So, I thought I was being clever and using various hashes and permutations of Android's secure unique ID to identify my users....
所以,我认为我是聪明的和使用各种散列排列的Android的安全的惟一的ID来识别用户....
But it turns out that 9774d56d682e549c is a magic ID returned by
但结果是9774d56d682e549c是一个神奇的ID。
Secure.getString(getContentResolver(), Secure.ANDROID_ID);
for a good number of devices... It appears every emulator I build has the same ID, and many of other peoples phones (lots of moto droids!) and flashed OS mods tend to return this same repeating value. Non-MotoDroid / Non-Flashed handsets seem to all give me a unique string back. But this one is in my DB about 60 times!
对于许多设备……我所构建的每个仿真器都有相同的ID,而其他许多人的手机(许多moto droids!)和flash OS mods都倾向于返回相同的重复值。非motodroid /非闪光的手机似乎都给了我一个独特的字符串。但是这个在我的数据库中大约有60次!
I'm going to be optimizing my app to check for that string before registering, but what would be a recommended way of handling it to get another unique value?
在注册之前,我将优化我的应用程序来检查字符串,但是如何处理它以获得另一个独特的值呢?
My current thought is to check for it, generate an EXTREMELY LARGE random value, hash it, then store than in SharedPreferences and then either use the ANDROID_ID or the one stored in sharedprefs (if the users phone is giving the value). Anyone have any better ideas, or does this seem solid enough to mitigate this crazy bug?
我现在的想法是检查它,生成一个非常大的随机值,哈希它,然后存储比在SharedPreferences中,然后要么使用ANDROID_ID,要么使用sharedprefs中存储的那个(如果用户的手机提供了这个值)。谁有更好的主意,或者这看起来足够坚固来缓解这个疯狂的bug?
4 个解决方案
#1
7
Take a look at the Identifying app installations article. You can't rely on ANDROID_ID.
看一下识别应用程序安装的文章。您不能依赖ANDROID_ID。
The best solution is to generate a custom id with:
最好的解决方案是生成一个自定义id:
String id = UUID.randomUUID().toString();
#2
1
This phenomenon and also this * thread were talked about at the summercon 2012 by Oberheide and Miller, who recently dissected Google's Bouncer: http://jon.oberheide.org/files/summercon12-bouncer.pdf
这一现象和这个*的线程在2012年夏天被Oberheide和Miller讨论过,他们最近分析了谷歌的Bouncer: http://jon.oberheide.org/files/summercon12-bouncer.pdf。
Maybe you can extract some more useful info for your project.
也许您可以为您的项目提取一些更有用的信息。
#3
1
If you want to create one with the same format as real ANDROID_IDs, you can use the same method they use here:
如果您想创建一个与真正的ANDROID_IDs相同的格式,您可以使用这里使用的相同方法:
private static String generateAndroidId() {
String generated = null;
try {
final SecureRandom random = SecureRandom.getInstance("SHA1PRNG");
random.setSeed( (System.nanoTime() + new SecureRandom().nextLong()).getBytes() );
generated = Long.toHexString(random.nextLong());
} catch (NoSuchAlgorithmException e) {
Log.e(TAG, "Unexpected exception", e);
}
return generated;
}
Outputs: 9e7859438099538e
输出:9 e7859438099538e
#4
0
Though not ideal, things like the Google AdMob SDK use the permission android.permission.READ_PHONE_STATE to read the device's phone number, etc.
虽然不理想,但像谷歌AdMob SDK这样的应用程序可以使用android.permission。READ_PHONE_STATE读取设备的电话号码等。
There's some useful, related information in the following blog post: http://strazzere.com/blog/?p=116
以下博客中有一些有用的相关信息:http://strazzere.com/blog/?
#1
7
Take a look at the Identifying app installations article. You can't rely on ANDROID_ID.
看一下识别应用程序安装的文章。您不能依赖ANDROID_ID。
The best solution is to generate a custom id with:
最好的解决方案是生成一个自定义id:
String id = UUID.randomUUID().toString();
#2
1
This phenomenon and also this * thread were talked about at the summercon 2012 by Oberheide and Miller, who recently dissected Google's Bouncer: http://jon.oberheide.org/files/summercon12-bouncer.pdf
这一现象和这个*的线程在2012年夏天被Oberheide和Miller讨论过,他们最近分析了谷歌的Bouncer: http://jon.oberheide.org/files/summercon12-bouncer.pdf。
Maybe you can extract some more useful info for your project.
也许您可以为您的项目提取一些更有用的信息。
#3
1
If you want to create one with the same format as real ANDROID_IDs, you can use the same method they use here:
如果您想创建一个与真正的ANDROID_IDs相同的格式,您可以使用这里使用的相同方法:
private static String generateAndroidId() {
String generated = null;
try {
final SecureRandom random = SecureRandom.getInstance("SHA1PRNG");
random.setSeed( (System.nanoTime() + new SecureRandom().nextLong()).getBytes() );
generated = Long.toHexString(random.nextLong());
} catch (NoSuchAlgorithmException e) {
Log.e(TAG, "Unexpected exception", e);
}
return generated;
}
Outputs: 9e7859438099538e
输出:9 e7859438099538e
#4
0
Though not ideal, things like the Google AdMob SDK use the permission android.permission.READ_PHONE_STATE to read the device's phone number, etc.
虽然不理想,但像谷歌AdMob SDK这样的应用程序可以使用android.permission。READ_PHONE_STATE读取设备的电话号码等。
There's some useful, related information in the following blog post: http://strazzere.com/blog/?p=116
以下博客中有一些有用的相关信息:http://strazzere.com/blog/?