Featured post

Free Online Money Earning, no investment required

If you are trying to earn money online & need only small extra income less than $200 (Rs.12,000) then PTC sites are the best way to st...

Jelly Bean App Encryption Breaks Thousands Of Apps In The Play Store - Google Disables DRM For Now

2012-07-31_04h06_58Piracy is a major issue for Android, and even more so for Android developers, which is why Jelly Bean introduced App Encryption. But this may be a case of the cure being worse than the disease: hundreds of developers of paid apps have chimed in on a Google Code thread, claiming that the encryption (or more accurately, the location of installed and encrypted apps from the Google Play Store) makes their apps entirely unusable, as account information and other stored data is removed after a device reboot. As a result, Google has apparently disabled the security feature for the Play Store on Jelly Bean devices.
The issue stemmed from the location of paid apps when using Jelly Bean. When users downloaded a paid app it was installed to an encrypted folder at /mnt/asec, instead of the normal /data/app folder. The purpose of this was to create a per-device encryption key, making the relatively easy piracy on earlier versions of Android obsolete. Unfortunately, some or all apps that register with the Android Account Manager (basically anything that relies on a secure and readily accessible credential) had their stored information wiped after a device reboot. Paid widgets and themes were also reset upon reboot.
The precise source of the bug hasn't been nailed down, though many developers seem to think that the Account Manager simply isn't equipped to deal with the new app location, and that cached information was being inadvertently wiped before the device turned off. Before Google disabled the encryption feature in the Jelly Bean version of the Play Store, developers found a work-around using secondary authentication apps, or simply instructing their users to download apps from theAmazon Appstore or other alternatives. This method essentially side-loaded the paid apps, which put them back in the /data/app directory. The issue has not affected any devices below Android version 4.1.1.
While the issue has been resolved after a fashion, the developers affected are feeling a sizeable communication rift between the Android community and Google. According to the thread, Google was aware of the issue with encrypted apps since mid-July at least - well before the Jelly Bean update was sent out to Nexus S owners. A handful of issue reports have been merged into the issue page on Google Code, and it's still marked as a medium priority problem slated for repair in a future release of Android. That's little comfort to developers who want both a modicum of piracy protection in the Play Store and functioning apps. 


Post a Comment

About Me

My photo

Hard work never goes out of style.
Androite XDA. Powered by Blogger.