A day later after we posted the "proof of concept" (PoC) video demonstrating how easy it is to defeat Windows Phone app protection, the discussion is starting to head into another direction: from criticism to potential solution. FreeMarketplace may only be 65.5kb in size (seriously), but its ability to freely circumvent the weak DRM of all 4k+ paid apps in the Marketplace with a single mouse-click is a real concern.
While we're confident Microsoft has something in the works to right this problem (though nothing is confirmed), developers may be able to take some matters into their own hand to better improve app security.
Tobias, the developer of FreeMarketplace, has what he thinks is a method to slow down potential pirates. What makes FreeMarketplace so dangerous is the automation--no mid-level "cracker" is needed to go into each and every app to defeat DRM, which is how the majority of app piracy has to proceed (see iOS). That's because DRM in the Windows Phone Marketplace is the same for every app, making an automated system-wide app cracker feasible:
The code and the guides I gave you here will not stop piracy. Anyone with the corresponding skills can still startup reflector, go through your code, remove any checkes, remove DRM and install it on a device. YES, but it got a lot more difficult to do it in an automated fashion. So, there might be one or two who can still break your security measures by hand but the masses won’t be able as there is no generic tool available.
While not a true fix, it can at least add some speed bumps for now till MS can offer more robust DRM support. Of note, Tobias is still not sharing details on how FreeMarketplace works, so don't expect any nuggets there. In addition, what follows is strictly for developers, so non-techies will only glean a few interesting tid-bits.