I'm building a blacklisting service for cracked iPhone apps and I am curious if I missed a method for detecting cracked apps.
In the moment following app crack detection methods are available for the service:
- checking plist size
- checking signer identity
- checking if binary is crypted (not sure if this is working correctly since no cracked app got detected this way)
- checking modified date of info.plist against modified date of package (not sure if this is working - used code like: http://snippie.net/snip/f7530ff2 to do that)
I also wonder if it is possible to check if the device is jailbroken? This would help, too, because the service will work much like a spam blacklist and jailbreak could be used to increase the score.
I have also included a honeypot, which shows me that the tools used by the crackers eliminate some of the checks I do. For instance the plist check for size or signer identity.
My question is now:
- Are there more "good" checks I should use?
and
- Is there a way to detect Jailbreak?
NEVER try and block jailbroken devices from using your app, just cracked ones. If you block jailbroken devices they'll be forced to use a patched version with all the checks removed.
Also ALL my devices are jailbroken so if a developer blocks jailbroken devices I would have to ignore their apps. Over 10% of all iDevices are jailbroken so this is a very bad idea.
EDIT: As I'm getting lots of down votes for this I'll post some methods to detect a jailbreak.