permaculture playing cards*
The moose likes Java Micro Edition and the fly likes Forward Lock problem Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Mobile » Java Micro Edition
Bookmark "Forward Lock problem" Watch "Forward Lock problem" New topic
Author

Forward Lock problem

Arnab Sen
Greenhorn

Joined: Dec 25, 2003
Posts: 20
Hi,

If I am developing games or applications for different phones like Nokia, Siemens, Ericsson, how can I ensure that the users who download my MIDlet (after making proper payment), do not forward the JAR and JAD to others ?

Nokia and Ericson have something called DRM packager, which can do what I require. But the files generated are of the type .dm and JAR. As a result, only DRM enabled phones (which are only the new phones) can take advantage of this.

In addition, Siemens do not have any such DRM tool at all. (I think)

So how do all these developers ensure forward lock i.e. legitimate users cannot forward the JAR and JAD to other users or even if they can, it should not work on phones who have not made their payments.

Any advice ?

Regards,
Arnab
William Frantz
Ranch Hand

Joined: Dec 08, 2004
Posts: 102
There's no universal answer to this question. You can only make it difficult, not impossible, for pirates.

Somebody could always use an emulator to masquerade as a phone and download your JAR. Once on a PC, they could hack away at any security you put in place.

Your best bet is to leverage some kind of partnership with a carrier. You need to make sure that your application is only being downloaded by a real handset. That means some type of challenge/response encryption system.

Alternatively, you can try embedded an on-line activation proceedure for your programs. When the MIDlet starts up it should send a serial number to your server that authorizes the program to run. If you get duplicate serial numbers, don't authorize the application. This is basically what Microsoft does now-a-days with their registration system.

It's still not bullet-proof by any means, but it's that much harder to crack.

You should also realize that most phones can not simply "forward" an application to another phone. In fact, I have yet to see any phone that can do that. Simply doing some basic checks to see if your program is being sent to a real phone is probably sufficient for most publishers.

William Frantz
http://sprintdevelopers.com
[ February 07, 2005: Message edited by: William Frantz ]
Arnab Sen
Greenhorn

Joined: Dec 25, 2003
Posts: 20
Hi William,

Isn't it easy to transfer the JAR and JAD using MMS or BT ? Specially for Siemens phones which have File System access ?

Regards,
Arnab
William Frantz
Ranch Hand

Joined: Dec 08, 2004
Posts: 102
Isn't it easy to transfer the JAR and JAD using MMS or BT?

I haven't used a Siemens phone in a long time, but I have used lots of CDMA phones, a couple iDENs, and a few GSM handsets in my day. I have *never* seen a phone that will send or receive a JAR via MMS or Bluetooth.

Oh, I believe they are out there. I've heard of people installing JARs through serial data connections, but in the USA, I believe it is the exception not the rule. I guess you need to consider your target market. On Sprint PCS, it's just not possible. Can't do it on Nextel either. Verizon uses Brew rather than J2ME. Maybe there's some phones on Cingular that can do it. I don't know.

William Frantz
http://sprintdevelopers.com
 
Consider Paul's rocket mass heater.
 
subject: Forward Lock problem
 
Similar Threads
Buying a Java-enabled Phone
HTML publishing for PDAs
Its about uniqueIDs again! Problems with downloading modified jar files
JAD/JAR copy from phone
DRM in MIDP 1.0