한 해를 마무리하면서 이뮤직마켓과 함께 해 주신 몇분을 모시고 조촐힝 송년파티를 가졌습니다. 올해는 이뮤직마켓이 세상에 발을 딛었던 첫 해 입니다. 새해에는 더 많은 발전과 행운이 여러분 모두와 함께 하리라 믿습니다.
새해 복 많이 받으세요.
감사합니다.

We all feel same feeling when it comes to an year's end.
It was the very beginning of eMusicMarket and we are seeing some bigger and happier movement for all of us nest year.

eMusicMarket's headquarter held a cozy little dinner party to say thanks to some of the close relatives. Thanks for all at the table to join us in a bloody cold winter day.

Happy New Year.

부산 동주대학교의 특강 현장입니다.
음악산업의 현주소와 저작권 관련 강의와 더불어 이뮤직마켓의 원리와 활용법에 대한 설명회가 이어졌습니다.
미래를 준비하는 학생들의 뜨거운 열기가 함께 했습니다.
  

Busan is the second largest city in S. Korea and the cradle of art and music ever since.
Dong-joo University's School of Commercial Music invited eMusicMarket to learn and share the ideas of pre-production music market and current moves in music industry.

Pictured are PD Lee and Scott, eMusicMarket's administrators, strongly stressing on the importance of copyright and music marketing.

명곡의 부활 '배반의 장미' 편곡 공모전 우승자 시상식이 서울 강남의 NewBay 레코딩 스튜디오에서 있었습니다.
너무도 많은 좋은 작품들이 접수되어 심사위원의 갑론을박으로 예정보다 수상자 선정이 늦어지기도 하였습니다.

안타깝게도 대상 수상자는 없습니다. 은상에게는 Yamaha HS8 액티브 모니터스피커, 동상 두명에게는 Steinberg's CMC controller 가 수여되었고, 스타인버그 특별상에는 창의성이 가장 뛰어난 작품을 선정하였고 Steinberg UR28M audio interface/monitor controller 가 부상으로 증정되었습니다. 수상자를 포함한 상위 8명의 지원자에게 이뮤직마켓 최고등급인 RED 회원권 1년의 특혜를 드립니다.

사진은 시상에 참여하신 이뮤직마켓의 관계자입니다. 수상자의 사진과 소감 등은 곧 공개됩니다.
지원해 주신 모든 분께 감사드립니다.


Winners of the arranging contest were all invited and awarded at NewBay Recording Studio, south of Seoul, Korea.

There is no Grand Prize Winner this time unfortunately, but all the other prize winners are so happy to hear the news. It took longer to choose the winning works than we expected since there were a lot of great and creative works which could be released as it is. 

Yamaha HS8 active monitor speakers for Silver prize winner, Steinberg's CMC controllers for two Bronze prize winners, Steinberg UR28M audio interface/monitor controller for Steinberg Prize winner.
Top 8 ranked get eMusicMarket prize, 1 year Red Membership of eMusicMarket.com
Pictured are not the winners though, executives of eMusicMarket. Pictures and comments of real winners come soon.

All mobile apps can be hacked. A group of hackers with enough time and dedication can gain access to, and reverse engineer, even the most secure app environment.

Android represents 80 percent of the smartphone OS market, according to ABI research, and its open development environment exposes the platform to certain unique threats from hackers and malware.

While Android security experts debate the merits of installing antivirus software on Android devices, they ignore a host of potential dangers that lurk just below the surface -- critical threats no one in our industry talks about. In an effort to strengthen the Android ecosystem for all developers, we want to shine a light on some of the most dangerous Android threats no one discusses.

A smorgasbord of risk

Android hacks come in all shapes and sizes, but the following are common exploits with the potential to unleash havoc.

• App Piracy
• Repackaging
• Memory Hacking
• Payments Verification Manipulation
• Server Data Interpretation
• Attack App Creation

Ground Zero

It all boils down to the fundamental problem with the Android application execution file (aka the .apk file). The Android .apk file can be easily decompiled with various apps. When you decompress (decompile) a .apk file, it converts to a DEX file so that the app can run on a Dalvik virtual machine. When you decompile the DEX file, that's where the Java code lives. And that's where the source code lives as well.

Some developers may say that they don't develop in Javacode so they're ok, or it's ok since they develop in .so library files. This is a dangerous assumption; .so files have been susceptible to reverse engineering even before Android was released. If you use IDA, a leading commercial reverse engineering tool, you can see the structure of the library and the code inside the .so files, and change the contents with a binary patch. Furthermore, there are dozens of tools available to decompile and crack Android apps simply by searching Google.

So what can you do with decompiled code?

1. App Piracy -- ripping off the source code to create a new copycat app. Remember all the Flappy Bird clones?

2. Repackaging -- inserting malware or other malicious code and repackaging, releasing into the app store. Since there is no app review process, anyone can do this. And people download wrong or bad apps all the time. A fake BBM app on Android had more than 100K downloads before it was found and shut down by Google, and it was a simple spamming app. Malware has been found in repackaged apps.

3. Memory hacking -- manipulating memory values to cheat in mobile games, etc. GameCih, Game Killer, and so on. From a hacker's perspective, here's a few more threats common to Android apps.

4. Manipulate payment verification information to steal virtual items from apps -- Freedom, etc. are free tools that you can download and use.

5. Analyze and find what type of data gets passed to which server, then use man in the middle attacks (MITM) to hijack or change the app -- Snapchat security leak.

6. Create an attack app which can communicate with the server (since you see all the client code) to do various things, such as:

• Take the SSL certificate or PGP key to attack the server (if the certificates are not encrypted)
• Create a non SSL tunnel to see plain text data (see unencrypted versions of data)
• Attack the database query via SQL injection
• Attack the server with a DoS attack to flood the server with requests and make it unusable, don't let any other users in by tying up the server.
• By allowing server attacks, hackers can easily decrease the amount of time needed to figure out how the data structure is composed.
• With SSL certificates, if you have this certificate, there can be secondary and tertiary attacks derived from this.

Simply put, people say "it's ok since all the data lives on the server side".

However, if the data is all on the server (the locked room), the data needed to access that server is all in the client (the key). If the key can be replicated, who can say that the locked room will never be accessed by an outside person?

Eliminating danger

The greatest risk Android developers face is is the security of the app itself. Once the app has been compromised through the.apk file, the value of the developer's IP can vanish instantly.

To maintain the total security and integrity of your apps, I recommend PentaProtect from SEWorks, which provides source code obfuscation, binary obfuscation, anti-decompile protection, anti-memory hacking, library protect. Couple this with app tampering detection/monitoring service AppSecure and this is as close to bulletproof as you can get (right now anyway).

http://betanews.com/2014/07/22/the-greatest-threats-to-the-android-ecosystem/

출시 예정인 발키리컨플릭트 CBT( Closed Beta Test)를 진행합니다.
2014년 07월 21일 ~ 2014년 7월 28일 까지 

1. 다운로드 & 리뷰 - 안드로이드 ONLY
(1) 네이버 앱스토어 다운로드 :http://m.androidapp.naver.com/appstoreapp.html
(2) 다운로드 : 네이버 앱스토어에서 '발키리' 입력후, 목록에서 다운로드 

공식까페