Slashdot Mirror
App Auto-Tweets False Piracy Accusations
An anonymous reader writes "Certain iPhone and iPad applications from a Japanese company have broken software piracy detection mechanisms that are sending out tweets on the user's own Twitter account, saying, 'How about we all stop using pirated iOS apps? I promise to stop. I really will. #softwarepirateconfession.' The trouble is, it's sending these out on accounts of users who actually paid up to $50 or more for the software and who are legally using it. The app is asking for access to users' Twitter accounts, but does not give the reason why it is asking, so the author of the article concluded (rightly) that things were being done deliberately. Would you want your legally purchased software to send out messages to all of your contacts on Twitter or on other social networks saying that you were a software pirate? Would you excuse the writers of the software if it was just an error in their piracy detection measures?"
no
Generally if I have an app asking for Twitter/Facebook credentials and it appears completely unrelated to the app I just remove it and move on.
This is character assassination.
You know that old joke about crying "FIRE" in a crowded theater? The bottom line is that you must be damn sure the place is really catching fire before doing that.
The software owner should be legally charged.
Lisias@Earth.SolarSystem.OrionArm.MilkyWay.Local.Virgo.Universe.org
None of that is applicable here. The app is hijacking the users twitter credentials to falsely claim that they are pirates.
Even if I accept for the sake of argument that DRM is OK in general, I see two major ethical problems there.
Flamebait much? People pay far more than that for desktop apps. People tend to think that an iOS iPhone or iPad app is going to always be some simple thing, and a lot are. But there are plenty of higher end "desktop quality" apps available on the platform.
Granted I don't personally believe a Dictionary app would be, but hey, an app is worth what people are willing to pay.
Back to the topic of what's triggering these erroneous piracy messages, there could be a couple of things at play. Some people are reporting its happening on Jailbroken devices that also have the "Install0us" app installed, which is to be fair used solely for app pirating. It may be the app sees "Hey, I'm on a hacked device with a pirate store installed" and assuming it itself has been pirated for that reason.
However, other users are reporting the same issue on non-jailbroken devices which leads me to believe that these apps were targeted for iOS 5.1.1 and may be seeing the massive backend library and OS changes Apple made for iOS6 and incorrectly assuming its running on a Jailbroken devices due to unexpected OS differences.
I'm not defending the app maker for obviously going overboard on anti-piracy measures, just trying to figure out the 'why' of it being triggered for paying customers.
- "Scientia non habet inimicum nisp ignorantem"
How do we know it is falsely claiming that the users are pirates? The guy in the link admits to using Installus which is an application specifically crafted for piracy. Maybe he pirated it, maybe he didn't, but who likes to admit to being a criminal even when busted red-handed?
There's a simple solution: never install programs from an untrusted source, such as an app store. A source that's trustworthy has the sources you can download and read -- and if any such a logic bomb is found, it can be removed immediately -- not that code with such a bomb should be really allowed back without a thorough review. This possibility makes such sabotage virtually absent in free software.
The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
...Of whether or not the user has pirated the software, this kind of name-and-shame digital vigilantism on the part of the software author is just playing with fire. Especially (but not only) when it's shoddily coded and hitting false positives.
I can imagine them sitting around their dev table brainstorming "Ok guys, what's the best possible way we can open the company up to libel and defamation lawsuits? Hey, I know... Let's even give people who use and rely on Twitter as a business tool an opportunity to claim commercial losses against us as a result of an automated piracy accusation going out to their X-million followers!"
Sometimes things just aren't thought through very well...
The app is posting a tweet purporting to come form the user, whereas it actually comes form the app's author. As the app's message is implying that the user is violating copyrights, a crime, this is defamatory, so the author of the app is libelling the user. The user isn't a public figure, so doesn't have to prove malice on the part of the app's author. As I see it, the only defence for the app's author would be to prove that the user did illegally copy software.
Seriously, would it be so hard to include that in the article?
The company you want to avoid from now on is called "Enfor", and they deserve to have this bullshit rubbed in their face. If you want to sock 'em in the gut, email Apple and explain to them what happened after you legitimately purchased the app, and ask for a refund. I'm sure this is breaking one of their SDK rules somewhere, but even if it isn't- they have a walled garden to protect legitimate users from this kind of crap. When stuff like this gets past them, it makes Apple look bad as well as the company who wrote it.
So email Apple and tell them how you feel about this betrayal of trust. Tell them the app has publicly humiliated/embarrassed you, that you want a refund, and that this whole situation has shaken your confidence in Apple's walled garden. If enough people do this, Apple will turn around and tear a strip off Enfor- either by freely issuing refunds to anyone who asks for it, or by taking down the offending apps (goodbye sales!), or by banning the developer.
How do we know it is falsely claiming that the users are pirates?
Because at least one instance of a false positive is known. The guy has the receipt. Nothing else matters; the guy is not a pirate.
The guy in the link admits to using Installus which is an application specifically crafted for piracy.
How does that change the fact that the guy has paid his dues with regard to the dictionary? Even if he pirated all other applications - which he denies - this doesn't give the dictionary a right to accuse the owner of anything. Besides, the guy claims that he needed Installus for a legitimate purpose: " you can use it to go back to an older version of an app you legally own. This is otherwise impossible in iOS."
and everyone that knows me knows I pirate software, music, movies, whatever. In fact, I'm the go to guy.
See, I tell people I pirate software, so no, the app wouldn't bother me.
But it goes to show, the only people that buy dvd/bluray's are the ones who get hit with DRM and warnings about copyright, because I sure as fuck don't get those when I download pirated versions.
You buy goods because you like the abuse. I pirate the goods because I don't like to be abused.
Be seeing you...
Except that he explained the reasoning for having Installous on a jailbroken phone, and others have rung in saying that Installous isn't what's flagging it, or the only reason.
When I'm in a country where I have severely limited vocabulary in the local language, a good dictionary application is one of those can't-live-without things that I actually do depend on for getting by. I haven't seen how good this application is/isn't, but I'd pay more than $50 for a great dictionary app. Also, a mobile version is more valuable than a desktop version. I know from experience what it's like pulling a notebook computer out of a bag when I get stuck trying to read a sign or communicate with a stranger. I'll give you a hint: it's not as practical as pulling a phone out of your pocket.
There that's who they are! so claims the article.Don't buy their products and send them alot of pissed off customer emails. Let em know how ya feel.
Jack of all trades,master of none
Except that he explained the reasoning for having Installous on a jailbroken phone, and others have rung in saying that Installous isn't what's flagging it, or the only reason.
There is no rational for having installous on a jailbroken phone other that to install pirated apps.
TFA:
When Scanner Pro, which I also legally own, introduced a bug in the app that made the app stop working completely on my device. Installous lets you browse a list of available pirated versions of the app, which also means you can use it to go back to an older version of an app you legally own.
Does the above says something about your rational abilities? Naaahh... a simpler explanation exists: who the hell bother to actually RTFA?
Questions raise, answers kill. Raise questions to stay alive.
I've been rather surprised at the porousness of Apple's walled garden. My iPad is 100% stock (not jailbroken, etc), and all of the apps came directly from the app store. A couple weeks ago I noticed some odd files in my dropbox root folder. There were two executables - one for Windows (Xbox 360 MSP Generator.exe.), one for OSX (IGenerate 6.7) - both for generating "free" XBox points. Fortunately Dropbox allows you to (via their web interface only) view the versions and history of files. Both those files came from my iPad. Then last week it happened again with just a windows executable (iLividSetup.exe), also from my iPad.
So some iOS app is interacting with the Dropbox app in some way (either via API or just throwing files into a folder that Dropbox must have all permissions open on). I have yet to determine which app it is. I only use 6 or 7 apps regularly, so I'm pretty sure it's not any of those, and I have yet to do a more systematic check on the other dozens of odd lesser used apps. The moral of the story is that these app stores are not foolproof by any means, and malware is still being approved, even if the attack vector is novel, dependent on a 3rd party app (dropbox) and is cross-platform.
Anyone else see this behavior in their Dropbox files?
Better known as 318230.
<advocate client="devil"> Note that he does not "legally own" Scanner Pro as he claims, rather he holds a license which permits him to use it under certain conditions. I rather doubt those conditions include "download old versions from piracy apps", so he surely is using it precisely to violate copyright, or in the common parlance, "to install pirated apps", despite the apps not having been taken by force on the high seas.</advocate>
Copyright law: it's hilariously busted, but let's fix or eliminate it rather than making excuses for violating it.
<advocate client="devil"> I wouldn't be that sure he's using it precisely in the sense of copyright violation, his description of the problem admits a situation in which he actually has a license for a version that, upon upgrade, failed to work.
If indeed this is his situation, he has a license to use the application (perhaps even in its newer version, otherwise why try to upgrade?), but the application fails to be usable in his conditions. In which case, what he is doing is not illegal and maybe more pragmatical (than suing the provider for the lack of use).</advocate>
Maybe it pays to first look at (/get to know) the specifics of a situation before spitting blood in a fight with windmills.
Granted, addressing the sickness at the source is the actual solution (anything else being palliative) - even though the big but is if you can afford it.
Questions raise, answers kill. Raise questions to stay alive.
" the "Install0us" app installed, which is to be fair used solely for app pirating."
No it's not.
It's also one of the easiest (and in some cases only) way you can revert to previous versions of apps. I don't pirate apps on iOS, and I rarely have a use for Install0us, but a couple of times it's saved me when a newer version of an app was unusable and Install0us was the only way to get a previous version re-installed and running again.
In the spirit of being fair though, ya, it's mostly for pirating, but I wouldn't jump to the definitive conclusion that someone who has it on their iOS devices is pirating apps.
This is a much better example than Photoshop. What's hilarious is the Vuvuzela app is $200 but the same company offers their universal translator app for $5.99
"A person is smart. People are dumb, panicky dangerous animals and you know it." - K
A very quick search (quicker than responding to your post) has turned up a list of 15 apps in the range of $150 to $999.99, none of which is Photoshop but all of which are worth the purchase price to the user who is really REALLY going to use any of those apps.
My boring anecdote.
Traveling on I-87 northbound and we got stuck in traffic. Stop and Go snail pace traffic.
Out comes a shiny glittering wonder of the world iphone with a 50$ map/direction/traffic application. "This is the BEST EVAAAR, DUDE!" the guy said. "Let me get us out of here". Everybody rejoiced. Alas, the joy did not last long. The app had no idea about the current traffic that we were sitting in.
Out comes an android. Not so shiny, mind you. It had this free little known map application called Google Maps. Not only it showed the "red" lines for next 20 miles, it also showed all the small roads with few of the "green" ones. Lo and Behold - we were out of the traffic and on our way.
The dude is now using his shiny iphone with the latest and greatest mapping app EVAAR called Apple maps. Oh the irony!
where I have severely limited vocabulary in the local language, a good dictionary application is one of those can't-live-without things
If you're trying to expand your vocabulary, throw the dictionary in the trash and get a thesaurus.
...and how does that help when you don't even know one synonym in the target language?
And I have no idea why you'd pay $50 for a dictionary app when you could just buy the actual paper dictionary for $20.
Clue: a good multilingual dictionary weighs several pounds. Installing an app adds no extra weight. When travelling to/around a foreign country, that can be important :-)
Need to type accents and special characters in Windows? Use FrKeys