Page 1 of 2 12 LastLast
Results 1 to 10 of 35

Thread: $ Ubuntu Software Center's paid application's security. Is there any?

Hybrid View

  1. #1
    Join Date
    Aug 2009
    Beans
    296
    Distro
    Ubuntu 12.04 Precise Pangolin

    $ Ubuntu Software Center's paid application's security. Is there any?

    Sorry, I'm having trouble finding this information:

    I want to know if developers have any anti piracy security for purchased applications, which are done through 10.10's Ubuntu Software Center "For Purchase" section. In other words, once the purchased application is on someone's computer are there any deterrents in place to keep the user from freely redistributing the application?

    Thank you very much!

  2. #2
    Join Date
    Nov 2010
    Beans
    0

    Re: $ Ubuntu Software Center's paid application's security. Is there any?

    I recall Canonical announcing that the app store will have functionality for managing reinstallations when transferring purchased apps from one system to another.

    I have seen nothing about client-side DRM, and I doubt that's coming to an open platform.

    Preventing the transfer of paid software from one computer to another in violation of the license will require application logic making calls to an activation server. While the app store channel can prevent over-installation by registered accounts, there is no way it can prevent someone from accessing the binaries directly and transferring them to another machine without having some sort of kernel-level DRM.

    It's a moot point, really. There has yet to be any application or scheme which has proven resistant to the best efforts of the top level warez crews. If people want to pirate the application, then it will be pirated. The best defense against that is adding value through regular updates (be sure to update the binary), good support, and paid subscriber services.

    The best you can hope to do is prevent casual copying by limiting activated installations through app logic, and discouraging license sharing by using a key tied to a person's identity (name, email, etc).

    If you do implement some sort of key, you'll want to use asymmetric cryptography to ensure that no key generators can be built by reverse engineering the application. That forces the warez crews to re-crack each binary release.

    Honestly, the best thing you can do is prevent casual copying through application logic, and encourage sales by providing some sort of service which can't be infinitely copied by anyone with a BT client or Rapidshare account.

  3. #3
    Join Date
    Oct 2004
    Location
    Cupertino, CA
    Beans
    5,092
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: $ Ubuntu Software Center's paid application's security. Is there any?

    Currently there's no DRM-like application security system. Developers have to rely on the good will of the users to appreciate the fact that there's no DRM and show that they're responsible enough to not need any DRM.

    Personally, I'd rather have platform-wide standardized DRM managed by Canonical than every developer get paranoid and implement some DIY anti-copy method themselves. This model reminds me an awful lot of the iOS jailbroken community's "app store", and the things that developers do to ensure their paid apps aren't copied are crazy and border on privacy invasion.
    Quote Originally Posted by tuxradar
    Linux's audio architecture is more like the layers of the Earth's crust than the network model, with lower levels occasionally erupting on to the surface, causing confusion and distress, and upper layers moving to displace the underlying technology that was originally hidden

  4. #4
    Join Date
    May 2005
    Location
    US
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: $ Ubuntu Software Center's paid application's security. Is there any?

    Amazon's MP3 store has no DRM, and I think it does just fine. I know I buy almost all my music from Amazon MP3. I don't think even iTunes as DRM any more.

    I realize that's music and not applications, but piracy is for everything.

  5. #5
    Join Date
    Aug 2009
    Beans
    296
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: $ Ubuntu Software Center's paid application's security. Is there any?

    Quote Originally Posted by aysiu View Post
    Amazon's MP3 store has no DRM, and I think it does just fine. I know I buy almost all my music from Amazon MP3. I don't think even iTunes as DRM any more.

    I realize that's music and not applications, but piracy is for everything.
    Correct, which works fine if you plan on selling at a high volume at a low price, but protection would be better at low volume high-priced sales, which would be nice to see come to Ubuntu.

  6. #6
    Join Date
    Sep 2007
    Location
    Tōkyō, Japan
    Beans
    Hidden!
    Distro
    Ubuntu Development Release

    Re: $ Ubuntu Software Center's paid application's security. Is there any?

    Quote Originally Posted by Isaacgallegos View Post
    Correct, which works fine if you plan on selling at a high volume at a low price, but protection would be better at low volume high-priced sales, which would be nice to see come to Ubuntu.
    Why? All of the popular music available from Amazon is already available from various sources for free(Neatly packaged by album and/or artist), and so will all of the popular applications from the USC, DRM or not.

    I would feel better about buying stuff from the USC without DRM.
    Last edited by NCLI; November 20th, 2010 at 09:30 PM.

  7. #7
    Join Date
    Aug 2009
    Beans
    296
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: $ Ubuntu Software Center's paid application's security. Is there any?

    Quote Originally Posted by czr114 View Post
    It's a moot point, really. There has yet to be any application or scheme which has proven resistant to the best efforts of the top level warez crews.
    Of course not, but having some level of built-in default deterrent, which sounds like a great idea, will be an added incentive to providers.

    Quote Originally Posted by jdong View Post
    Personally, I'd rather have platform-wide standardized DRM managed by Canonical than every developer get paranoid and implement some DIY anti-copy method themselves.
    And it would mean less development and resources required by the app developer to protect the product.

    Oh well.. 11.04 maybe...

  8. #8
    Join Date
    Nov 2010
    Beans
    0

    Re: $ Ubuntu Software Center's paid application's security. Is there any?

    Quote Originally Posted by Isaacgallegos View Post
    Of course not, but having some level of built-in default deterrent, which sounds like a great idea, will be an added incentive to providers.
    The operative question must be "who is deterred?"

    If the goal is to deter the application from making it into pirate ecosystem, then that effort will fail. If the app is good enough to catch the attention of the warez crews, then it will be cracked.

    The only realistic chance to avoid lost sales is something which keeps a casual user from tarring up the install directory and sending it to a friend. That's going to require application logic binding the software to the hardware, in the absence of a DRM framework.

    Application-specific logic is the best answer. The problem with providing one hardware activation API is that crackers need only provide one loader or OS patch.


    Quote Originally Posted by jdong View Post
    Personally, I'd rather have platform-wide standardized DRM managed by Canonical than every developer get paranoid and implement some DIY anti-copy method themselves. This model reminds me an awful lot of the iOS jailbroken community's "app store", and the things that developers do to ensure their paid apps aren't copied are crazy and border on privacy invasion.
    Platform wide DRM will completely kill goodwill among the FOSS community. Short of wholesale for-profit GPL violations, there isn't anything worse which could be done.

    The problem with DRM is that it must be implemented at the kernel level to even stand a chance of being effective. Add-in modules won't work as they are too easily cracked.

    The open nature of the kernel ensures that anyone who needs to break the DRM can build a kernel free of DRM pollution.

    With all that code being open anyway, the DRM would be quickly rendered moot among anyone who has the intent to commit piracy. It will be the legitimate buyers and those not even in the market who are crippled by the DRM and offended by having their system locked down by an external agent.

    If Canonical wants to go down that road, a defective by design campaign will surely follow.

    Part of the point of open software is that it is resistant to lockouts and control of users by publishers.

    It's one thing to implement code which restricts the number of complimentary re-downloads of a paid application. It's another to make Ubuntu systems serve an external master.

  9. #9
    Join Date
    Jan 2008
    Beans
    588
    Distro
    Xubuntu 12.04 Precise Pangolin

    Re: $ Ubuntu Software Center's paid application's security. Is there any?

    When it was announced that yahoo would be the default search in Firefox, people were up in arms -- it was the worst corporate shilling ever, and people were ready to leave Ubuntu for good over it. With the proposed move to Unity as the default desktop, people are up in arms. It is the worst corporate shilling and people are ready to leave Ubuntu for ever over it.

    Now, were having a mature discussion about the merits and plausibility of implementing kernel-level drm, and no one has threatened to leave Ubuntu over it yet? What's with people -- this is actually an issue!

    Well, I'll throw my toys out of the pram. I'll leave Ubuntu, and GNU/Linux over this. I'll get me of of those 'Difference Engines' or something...
    'I know lifes a bummer baby, But thats got precious little to do with me' - Monster Magnet

  10. #10
    Join Date
    Sep 2007
    Location
    Tōkyō, Japan
    Beans
    Hidden!
    Distro
    Ubuntu Development Release

    Re: $ Ubuntu Software Center's paid application's security. Is there any?

    As jdong said, there is currently no DRM system in place in the USC. It is definitely something Canonical is looking at, as I recall it being mentioned before, but it is not currently on the Ubuntu Software Center roadmap.

    Personally, I think it's a waste of time. All DRM methods are eventually broken, even methods engineered by huge corporations such as Sony and Microsoft, this won't be any different.

    I know they're going to do it anyway, because it will attract more developers, but it will really just be for show.
    Last edited by NCLI; November 20th, 2010 at 09:15 PM.

Page 1 of 2 12 LastLast

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •