backtop


Print 32 comment(s) - last by Motoman.. on Jan 4 at 1:03 PM


In yo' app catalog, cracking yo' apps!   (Source: WPCentral via YouTube)
Apparently Microsoft "ironclad" piracy protections aren't really that strong

Thus far the Windows Phone 7 platform hasn't reportedly been suffering as severely from piracy as Apple's iOS or Google's Android.  However, Microsoft may be in for a similar fate as its competitors.

In six hours, a developer advising technical blog site WPCentral was able to create an app (named "FreeMarketPlace") that downloaded any app from Microsoft's WP7 Marketplace, and removed the protections from it [video].  The cracked app could then be directly loaded on an unlocked handset, or be saved to your hard drive.

WPCentral was ardent that it would not publish details of how the hack worked, and that it only made the video as a cry to action for Microsoft.  The site comments, "We are confident Microsoft will work hard to implement a stronger DRM system, in part due to this proof-of-concept demonstration."

The site had previously laid out a plan of attack for cracking Microsoft's DRM scheme, writing that the necessary steps were to:

  • Download all the apps from the Marketplace: done (or can be done)
  • Seed those apps in a torrent for peer to peer distribution
  • Circumvent the 10 sideload app limit: done (see here)
  • Enable a disabled app: tricky, but can be done, no method to do it en masse
  • Get around code obfuscation (not mentioned by V@l€n, we'll do it for him)
  • Remove XAP security signature: needs work

That report came following the post of a white paper detailing the initial steps on the XDA site (a resource for Microsoft developers) by hacker named V@l€n.  

Keep in mind, however, without security protections properly in place, pirate programs may be unexpectedly modified to contain trojans or other malware.  

Modified apps distributed via third-party apps stores were identified this week as creating a growing Android phone botnet in China.  Thus when WP7's DRM is eventually cracked in full, beware if you're downloading pirated apps with your phone.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: ...why?
By omnicronx on 12/31/2010 9:52:32 AM , Rating: 0
I guess every single mobile OS platform is going to fail then, as they all employ some form of DRM on their app store.

Personally I don't see how MS could survive in the current mobile ecosystem without it. Developers will not take the new mobile OS seriously if it is rampant with piracy from the beginning.

Its an added security measure, and the only people that really care are those that know how to circumvent said security anyways.

Its not a terrible thing to know that what you are downloading comes from at least a semi secure source.

DRM in the current mobile space can actually help the consumer depending on the user.

While I do agree with your post if we were talking about the PC world, I don't agree one bit looking at the current mobile ecosystem.


RE: ...why?
By omnicronx on 12/31/2010 9:56:09 AM , Rating: 3
quote:
Personally I don't see how MS could survive in the current mobile ecosystem without it. Developers will not take the new mobile OS seriously if it is rampant with piracy from the beginning
And yes I know that all major platforms have all been cracked in one way or another, but perception is a powerful thing.


RE: ...why?
By Motoman on 12/31/2010 10:16:46 AM , Rating: 1
...and just to separate perception from fact...

The fact is that DRM has a 100% failure rate. If there's any "perception" on the part of anyone that DRM helps in any way, at all, then they are quite simply disturbed.


RE: ...why?
By jtesoro on 12/31/2010 12:13:55 PM , Rating: 2
I haven't checked recently, but I thought Assassin's Creed 2 hasn't been successfully pirated yet.


RE: ...why?
By inighthawki on 12/31/2010 2:13:49 PM , Rating: 2
If by '2' you actually mean '2' and not 'Brotherhood' then 'recently' must really be 'the last year' because Skidrow cracked that quite a while ago


RE: ...why?
By jtesoro on 1/1/2011 11:08:21 PM , Rating: 2
Just looked again, and it's actually April 2010 when the crack came out (not sure if that's what you meant by 'last year' given that it's still 2010 on your post).

In any case, it must've been one hell of a job to make the crack given my understanding of the DRM scheme.


RE: ...why?
By inighthawki on 1/1/2011 11:31:43 PM , Rating: 2
It's called exaggerating, but it has been quite a long time. 8 Months might not be a year, but it's still a long way away from "recently"


RE: ...why?
By foolsgambit11 on 12/31/2010 5:53:03 PM , Rating: 2
DRM isn't just about preventing IP infringement, it's also about deterring IP infringement, and in that sense, it's moderately effective. While many of the people here may be able to bypass DRM schemes to save themselves some money, the majority of the population would rather just shell out the cash to buy a product. This is especially true on closed/semi-closed/proprietary systems that receive regular updates or access a network (game consoles, mobile phones, etc.), where the necessary modifications may prevent future updates from being available, cut off access to services (like XBox Live), or brick the device. Even if that doesn't usually happen, the threat that it may at some point occur is enough to deter many.


RE: ...why?
By inighthawki on 12/31/2010 6:02:09 PM , Rating: 2
That is less to do with DRM and more to do with the effect of piracy. Everything you said is JUST as effective if the only protection against piracy was a serial and/or simple cd check. The difficulty involved in circumventing a DRM protection has little to do with the deterrent factor of what will happen if you do.


RE: ...why?
By omnicronx on 1/1/2011 2:30:23 PM , Rating: 1
Fact is a powerful word.

Will most DRM schemes eventually be cracked? Sure..

Will DRM detect many from the illicit activies in the first place? Yes..

Whether or not the DRM is a failure is hardly dependent on whether or not the scheme is bypassed.

Correlation != Causation
Nor are your vague inferences fact.


RE: ...why?
By Motoman on 1/1/2011 4:51:09 PM , Rating: 4
quote:
Will most DRM schemes eventually be cracked? Sure..


Not most. All. Every DRM scheme that has ever existed has been cracked. It is irrational to expect that there will ever be an "uncrackable" DRM scheme in the future. Remember what the definition of insanity is...

quote:
Will DRM detect many from the illicit activies in the first place? Yes..


Assuming you meant "deter" instead of detect...maybe. But on the other hand, what that DRM will deter people from doing is buying the product/service at all. It's a double-whammy for the producer...not only does the DRM not prevent piracy, but it does prevent some people from buying the product/service altogether.

quote:
Whether or not the DRM is a failure is hardly dependent on whether or not the scheme is bypassed.


...what? The purpose of DRM is to prevent piracy. If it doesn't prevent piracy, it's a failure. If it further deters would-be consumers from buying the product/service, it's a superfailure.

quote:
Correlation != Causation


First intelligent thing you've said all day. Strange that you think that there's any reason to point that out here and now, though...unless you fundamentally misunderstand what's going on.

quote:
Nor are your vague inferences fact.


Vague inferences? It is an irrefutable fact that 100% of all DRM schemes has been defeated...and therefore do not prevent piracy, which is what they're supposed to do. That's not vague, and it's not an inference. DRM does limit what the consumer can do with the product/service - that also is neither vague nor an inference. Same applies to the fact that some forms of DRM can preclude the legitimate consumer from properly using their legitimately-purchased product/service anyway...and to the fact that DRM does deter some would-be legitimate consumers from buying said product/service...and to the fact that the DRM will push some of those would-be legitimate consumers to using a pirated version instead - since it would cause them less grief to do so.

None of that is vague, and none of it is an inference. All of it is happening, right now. And that is a fact.


RE: ...why?
By Motoman on 12/31/2010 10:15:13 AM , Rating: 5
quote:
Its not a terrible thing to know that what you are downloading comes from at least a semi secure source.


That has nothing to do with whether or not it's infected with DRM. Not in the slightest.

quote:
DRM in the current mobile space can actually help the consumer depending on the user.


No it can't. Not in any way...at all. There is absolutely nothing that the consumer gains from DRM. DRM is not a guarantee of quality software...or being malware-free. It's simply a guarantee that you're going to be treated as a criminal from the get-go...just becasue you might be...but if you were, the DRM wouldn't stop you anyway. DRM only punishes legitimate consumers.

quote:
While I do agree with your post if we were talking about the PC world, I don't agree one bit looking at the current mobile ecosystem.


Then you make no sense.


RE: ...why?
By BSquared on 12/31/2010 3:06:27 PM , Rating: 2
I thought the DRM in WM/WP apps was to discourage the copying of paid programs from the marketplace to other phones/WM/WP devices. I mean, the app only runs on that device until transferred through the marketplace...don't ask me why people are worried about a DRM model that basically mirrors Steam and other popular marketplace apps.

What I'm curious is, does that proof of concept program allow downloading of apps that aren't paid for to begin with, or just strips DRM from apps you've already purchased.


RE: ...why?
By omnicronx on 1/1/2011 2:24:29 PM , Rating: 2
You are clearly focusing on a single matter, as though the only function of DRM is to stop users from pirating which is clearly not the case.

If the masses really cared about all the things you mention, then why are people on all platforms buying up mobile software like no tomorrow?

You are not the entire consumer base, so please stop pretending as though you are the voice for everyone.

As a developer I can certainly see the advantage of a completely open environment, but I also see the advantage of a partially closed environment.

And really how are you punished with DRM in the mobile space? You can't use it on more than one machine at once? Which legally you are not allowed to do anyways? Desktop DRM is far more intrusive than what we currently have in the mobile space. In fact I've only ever come across issues when I'm trying to do something I was not suppose to be doing.. (i.e was trying out a piece of software on my jailbroken device)..

So please enlighten me, who is being punished here and how? What are you not being allowed to do? Anyone who cares knows how to bypass it, anyone who does not can sit in their walled garden pretending they are safe.

The fact remains MS had little choice here, developers are not going to stay with a new platform that is not protected, even if that protection is not as great as it seems. The fact that the DRM scheme itself will eventually be infective is completely irrelevant, without it they won't be in business.

Argue for what you believe in but please, use some common sense. Like it or not, its a requirement for a new platform these days as all existing platforms have employed some form of DRM.


RE: ...why?
By Motoman on 1/1/2011 5:03:13 PM , Rating: 2
quote:
If the masses really cared about all the things you mention, then why are people on all platforms buying up mobile software like no tomorrow?


Because people are stupid and don't think their actions through. They aren't paying attention, and they're not aware of what's going on.

quote:
You are not the entire consumer base, so please stop pretending as though you are the voice for everyone.


By pointing out these issues and discussing them in a public forum, I am elucidating said issues and perhaps turning on a few light bulbs in a few otherwise dim heads. And standing up for your rights and interests as a consumer is hardly an activity that should be shunned.

quote:
And really how are you punished with DRM in the mobile space?


Even if it was just the fact that you can't get and install applications from any source you want, that's enough. Stop pretending that to discount DRM is to promote piracy...it's not. It's about taking interest in your rights and privileges as a consumer.

quote:
i.e was trying out a piece of software on my jailbroken device


orly? And why would you have a jailbroken device? Shurely you're not trying to get around some kind of DRM...

quote:
So please enlighten me, who is being punished here and how? What are you not being allowed to do?


In the specific case of mobile device DRM, as noted above even if it was only the constraint of where you can get and install an app from, that's enough. There's probably more. Therefore, the "who" is every consumer of a DRMd mobile device, and the "how" is by constraints on what they can do with the device. Like choosing where to get applications from. Just one example. Which would be enough to protest about.

quote:
Anyone who cares knows how to bypass it, anyone who does not can sit in their walled garden pretending they are safe.


It's not OK to say "those who know how can bypass it" - because you shouldn't have to be a ha><or to be be able to use your device as you desire. It's also not OK to leave the unwashed masses in their walled garden without protest...they are being treated unfairly, regardless of how nice that garden might look.

quote:
The fact remains MS had little choice here, developers are not going to stay with a new platform that is not protected, even if that protection is not as great as it seems. The fact that the DRM scheme itself will eventually be infective is completely irrelevant, without it they won't be in business.


Developers will develop for a platform that is going to be popular. Like the web. Which isn't DRMd. If MS put out a platform without DRM, developers would develop content for it. It would be refreshing for someone to finally stand up and admit that DRM is an abject failure in every way, and refuse to arbitrarily limit what their consumers can do with their devices.

quote:
Argue for what you believe in but please, use some common sense. Like it or not, its a requirement for a new platform these days as all existing platforms have employed some form of DRM.


No, not it is not a requirement for a new platform to have DRM. To assert that it is is an abject display of ignorance and/or stupidity. DRM is anti-consumer, in every way, without recourse. DRM does not benefit the producer. Developers would develop for the MS platform whether it had DRM or not. Obviously you can argue for whatever you want to...but try to pick an arguement that's not so blatantly anti-consumer and nonsensical.


RE: ...why?
By Jrouss on 1/2/2011 9:47:45 AM , Rating: 2
Most consumer don't understand that DRM exists or what it does. That said I think DRM is being reffered to in terms that are to because it encompasses every kind of DRM. I personally don't care if a program needs a key to run. I do however care that I need to be online and have my activation validated and its status revalidated every time I use the program.

I have also seen and experienced cases in which DRM has totally screwed me. One example is a Windows XP system I was working on that I had to replace some hardware. This system never activated properly after I replaced the HD because it was an OEM system, all I did was fix a computer that had a legal copy of windows. FYI I understand the OEM license limitations, it doesn't make it right though. This example actually forced me to look at ways to bypass the activation because neither Dell or Microsoft cares. Another example is when I bought music that I could never listen to because it required online authentication. This happened when I was deployed overseas and did not have easy access to the internet. Come to think of it this was also Microsoft DRM for some wma files I bought with Music Match.

I am also not okay with the fact that many DRM schemes monitor and store data about usage and in some cases location. I don't know about anyone else but, shouldn't it be no ones business when I when I listen to a song I purchased? Really when did we accept this B.S. companies get us to buy their stuff, they spy on us and sell this data and then figure out ways to sell us more stuff.

Instead of the front door example I look at it like this. I buy a lawn mower and mow my lawn. No one monitors when I start the lawn mower nor do they own a key I need to start it. Now I understand that I can't copy my lawn mower and give it to my neighbor but I just don't see how MOST commonly used DRM is good for anyone but businesses.

An article I remember this article from a few years ago discussing this issue. BTW I do not file share nor do I think piracy is right.

http://www.p2pnet.net/story/13358


"A politician stumbles over himself... Then they pick it out. They edit it. He runs the clip, and then he makes a funny face, and the whole audience has a Pavlovian response." -- Joe Scarborough on John Stewart over Jim Cramer

Related Articles













botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki