Countering App Store piracy
John Gruber on Crackulous, the automated app-pirating tool for jailbroken iPhones:
I suspect we’ll soon start seeing high-profile App Store apps that attempt to detect whether they’re running on a jailbroken phone, and, if so, quit.
That’s not the best approach to counter this. It would be too easy for the crackers to find and disable the check in the apps.
The ideal piracy detection system doesn’t make it immediately obvious to the crackers that their efforts have been detected. That way, they believe their crack is sufficient, release it, and move on to another app.
If your app interacts with a web service, you can then do all sorts of interesting things. For example, you can log the unique iPhone IDs that run pirated copies of your app and blacklist them from future updates. Or you could quit the app on launch, but only after it has been installed for a few days. You could even create a database of pirating iPhone IDs and share it with other developers.
If you also have user accounts that people use on the site from a web browser, you can match pirate iPhone IDs to your site’s user database and see what IPs they connect from or what email address they signed up with to contact them, send notices to their ISP, or prosecute them.
So it’d be a waste to just immediately quit, and they’d just find your check and disable it.
Or you could just ignore the pirates, since hardly anyone jailbreaks their phone and they’ll never pay for anything anyway, and spend that time making the app better to attract more paying customers.
(Update in response to feedback: To clarify, I’m talking about detecting whether your app has been cracked, not whether it’s running on a jailbroken phone. I don’t care if you run my app on a jailbroken phone if you paid for it.)