ve been involved with PC development since 1975 and I’ve seen some really nightmarish anti-piracy protection schemes developed by some companies in the past.

By the way, I did authorize it. But I'm still concerned

[keyesdav]

Hi Rich.

Screebl's new anti-piracy features attempt to validate that a purchase was done on the Android Market. We do NOT attempt to make a purchase in your name, in fact I don't think that we would be able to do so without you being prompted for payment verification. We are simply querying the market, asking if you've purchased Screebl. Here's what the purchase validation does in a nutshell.

1. Query market (as you, this is where the usage of your credentials comes into play) asking for details on Screebl Pro. In those details is an indication of whether you have purchased the app. This is how the Android Market App on your phone determines whether to put the word "purchased" on apps that you've bought.

2. If the app was purchased, we generate an encrypted license for that application, which is good for a bit longer than 24 hours.

3. After 24 hours, if you start Screebl, the market will be consulted again. This is to handle the 24-hour refund policy that Google provides.

4. Assuming that market still says that you've purchased Screebl Pro, a permanent license is generated for Screebl, you, and your phone. The market will no longer be queried.

That's about it! If you change phones or carriers, the process will repeat until a license is generated on that phone. It really is about as painless a process as we could devise while still helping to deal with the 75% and higher piracy rates that we were seeing with Screebl Pro.

Thanks for your support.

I read their blurb. But it’s all about protecting the Developer and thwarting piracy. There’s nothing about protecting the legitimate customer. They don’t say exactly what it is doing to verify that you have a legitimate copy of the app. I’m guessing that it attempts to make a purchase of the product from the market. If you’ve already purchased the app there would be no charge. The problem with this is you’re authorizing an app to have access to your market account at any time to make a purchase. I could be totally wrong with this but, with no other information, I’m guessing it would be the easiest way to accomplish what they want. And, if that’s the case, I see it as a security risk. I may seem a little paranoid. I’m not a privacy fanatic. I do online banking. But I’ve been involved with PC development since 1975 and I’ve seen some really nightmarish anti-piracy protection schemes developed by some companies in the past.

By the way, I did authorize it. But I'm still concerned

[Romple]

Doesn't sound bad. Although DRM and software "protection" usually eventually trends towards inconveniencing the user. I'm all for unobtrusive protection though. Just please no Starforce / SecureROM nightmares on my Droids......... please.....

In the end if people really want to crack it, they inevitably will.

[RichSmithSWM]

Thanks very much keyesdav for your response. I'm feeling better now that I know what's going on in the background. It seems like a very clean way to verify. Not like the scenario I was envisioning.