Slashdot Mirror
App Auto-Tweets False Piracy Accusations
An anonymous reader writes "Certain iPhone and iPad applications from a Japanese company have broken software piracy detection mechanisms that are sending out tweets on the user's own Twitter account, saying, 'How about we all stop using pirated iOS apps? I promise to stop. I really will. #softwarepirateconfession.' The trouble is, it's sending these out on accounts of users who actually paid up to $50 or more for the software and who are legally using it. The app is asking for access to users' Twitter accounts, but does not give the reason why it is asking, so the author of the article concluded (rightly) that things were being done deliberately. Would you want your legally purchased software to send out messages to all of your contacts on Twitter or on other social networks saying that you were a software pirate? Would you excuse the writers of the software if it was just an error in their piracy detection measures?"
no
Generally if I have an app asking for Twitter/Facebook credentials and it appears completely unrelated to the app I just remove it and move on.
This is character assassination.
You know that old joke about crying "FIRE" in a crowded theater? The bottom line is that you must be damn sure the place is really catching fire before doing that.
The software owner should be legally charged.
Lisias@Earth.SolarSystem.OrionArm.MilkyWay.Local.Virgo.Universe.org
None of that is applicable here. The app is hijacking the users twitter credentials to falsely claim that they are pirates.
Even if I accept for the sake of argument that DRM is OK in general, I see two major ethical problems there.
Flamebait much? People pay far more than that for desktop apps. People tend to think that an iOS iPhone or iPad app is going to always be some simple thing, and a lot are. But there are plenty of higher end "desktop quality" apps available on the platform.
Granted I don't personally believe a Dictionary app would be, but hey, an app is worth what people are willing to pay.
Back to the topic of what's triggering these erroneous piracy messages, there could be a couple of things at play. Some people are reporting its happening on Jailbroken devices that also have the "Install0us" app installed, which is to be fair used solely for app pirating. It may be the app sees "Hey, I'm on a hacked device with a pirate store installed" and assuming it itself has been pirated for that reason.
However, other users are reporting the same issue on non-jailbroken devices which leads me to believe that these apps were targeted for iOS 5.1.1 and may be seeing the massive backend library and OS changes Apple made for iOS6 and incorrectly assuming its running on a Jailbroken devices due to unexpected OS differences.
I'm not defending the app maker for obviously going overboard on anti-piracy measures, just trying to figure out the 'why' of it being triggered for paying customers.
- "Scientia non habet inimicum nisp ignorantem"
...Of whether or not the user has pirated the software, this kind of name-and-shame digital vigilantism on the part of the software author is just playing with fire. Especially (but not only) when it's shoddily coded and hitting false positives.
I can imagine them sitting around their dev table brainstorming "Ok guys, what's the best possible way we can open the company up to libel and defamation lawsuits? Hey, I know... Let's even give people who use and rely on Twitter as a business tool an opportunity to claim commercial losses against us as a result of an automated piracy accusation going out to their X-million followers!"
Sometimes things just aren't thought through very well...
Seriously, would it be so hard to include that in the article?
The company you want to avoid from now on is called "Enfor", and they deserve to have this bullshit rubbed in their face. If you want to sock 'em in the gut, email Apple and explain to them what happened after you legitimately purchased the app, and ask for a refund. I'm sure this is breaking one of their SDK rules somewhere, but even if it isn't- they have a walled garden to protect legitimate users from this kind of crap. When stuff like this gets past them, it makes Apple look bad as well as the company who wrote it.
So email Apple and tell them how you feel about this betrayal of trust. Tell them the app has publicly humiliated/embarrassed you, that you want a refund, and that this whole situation has shaken your confidence in Apple's walled garden. If enough people do this, Apple will turn around and tear a strip off Enfor- either by freely issuing refunds to anyone who asks for it, or by taking down the offending apps (goodbye sales!), or by banning the developer.
How do we know it is falsely claiming that the users are pirates?
Because at least one instance of a false positive is known. The guy has the receipt. Nothing else matters; the guy is not a pirate.
The guy in the link admits to using Installus which is an application specifically crafted for piracy.
How does that change the fact that the guy has paid his dues with regard to the dictionary? Even if he pirated all other applications - which he denies - this doesn't give the dictionary a right to accuse the owner of anything. Besides, the guy claims that he needed Installus for a legitimate purpose: " you can use it to go back to an older version of an app you legally own. This is otherwise impossible in iOS."
and everyone that knows me knows I pirate software, music, movies, whatever. In fact, I'm the go to guy.
See, I tell people I pirate software, so no, the app wouldn't bother me.
But it goes to show, the only people that buy dvd/bluray's are the ones who get hit with DRM and warnings about copyright, because I sure as fuck don't get those when I download pirated versions.
You buy goods because you like the abuse. I pirate the goods because I don't like to be abused.
Be seeing you...
When I'm in a country where I have severely limited vocabulary in the local language, a good dictionary application is one of those can't-live-without things that I actually do depend on for getting by. I haven't seen how good this application is/isn't, but I'd pay more than $50 for a great dictionary app. Also, a mobile version is more valuable than a desktop version. I know from experience what it's like pulling a notebook computer out of a bag when I get stuck trying to read a sign or communicate with a stranger. I'll give you a hint: it's not as practical as pulling a phone out of your pocket.
Except that he explained the reasoning for having Installous on a jailbroken phone, and others have rung in saying that Installous isn't what's flagging it, or the only reason.
There is no rational for having installous on a jailbroken phone other that to install pirated apps.
TFA:
When Scanner Pro, which I also legally own, introduced a bug in the app that made the app stop working completely on my device. Installous lets you browse a list of available pirated versions of the app, which also means you can use it to go back to an older version of an app you legally own.
Does the above says something about your rational abilities? Naaahh... a simpler explanation exists: who the hell bother to actually RTFA?
Questions raise, answers kill. Raise questions to stay alive.
As I see it, the only defence for the app's author would be to prove that the user did illegally copy software.
It wouldn't be even nearly enough. For example, an ISV cannot set fire to your house upon detection of unauthorized use. There is a specific limit to what software developers may do when they have a good reason to suspect piracy. Have a look at Microsoft's solution - MS had enough lawyers thrown at the problem, so what MS did is basically the maximum of what is legal and safe.
In this case the software developer committed several crimes. And those crimes do not even PREVENT the piracy! What would prevent it? Simple: just don't run the software! Or run it in demo mode. Good solutions are numerous.
One good advice that got overlooked here is this: always maintain good communication. Talk to the user. Let the user always know what is happening. Let the user make his decisions. In this case the software bypassed the communication phase and decided to become not only the detective, but also the judge, the jury and the executioner. Note that only a judge can order a convicted offender to publicly humiliate themselves. This rarely happens, but such sentencing does occur now and then - usually as an offer that can be refused (if you like the inside of a prison more, for example.) This software took upon itself the right that rare a human is entrusted with.
I've been rather surprised at the porousness of Apple's walled garden. My iPad is 100% stock (not jailbroken, etc), and all of the apps came directly from the app store. A couple weeks ago I noticed some odd files in my dropbox root folder. There were two executables - one for Windows (Xbox 360 MSP Generator.exe.), one for OSX (IGenerate 6.7) - both for generating "free" XBox points. Fortunately Dropbox allows you to (via their web interface only) view the versions and history of files. Both those files came from my iPad. Then last week it happened again with just a windows executable (iLividSetup.exe), also from my iPad.
So some iOS app is interacting with the Dropbox app in some way (either via API or just throwing files into a folder that Dropbox must have all permissions open on). I have yet to determine which app it is. I only use 6 or 7 apps regularly, so I'm pretty sure it's not any of those, and I have yet to do a more systematic check on the other dozens of odd lesser used apps. The moral of the story is that these app stores are not foolproof by any means, and malware is still being approved, even if the attack vector is novel, dependent on a 3rd party app (dropbox) and is cross-platform.
Anyone else see this behavior in their Dropbox files?
Better known as 318230.
" the "Install0us" app installed, which is to be fair used solely for app pirating."
No it's not.
It's also one of the easiest (and in some cases only) way you can revert to previous versions of apps. I don't pirate apps on iOS, and I rarely have a use for Install0us, but a couple of times it's saved me when a newer version of an app was unusable and Install0us was the only way to get a previous version re-installed and running again.
In the spirit of being fair though, ya, it's mostly for pirating, but I wouldn't jump to the definitive conclusion that someone who has it on their iOS devices is pirating apps.
where I have severely limited vocabulary in the local language, a good dictionary application is one of those can't-live-without things
If you're trying to expand your vocabulary, throw the dictionary in the trash and get a thesaurus.
...and how does that help when you don't even know one synonym in the target language?
And I have no idea why you'd pay $50 for a dictionary app when you could just buy the actual paper dictionary for $20.
Clue: a good multilingual dictionary weighs several pounds. Installing an app adds no extra weight. When travelling to/around a foreign country, that can be important :-)
Need to type accents and special characters in Windows? Use FrKeys