Uh, it's Apples money being stolen, as well as developers.
That's the same like saying just because some guys downloaded few movies from torrent sites movie companies lost money. They showed by downloading that they are not willing to pay. Same here.
BS! There are several legitimate reason to jailbreak our phones.
Themes, changes in the UI, (previously personal hotspots), etc.
I hate the idea of piracy and think people who steal games should be severly punished! At the same time I am amused that people care about their high scores this much.
Again...PAY for your damned games you freaking thieves!!
I find it funny that you are so opposed to stealing software, but seem to be ok with breaking your terms of agreement for your wireless carrier via jail breaking for MyWi.. I understand your argument that it wasn't available as an option, however this still doesn't make it less of you breaching your terms of service. If I operated a network and didn't think it could handle 2 million people tethering multiple devices over it, and I chose to not offer it to preserve the network that doesn't give you license to circumvent it.
I'm not trying to flame you, and I applaud your honesty in software. Just pointing out that you may be overlooking this conviction in other areas.
Now about this whole thing with the piracy, I completely agree that Apple should (and likely is) take action not only against those that provide means to accomplish the piracy, but ALSO the INDIVIDUALS who are pirating. As others have pointed out there are definitely ways to monitor and flag pirated copies of games. 1st is that the iOS model has DRM built in when the game is submitted via iTunes connect. So a pirated copy of an app will have this stripped (which only will work on a jail-broken device) or people are hacking it and resigning the app (which could work on non-jailbroken devices) either way the checksum will not match what is on the iTunes servers, and likely the file size will be off slightly. These are 2 quick ways to immediately tell that an app is pirated. Apple should be using the fact that many people with jailbroken devices do pirate app's, however they also are connected to an AppleID somehow, either via some legitimate app purchases, or just being signed in to an Apple ID. Apple should (and may be) logging Apple ID's that are using pirated app's. Apple surely can see this and likely already log's this, as they originally used this argument when trying to fight the legality of jail breaking. They should on the other hand hold INDIVIDUALS responsible for their actions and at a minimum provide support to developers with any information such as AppleID's that have used altered copies of a developers app so they may subpoena and press charges against individuals who have pirated their software. Or seek to collect the cost of said app plus court costs. It wouldn't take very long to drastically slow down piracy when these "casual pirates" realize they stole $.99 and now have to pay $.99 plus $1000 in legal costs.
I think this guy asking for pirates to lose functionality of GameCenter is laughable, He should be asking for apple to use the connection of GameCenter to compare checksums to log GameCenter ID's as well as AppleID's that are associated with it if they are using a modified copy of the game. The vast majority of people who pirate any type of digital media (software, music, movies, etc) are not intelligent enough to do so alone. This is why large entities choose to focus on the "enablers" rather than the individuals. Without hackers making tools to break DVD encryption and rip a DVD, 99% of DVD rip's wouldn't be happening. This approach however has had limited success in stopping digital media pirating. Look at the Music industry, the RIAA fought, and sued, and attacked the file sharing networks... They won, and some of those systems looked to change into a legitimate business model, like Napster, etc.. however there is still rampant theft of digital music. This is because some other group will use what was already done to continue pirating even though the system you sued and won against ceases to exist. That approach also doesn't address these "enablers" to move their system to another country that doesn't have the same laws. If you start holding accountable the INDIVIDUALS who are ultimately responsible for choosing to steal fewer people would continue to engage in this behavior. This would be like busting a drug deal, the dealer who has lots of drugs, is making drugs, etc getting arrested, but the individuals who are using the drugs don't get charged with possession.
Again Lamewing, didn't mean to flame you. It just struck me as amusing that you mentioned all very legitimate reasons for jail breaking, and then put that in (). This suggests to me that now that it's an option you are paying for it and using it. It's interesting to see where the lines get drawn in peoples minds.
Possibly, I can say this: among the people I know personally who jailbreak (5) not a single one of them did so to pirate apps, maybe it's an age thing, my group is late 20s and early 30s.
To be honest if I were in my late teens or early 20s I'd probably be pirating apps like crazy... (broke college student)
I suppose growing up and having a good paying job changes your perspective on things
...which will be bypassed by a cracker in about the time it takes the programmer to type those 3 lines of code in.
I don't think you understand how a checksum works. it's not preventing it from being cracked. Any change in the file, i.e. to crack it by changing those lines of code, will alter the hash. Thus allowing you to know it is an altered copy. Yes they will still be able to crack the app's DRM but this will end up with a different hash and could be used to log AppleID's using altered apps. This is also likely how developers are seeing piracy, but without apple's support to tie AppleID customer info to the offending pirate they really don't have much control over how it is addressed.
So a pirated copy of an app will have this stripped (which only will work on a jail-broken device) or people are hacking it and resigning the app (which could work on non-jailbroken devices) either way the checksum will not match what is on the iTunes servers, and likely the file size will be off slightly.
But once you're jailbroken there is nothing to stop you modifying the OS to no longer report the true checksum & filesize, but instead report a spoofed checksum & filesize.
OS level DRM only works when the OS can't be hacked itself.
Quote:
They should on the other hand hold INDIVIDUALS responsible for their actions and at a minimum provide support to developers with any information such as AppleID's that have used altered copies of a developers app so they may subpoena and press charges against individuals who have pirated their software. Or seek to collect the cost of said app plus court costs.
Why would apple want to annoy tens of thousands of consumers who bought their products, and accrue hugely bad PR when the benefits are primarily to app developers who face a substantially worse situation on the competing platform? Apple has seen how well this sort of thing played for the record industry and movie industry, they want no part in suing their customers.
That's the same like saying just because some guys downloaded few movies from torrent sites movie companies lost money. They showed by downloading that they are not willing to pay. Same here.
This is the most ignorant argument I've ever seen. Yes that is the same. Yes that is also stealing and taking money away from the studio's, producers, actors, writers, etc. (everyone involved in creating said movies). Just because they are not willing to pay doesn't give them license to not pay. They do have a choice, not pay -> don't watch & enjoy movie, pay -> watch and enjoy movie. Just because you are not willing to pay for something does not give you the right to use it without paying for it.
'That's the same like saying just because I come shoot you with my gun your parents lost their life. I showed by shooting you that I am not willing to have you on this earth. Same here.'
So, you would be ok with a scenario where everytime an App launched, you had to input your iTunes account credentials so it could verify that you own the App?
You are confusing inventing a new DRM system with avoiding cracked apps making their way into gamecenter, which this article is about.
But once you're jailbroken there is nothing to stop you modifying the OS to no longer report the true checksum & filesize, but instead report a spoofed checksum & filesize.
OS level DRM only works when the OS can't be hacked itself.
Kinda true, but again, I think the concept might be misunderstood here.
"An illustration of the potential use of a cryptographic hash is as follows: Alice poses a tough math problem to Bob, and claims she has solved it. Bob would like to try it himself, but would yet like to be sure that Alice is not bluffing. Therefore, Alice writes down her solution, appends a random nonce, computes its hash and tells Bob the hash value (whilst keeping the solution and nonce secret). This way, when Bob comes up with the solution himself a few days later, Alice can prove that she had the solution earlier by revealing the nonce to Bob. (This is an example of a simple commitment scheme; in actual practice, Alice and Bob will often be computer programs, and the secret would be something less easily spoofed than a claimed puzzle solution)."
This also introduces another concept that is often used which is the idea of a public & private key pair. The public key being the solution to the problem, and the private key being the nonce Alice added. It would be rather hard to "spoof" a hash that would match the hash on the iTunes server without having the developers unique private key certificate.
A pirated app is merely an app that has gone through the wringer and had the DRM layer removed from the binary. The binary as an executable is exactly the same as it was when the developer sent it away.
In order to remove these "3 lines" or whatever they put in there to detect it, they would have to decompile the code, find it, remove it, recompile it, repackage it and everything.
You don't have to decompile squat. The value that is compared to is stored in the binary itself. Find it and update it to match the cracked version.
Or, update the binary to jump past the check.
Or, update the binary to do the check, but not jump when a error is detected.
These are all gross simplifications, but not by much. They represent some of the options that a cracker has when dealing with a "3 lines of code value check".
I don't think you understand how a checksum works. it's not preventing it from being cracked. Any change in the file, i.e. to crack it by changing those lines of code, will alter the hash. Thus allowing you to know it is an altered copy. Yes they will still be able to crack the app's DRM but this will end up with a different hash and could be used to log AppleID's using altered apps. This is also likely how developers are seeing piracy, but without apple's support to tie AppleID customer info to the offending pirate they really don't have much control over how it is addressed.
I don't think you understand what was originally posted.
The "simple 3 lines of code" check that was suggested is something along the lines of:
if (x != y) {
piratedCopy();
}
I'm saying that it is a trivial process to update the binary itself so that "y" is whatever you need it to be.
Does that mean that there are not other options? Absolutely not. I'm saying that it ultimately is not as simple as doing a basic comparison to take action against pirated apps.
They just need to check the AppleID as it logs into Game Centre and see if the game was purchased by that account. If it wasn't then don't allow them to access it in Game Centre.
I would have assumed they were already doing this since Game Centre seems to know what apps I have, but I guess it's just checking what's present on the device at the moment.
But that is more restrictive than Apple's Terms of Service. Apple allows person 1 to buy an app and put it on all the iDevices in the family (up to 10). However, each of those folks can have their own Game Center account.
Thus, the number of folks registering for Game Center for a given app can be up to 10x higher than the number of paid copies with 0% piracy.
This is the most ignorant argument I've ever seen. Yes that is the same. Yes that is also stealing and taking money away from the studio's, producers, actors, writers, etc. (everyone involved in creating said movies). Just because they are not willing to pay doesn't give them license to not pay. They do have a choice, not pay -> don't watch & enjoy movie, pay -> watch and enjoy movie. Just because you are not willing to pay for something does not give you the right to use it without paying for it.
'That's the same like saying just because I come shoot you with my gun your parents lost their life. I showed by shooting you that I am not willing to have you on this earth. Same here.'
What a truly stupid argument.
Nothing stupid about it. There are people that will never buy a movie or an app and saying that studios or devs lost money doesn't change much.
Why would that be necessary? Couldn't the device just store those credentials and just verify them against the purchase record when an app connects to the network?
I don't see how verifying with the app store records is the same as having to type in the account password.
That doesn't explain a ten to one ratio. For that to happen legally, the users of that app would have to install it ON AVERAGE on ten devices each. Meaning if there's a guy who only installs on one, someone else has to be installing it on twenty. If you believe that's what's actually happening, you're living in a delusional fantasy. Maybe there's some other explanation besides piracy that gets the numbers that high, but multiple installs ain't it.
I have 4 devices in my household all sharing a single Apple ID as far as purchasing and using apps. not sure if setup a different GameCenter ID for the kid or not - may have to look at that.
It's obvious you can't use the GCID to identify pirate copies. But what about this hypothetical scenario...
Account PurchaseAccount used to buy the game.
Accounts PlayAccount1 through 5 used in Gamecenter.
What if the app stored the account used to purchase on any devices it's loaded onto?
Game runs and connects to GC with PlayAccount1. But at the same time it also checks to make sure PurchaseAccount actually bought the game. If it doesn't check out, it blocks GC.
It seems like this sort of thing could work with any app that needs to connect to a server on the developer side - if the server refuses to connect and provide data necessary to run the app, how would that be hacked around? Again, this obviously wouldn't work for apps that don't require a network connection or connect with sites not affiliated with the developer of the app.
Would something like that work or am I missing something?
What really blows my mind is the sheer number of pirated apps on mobile phones. You see, something like Photoshop I can understand. It's expensive. Most people pirating it would never have been able to justify the purchase as they only want to play around. Adobe probably isn't losing much.
But mobile apps? This many people pirate something that costs $.99? How the hell can they justify that? It's cheap. Really cheap. Buy it or do without, or deal with ads. Criminy.
Comments
Lastly, I've been jailbreaking my iOS devices for the past 3.5 years and in that time have never pirated an app.
And people like you are in the minority here.
Again, it's not Apple's responsibility.
Uh, it's Apples money being stolen, as well as developers.
Uh, it's Apples money being stolen, as well as developers.
That's the same like saying just because some guys downloaded few movies from torrent sites movie companies lost money. They showed by downloading that they are not willing to pay. Same here.
BS! There are several legitimate reason to jailbreak our phones.
Themes, changes in the UI, (previously personal hotspots), etc.
I hate the idea of piracy and think people who steal games should be severly punished! At the same time I am amused that people care about their high scores this much.
Again...PAY for your damned games you freaking thieves!!
I'm not trying to flame you, and I applaud your honesty in software. Just pointing out that you may be overlooking this conviction in other areas.
Now about this whole thing with the piracy, I completely agree that Apple should (and likely is) take action not only against those that provide means to accomplish the piracy, but ALSO the INDIVIDUALS who are pirating. As others have pointed out there are definitely ways to monitor and flag pirated copies of games. 1st is that the iOS model has DRM built in when the game is submitted via iTunes connect. So a pirated copy of an app will have this stripped (which only will work on a jail-broken device) or people are hacking it and resigning the app (which could work on non-jailbroken devices) either way the checksum will not match what is on the iTunes servers, and likely the file size will be off slightly. These are 2 quick ways to immediately tell that an app is pirated. Apple should be using the fact that many people with jailbroken devices do pirate app's, however they also are connected to an AppleID somehow, either via some legitimate app purchases, or just being signed in to an Apple ID. Apple should (and may be) logging Apple ID's that are using pirated app's. Apple surely can see this and likely already log's this, as they originally used this argument when trying to fight the legality of jail breaking. They should on the other hand hold INDIVIDUALS responsible for their actions and at a minimum provide support to developers with any information such as AppleID's that have used altered copies of a developers app so they may subpoena and press charges against individuals who have pirated their software. Or seek to collect the cost of said app plus court costs. It wouldn't take very long to drastically slow down piracy when these "casual pirates" realize they stole $.99 and now have to pay $.99 plus $1000 in legal costs.
I think this guy asking for pirates to lose functionality of GameCenter is laughable, He should be asking for apple to use the connection of GameCenter to compare checksums to log GameCenter ID's as well as AppleID's that are associated with it if they are using a modified copy of the game. The vast majority of people who pirate any type of digital media (software, music, movies, etc) are not intelligent enough to do so alone. This is why large entities choose to focus on the "enablers" rather than the individuals. Without hackers making tools to break DVD encryption and rip a DVD, 99% of DVD rip's wouldn't be happening. This approach however has had limited success in stopping digital media pirating. Look at the Music industry, the RIAA fought, and sued, and attacked the file sharing networks... They won, and some of those systems looked to change into a legitimate business model, like Napster, etc.. however there is still rampant theft of digital music. This is because some other group will use what was already done to continue pirating even though the system you sued and won against ceases to exist. That approach also doesn't address these "enablers" to move their system to another country that doesn't have the same laws. If you start holding accountable the INDIVIDUALS who are ultimately responsible for choosing to steal fewer people would continue to engage in this behavior. This would be like busting a drug deal, the dealer who has lots of drugs, is making drugs, etc getting arrested, but the individuals who are using the drugs don't get charged with possession.
Again Lamewing, didn't mean to flame you. It just struck me as amusing that you mentioned all very legitimate reasons for jail breaking, and then put that in (). This suggests to me that now that it's an option you are paying for it and using it. It's interesting to see where the lines get drawn in peoples minds.
And people like you are in the minority here.
Possibly, I can say this: among the people I know personally who jailbreak (5) not a single one of them did so to pirate apps, maybe it's an age thing, my group is late 20s and early 30s.
To be honest if I were in my late teens or early 20s I'd probably be pirating apps like crazy... (broke college student)
I suppose growing up and having a good paying job changes your perspective on things
...which will be bypassed by a cracker in about the time it takes the programmer to type those 3 lines of code in.
I don't think you understand how a checksum works. it's not preventing it from being cracked. Any change in the file, i.e. to crack it by changing those lines of code, will alter the hash. Thus allowing you to know it is an altered copy. Yes they will still be able to crack the app's DRM but this will end up with a different hash and could be used to log AppleID's using altered apps. This is also likely how developers are seeing piracy, but without apple's support to tie AppleID customer info to the offending pirate they really don't have much control over how it is addressed.
So a pirated copy of an app will have this stripped (which only will work on a jail-broken device) or people are hacking it and resigning the app (which could work on non-jailbroken devices) either way the checksum will not match what is on the iTunes servers, and likely the file size will be off slightly.
But once you're jailbroken there is nothing to stop you modifying the OS to no longer report the true checksum & filesize, but instead report a spoofed checksum & filesize.
OS level DRM only works when the OS can't be hacked itself.
They should on the other hand hold INDIVIDUALS responsible for their actions and at a minimum provide support to developers with any information such as AppleID's that have used altered copies of a developers app so they may subpoena and press charges against individuals who have pirated their software. Or seek to collect the cost of said app plus court costs.
Why would apple want to annoy tens of thousands of consumers who bought their products, and accrue hugely bad PR when the benefits are primarily to app developers who face a substantially worse situation on the competing platform? Apple has seen how well this sort of thing played for the record industry and movie industry, they want no part in suing their customers.
That's the same like saying just because some guys downloaded few movies from torrent sites movie companies lost money. They showed by downloading that they are not willing to pay. Same here.
This is the most ignorant argument I've ever seen. Yes that is the same. Yes that is also stealing and taking money away from the studio's, producers, actors, writers, etc. (everyone involved in creating said movies). Just because they are not willing to pay doesn't give them license to not pay. They do have a choice, not pay -> don't watch & enjoy movie, pay -> watch and enjoy movie. Just because you are not willing to pay for something does not give you the right to use it without paying for it.
'That's the same like saying just because I come shoot you with my gun your parents lost their life. I showed by shooting you that I am not willing to have you on this earth. Same here.'
What a truly stupid argument.
So, you would be ok with a scenario where everytime an App launched, you had to input your iTunes account credentials so it could verify that you own the App?
You are confusing inventing a new DRM system with avoiding cracked apps making their way into gamecenter, which this article is about.
But once you're jailbroken there is nothing to stop you modifying the OS to no longer report the true checksum & filesize, but instead report a spoofed checksum & filesize.
OS level DRM only works when the OS can't be hacked itself.
Kinda true, but again, I think the concept might be misunderstood here.
"An illustration of the potential use of a cryptographic hash is as follows: Alice poses a tough math problem to Bob, and claims she has solved it. Bob would like to try it himself, but would yet like to be sure that Alice is not bluffing. Therefore, Alice writes down her solution, appends a random nonce, computes its hash and tells Bob the hash value (whilst keeping the solution and nonce secret). This way, when Bob comes up with the solution himself a few days later, Alice can prove that she had the solution earlier by revealing the nonce to Bob. (This is an example of a simple commitment scheme; in actual practice, Alice and Bob will often be computer programs, and the secret would be something less easily spoofed than a claimed puzzle solution)."
Source: http://en.wikipedia.org/wiki/Cryptog..._hash_function
This also introduces another concept that is often used which is the idea of a public & private key pair. The public key being the solution to the problem, and the private key being the nonce Alice added. It would be rather hard to "spoof" a hash that would match the hash on the iTunes server without having the developers unique private key certificate.
A pirated app is merely an app that has gone through the wringer and had the DRM layer removed from the binary. The binary as an executable is exactly the same as it was when the developer sent it away.
In order to remove these "3 lines" or whatever they put in there to detect it, they would have to decompile the code, find it, remove it, recompile it, repackage it and everything.
You don't have to decompile squat. The value that is compared to is stored in the binary itself. Find it and update it to match the cracked version.
Or, update the binary to jump past the check.
Or, update the binary to do the check, but not jump when a error is detected.
These are all gross simplifications, but not by much. They represent some of the options that a cracker has when dealing with a "3 lines of code value check".
I don't think you understand how a checksum works. it's not preventing it from being cracked. Any change in the file, i.e. to crack it by changing those lines of code, will alter the hash. Thus allowing you to know it is an altered copy. Yes they will still be able to crack the app's DRM but this will end up with a different hash and could be used to log AppleID's using altered apps. This is also likely how developers are seeing piracy, but without apple's support to tie AppleID customer info to the offending pirate they really don't have much control over how it is addressed.
I don't think you understand what was originally posted.
The "simple 3 lines of code" check that was suggested is something along the lines of:
if (x != y) {
piratedCopy();
}
I'm saying that it is a trivial process to update the binary itself so that "y" is whatever you need it to be.
Does that mean that there are not other options? Absolutely not. I'm saying that it ultimately is not as simple as doing a basic comparison to take action against pirated apps.
It doesn't even require DRM per se.
They just need to check the AppleID as it logs into Game Centre and see if the game was purchased by that account. If it wasn't then don't allow them to access it in Game Centre.
I would have assumed they were already doing this since Game Centre seems to know what apps I have, but I guess it's just checking what's present on the device at the moment.
But that is more restrictive than Apple's Terms of Service. Apple allows person 1 to buy an app and put it on all the iDevices in the family (up to 10). However, each of those folks can have their own Game Center account.
Thus, the number of folks registering for Game Center for a given app can be up to 10x higher than the number of paid copies with 0% piracy.
This is the most ignorant argument I've ever seen. Yes that is the same. Yes that is also stealing and taking money away from the studio's, producers, actors, writers, etc. (everyone involved in creating said movies). Just because they are not willing to pay doesn't give them license to not pay. They do have a choice, not pay -> don't watch & enjoy movie, pay -> watch and enjoy movie. Just because you are not willing to pay for something does not give you the right to use it without paying for it.
'That's the same like saying just because I come shoot you with my gun your parents lost their life. I showed by shooting you that I am not willing to have you on this earth. Same here.'
What a truly stupid argument.
Nothing stupid about it. There are people that will never buy a movie or an app and saying that studios or devs lost money doesn't change much.
Why would that be necessary? Couldn't the device just store those credentials and just verify them against the purchase record when an app connects to the network?
I don't see how verifying with the app store records is the same as having to type in the account password.
That doesn't explain a ten to one ratio. For that to happen legally, the users of that app would have to install it ON AVERAGE on ten devices each. Meaning if there's a guy who only installs on one, someone else has to be installing it on twenty. If you believe that's what's actually happening, you're living in a delusional fantasy. Maybe there's some other explanation besides piracy that gets the numbers that high, but multiple installs ain't it.
I have 4 devices in my household all sharing a single Apple ID as far as purchasing and using apps. not sure if setup a different GameCenter ID for the kid or not - may have to look at that.
Account PurchaseAccount used to buy the game.
Accounts PlayAccount1 through 5 used in Gamecenter.
What if the app stored the account used to purchase on any devices it's loaded onto?
Game runs and connects to GC with PlayAccount1. But at the same time it also checks to make sure PurchaseAccount actually bought the game. If it doesn't check out, it blocks GC.
It seems like this sort of thing could work with any app that needs to connect to a server on the developer side - if the server refuses to connect and provide data necessary to run the app, how would that be hacked around? Again, this obviously wouldn't work for apps that don't require a network connection or connect with sites not affiliated with the developer of the app.
Would something like that work or am I missing something?
But mobile apps? This many people pirate something that costs $.99? How the hell can they justify that? It's cheap. Really cheap. Buy it or do without, or deal with ads. Criminy.