[QUOTE=darth-veger;27432358]I also don't see the reason why it would be uploaded there anyway...
Do you got footage cueball?[/QUOTE]
Yes, uploading
Make a system so when the app detects a illegal version, that is will ban the user for a month :smug:
[QUOTE=Overv;27428625]Uh, the 4chan app was removed because it contained pornographic content.[/QUOTE]
It's still there. It's called Anonyma. Anyways, I'll be glad to help in the beta, Facepunch is all I use when I have free time and I'm not at home.
-snip-
[QUOTE=Hexxeh;27432467]bulletproof DRM[/QUOTE]
lol. bulletproof drm. good joke.
[QUOTE=deloc;27432855]lol. bulletproof drm. good joke.[/QUOTE]
Not really. The cornerstone of the DRM model is that the application is useless without the corresponding web service. You can guess why you're wrong from there...
Rate me dumb, I'm confused as shit though.
How do I get the app?:saddowns:
[editline]15th January 2011[/editline]
or into the beta, w/e
[img]http://cl.ly/42sx/Screen_shot_2011-01-15_at_18.33.34.png[/img]
Server at the bottom represents our API mediation server, which funnels requests through to the API. Step 6 is representing the fact that the API will only respond to requests that are for features in the paid version if your receipt is valid. Since our security model hinges on the server, short of someone compromising my servers, we'll be golden. And it doesn't get in the way of legitimate users.
[QUOTE=codenamecueball;27432992][img_thumb]http://cl.ly/42Wx/Screen_shot_2011-01-15_at_18.32.30.png[/img_thumb][/QUOTE]
Made the intro and outro already :v:
22 mins remaning
So, people were against TapaTalk support because you had to pay for it, but paying for an app that works exclusively with FP is fine?
No, paying for a fully featured FP app is fine, paying $10 for a gimped app which does the most basic things is stupid.
[QUOTE=codenamecueball;27433246]No, paying for a fully featured FP app is fine, paying $10 for a gimped app which does the most basic things is stupid.[/QUOTE]
Tapatalk currently does more than this app looking at the previously posted video.
Free app that let you post? OH WAIT.
[QUOTE=Hexxeh;27432986][img_thumb]http://cl.ly/42sx/Screen_shot_2011-01-15_at_18.33.34.png[/img_thumb]
Server at the bottom represents our API mediation server, which funnels requests through to the API. Step 6 is representing the fact that the API will only respond to requests that are for features in the paid version if your receipt is valid. Since our security model hinges on the server, short of someone compromising my servers, we'll be golden. And it doesn't get in the way of legitimate users.[/QUOTE]
i've already got a few ideas.
[QUOTE=HTF;27433337]Tapatalk currently does more than this app looking at the previously posted video.[/QUOTE]
Tapatalk is in the store, this is not. This is still a work in progress.
[editline]15th January 2011[/editline]
[QUOTE=deloc;27433349]i've already got a few ideas.[/QUOTE]
Cool, feel free to try them out once we're in the store.
[editline]15th January 2011[/editline]
[QUOTE=Hexxeh;27432986][img_thumb]http://cl.ly/42sx/Screen_shot_2011-01-15_at_18.33.34.png[/img_thumb]
Server at the bottom represents our API mediation server, which funnels requests through to the API. Step 6 is representing the fact that the API will only respond to requests that are for features in the paid version if your receipt is valid. Since our security model hinges on the server, short of someone compromising my servers, we'll be golden. And it doesn't get in the way of legitimate users.[/QUOTE]
Lots of people rating this dumb and yet nobody has come up with a good reason as to why. Joke's on you.
Tapatalk is also more for the other boards, Facepunch is using a pretty unique design and in tapatalk you cannot do some features that FP can do.
Get over it
[QUOTE=Hexxeh;27433360]Lots of people rating this dumb and yet nobody has come up with a good reason as to why. Joke's on you.[/QUOTE]
mitm drm lol
[QUOTE=Hexxeh;27432986][img_thumb]http://cl.ly/42sx/Screen_shot_2011-01-15_at_18.33.34.png[/img_thumb]
Server at the bottom represents our API mediation server, which funnels requests through to the API. Step 6 is representing the fact that the API will only respond to requests that are for features in the paid version if your receipt is valid. Since our security model hinges on the server, short of someone compromising my servers, we'll be golden. And it doesn't get in the way of legitimate users.[/QUOTE]
Go to where you live and smash your server with a hammer?
That might work.
[QUOTE=deloc;27433417]mitm drm lol[/QUOTE]
wat?
[QUOTE=deloc;27433417]mitm drm lol[/QUOTE]
Explain. If you mean just faking the response from the API mediation server, then that's useless. That's what's providing the forum, thread and post data etc. Fake that and you have a useless app.
Go ahead, try and pick a link in that 6 step chain and explain how you can circumvent the protection.
[QUOTE=Xenoyia v2;27433439]Go to where you live and smash your server with a hammer?
That might work.[/QUOTE]
implying his servers are at his home
[QUOTE=codenamecueball;27433246]No, paying for a fully featured FP app is fine, paying $10 for a gimped app which does the most basic things is stupid.[/QUOTE]
TapaTalk is $10? Since when? And how is this going to be more "fully featured" than TapaTalk?
[QUOTE=Xenoyia v2;27433439]Go to where you live and smash your server with a hammer?
That might work.[/QUOTE]
Servers for this oddly enough aren't at my house, they're at a secure datacenter in Germany.
[editline]15th January 2011[/editline]
[QUOTE=Xera;27433462]TapaTalk is $10? Since when? And how is this going to be more "fully featured" than TapaTalk?[/QUOTE]
Rated dumb. Oh wait, you can't do that with Tapatalk, nevermind...
Plus ticker, event log etc...
We'll also continue to support any new features added to Facepunch in the future.
[editline]15th January 2011[/editline]
I don't believe anyone has circumvented the security of In-App Purchases for online applications (offline applications got pwnt pretty early on, but that was inevitable). Break it for online applications and I think we have bigger problems than just my app...
This is a similar system to that used by online games like WoW and Battlefield 2. Legitimate servers (in our case, the API mediation server) won't allow clients that don't have a verified purchase (through means of the receipt or a serial key) communicate with them.
Only way to really hack the app would be to just to spoof the communication between the home server and the App Store. Give a fake receipt and fake receipt confirmation. Sounds incredibly easy, but I'm not going to bet on that.
[QUOTE=SA Spyder;27433544]Give a fake receipt and fake receipt confirmation.[/QUOTE]
not gonna happen.
[QUOTE=deloc;27433578]not gonna happen.[/QUOTE]
Frankly, there's a world of really fucking clever people out there that could easily bypass any DRM system. No DRM is bulletproof. The only reason you could say that this is not bypassable is because not that many people, hackers particularly, will invest a good amount of time doing it to a 3 dollar app.
[QUOTE=SA Spyder;27433544]Only way to really hack the app would be to just to spoof the communication between the home server and the App Store. Give a fake receipt and fake receipt confirmation. Sounds incredibly easy, but I'm not going to bet on that.[/QUOTE]
Yeah, you can't compromise the communication between our server and the App Store, and again, if you can falsify a signed receipt and have it pass as valid, well, again, we have bigger issues than app security.
Sorry, you need to Log In to post a reply to this thread.
