Results 1 to 8 of 8
  1. gol706's Avatar
    Posts
    5 Posts
    Global Posts
    22 Global Posts
       #1  
    After digging through the ROM image and using the novaterm for root access it seems in general that palm didn't make much of an effort to lock down WebOS. This could be because, A, they didn't want to, or B, development was so rushed that they didn't have a chance. (I'm leaning towards B judging by the fact that there are still things like tests wasting space in the ROM image)

    While all this is great fun since I can look around without access to the SDK, I sorta wonder how this effects things like paid apps. Since WebOS apps aren't compiled, what's to stop me from going in as root and just flipping a bit to switch it from demo to paid?
  2. #2  
    Quote Originally Posted by gol706 View Post
    After digging through the ROM image and using the novaterm for root access it seems in general that palm didn't make much of an effort to lock down WebOS. This could be because, A, they didn't want to, or B, development was so rushed that they didn't have a chance. (I'm leaning towards B judging by the fact that there are still things like tests wasting space in the ROM image)

    While all this is great fun since I can look around without access to the SDK, I sorta wonder how this effects things like paid apps. Since WebOS apps aren't compiled, what's to stop me from going in as root and just flipping a bit to switch it from demo to paid?
    Palm has been asked this in the past, as this is a huge pitfall of non compiled applications.

    Truly, I don't think there is a way to stop this from happening, other than the fact that only a small amount of people have the abilities to pull this off, and of those, the amount of honest people who are developers themselves is high. It's unlikely to make a huge impact on application sales.

    Just my 2 cents.
  3. kiz
    kiz is offline
    kiz's Avatar
    Posts
    12 Posts
    #3  
    Quote Originally Posted by NoRemorse View Post
    Palm has been asked this in the past, as this is a huge pitfall of non compiled applications.

    Truly, I don't think there is a way to stop this from happening, other than the fact that only a small amount of people have the abilities to pull this off, and of those, the amount of honest people who are developers themselves is high. It's unlikely to make a huge impact on application sales.

    Just my 2 cents.
    You'd be surprised, n00b proof tutorials and such will be in masses....
    killakiz treo 700p
  4. rposa's Avatar
    Posts
    264 Posts
    Global Posts
    266 Global Posts
    #4  
    JavaScript obfuscater..
  5. #5  
    Server side validations with sessions maybe, like with web apps
  6. gol706's Avatar
    Posts
    5 Posts
    Global Posts
    22 Global Posts
       #6  
    Quote Originally Posted by rposa View Post
    JavaScript obfuscater..
    Quote Originally Posted by aonic View Post
    Server side validations with sessions maybe, like with web apps
    That's kinda along the lines of what I was thinking. I guess in the end it's all about making it difficult enough to discourage most people. The only thing that could be truly secure is apps that make heavy use of web services so you can control access from the server side.
  7. PreGame's Avatar
    Posts
    540 Posts
    Global Posts
    550 Global Posts
    #7  
    Quote Originally Posted by gol706 View Post
    That's kinda along the lines of what I was thinking. I guess in the end it's all about making it difficult enough to discourage most people. The only thing that could be truly secure is apps that make heavy use of web services so you can control access from the server side.
    If someone is determined to hack the program they will find a way
  8. mer1's Avatar
    Posts
    5 Posts
    #8  
    Quote Originally Posted by PreGame View Post
    If someone is determined to hack the program they will find a way
    This is true for all platforms.

Posting Permissions