Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Piracy Software Twitter Your Rights Online

App Auto-Tweets False Piracy Accusations 231

An anonymous reader writes "Certain iPhone and iPad applications from a Japanese company have broken software piracy detection mechanisms that are sending out tweets on the user's own Twitter account, saying, 'How about we all stop using pirated iOS apps? I promise to stop. I really will. #softwarepirateconfession.' The trouble is, it's sending these out on accounts of users who actually paid up to $50 or more for the software and who are legally using it. The app is asking for access to users' Twitter accounts, but does not give the reason why it is asking, so the author of the article concluded (rightly) that things were being done deliberately. Would you want your legally purchased software to send out messages to all of your contacts on Twitter or on other social networks saying that you were a software pirate? Would you excuse the writers of the software if it was just an error in their piracy detection measures?"
This discussion has been archived. No new comments can be posted.

App Auto-Tweets False Piracy Accusations

Comments Filter:
  • no (Score:5, Insightful)

    by Anonymous Coward on Tuesday November 13, 2012 @06:26PM (#41975193)

    no

  • App permissions (Score:5, Insightful)

    by danomac ( 1032160 ) on Tuesday November 13, 2012 @06:27PM (#41975201)

    Generally if I have an app asking for Twitter/Facebook credentials and it appears completely unrelated to the app I just remove it and move on.

  • Legal liability (Score:5, Insightful)

    by Lisias ( 447563 ) on Tuesday November 13, 2012 @06:30PM (#41975235) Homepage Journal

    This is character assassination.

    You know that old joke about crying "FIRE" in a crowded theater? The bottom line is that you must be damn sure the place is really catching fire before doing that.

    The software owner should be legally charged.

    • I'd expect a few libel suits in lieu.

    • You know that old joke about crying "FIRE" in a crowded theater?

      Nope, does it have anything to do with assassinating the characters?
      Maybe it's related to those horrible laws against little boys yelling "WOLF" in small villages... I mean, that's both Sexist and Ageist.

      The software owner should be legally charged.

      Hmm. So, you're proposing we prosecute the people who bought the software that's defaming them, legally (as opposed to charging them... figuratively)?
      Isn't that a bit like yodeling "THEATER" in a crowded fire?

    • by Myopic ( 18616 ) *

      Legally charged? To me "charged" implies "charged with a crime", but character assassination isn't a crime; it would be Libel (or Slander) which is a tort. It would be fun, though, if users sued the programmer -- and in my opinion, yes, he is liable. At a minimum he should apologize and refund the purchase price to all affected users.

      • by Lisias ( 447563 )

        Cultural differences.

        Slandering is a "crime against the honor" in my country - it's hard to remember these details, but I'll try to remember it.

        Thanks for the heads up.

  • Re: (Score:2, Insightful)

    Comment removed based on user account deletion
    • Re:Economics (Score:5, Interesting)

      by sjames ( 1099 ) on Tuesday November 13, 2012 @06:40PM (#41975325) Homepage Journal

      None of that is applicable here. The app is hijacking the users twitter credentials to falsely claim that they are pirates.

      Even if I accept for the sake of argument that DRM is OK in general, I see two major ethical problems there.

      • How do we know it is falsely claiming that the users are pirates? The guy in the link admits to using Installus which is an application specifically crafted for piracy. Maybe he pirated it, maybe he didn't, but who likes to admit to being a criminal even when busted red-handed?

        • Re:Economics (Score:5, Informative)

          by tftp ( 111690 ) on Tuesday November 13, 2012 @07:18PM (#41975647) Homepage

          How do we know it is falsely claiming that the users are pirates?

          Because at least one instance of a false positive is known. The guy has the receipt. Nothing else matters; the guy is not a pirate.

          The guy in the link admits to using Installus which is an application specifically crafted for piracy.

          How does that change the fact that the guy has paid his dues with regard to the dictionary? Even if he pirated all other applications - which he denies - this doesn't give the dictionary a right to accuse the owner of anything. Besides, the guy claims that he needed Installus for a legitimate purpose: " you can use it to go back to an older version of an app you legally own. This is otherwise impossible in iOS."

          • How does that change the fact that the guy has paid his dues with regard to the dictionary? Even if he pirated all other applications - which he denies - this doesn't give the dictionary a right to accuse the owner of anything. Besides, the guy claims that he needed Installus for a legitimate purpose: " you can use it to go back to an older version of an app you legally own. This is otherwise impossible in iOS."

            Difficult. Legally, it may very well be that if you have paid for a copy that you are not using, and then install another copy that you haven't paid for, it is copyright infringement even when no harm was done to the copyright owner. Not saying it is, but it might be. It may also be that paying for an app on the App Store gives you a license to install the app on several devices that you own, but not on a jailbroken device.

            Clearly if the guy paid for the app, he is not a thief. On the other hand, the Sla

  • Boycott app stores (Score:3, Interesting)

    by KiloByte ( 825081 ) on Tuesday November 13, 2012 @06:59PM (#41975499)

    There's a simple solution: never install programs from an untrusted source, such as an app store. A source that's trustworthy has the sources you can download and read -- and if any such a logic bomb is found, it can be removed immediately -- not that code with such a bomb should be really allowed back without a thorough review. This possibility makes such sabotage virtually absent in free software.

    • So, if you were reviewing the code for an app and found some sneaky logic, you'd just remove it and proceed to use the app anyway?

      You think the person who put one thing like that in there, didn't also put ten things like that? And you think you're smart enough to be able to recognize them all? I think that's insanely reckless.

      • In that case, I'd avoid the app in question like a plague. What I meant are projects with many commiters, only one of whom is bad. And even then, such review can be really hard [wikipedia.org].

      • So, if you were reviewing the code for an app and found some sneaky logic, you'd just remove it and proceed to use the app anyway?

        Yes. We wouldn't have had Unix without its C compiler...

        FTJF [catb.org]

        Historically, back doors have often lurked in systems longer than anyone expected or planned, and a few have become widely known. Ken Thompson's 1983 Turing Award lecture to the ACM admitted the existence of a back door in early Unix versions that may have qualified as the most fiendishly clever security hack of all time. In this scheme, the C compiler contained code that would recognize when the login command was being recompiled and insert so

    • Re: (Score:2, Insightful)

      by Anonymous Coward

      http://notanumber.net/archives/54/underhanded-c-the-leaky-redaction

      Evil code can look completely simple and benign. You would never catch this kind of shit reviewing an app's source code. At some point, you just have to trust the developer.

    • Approved Malware (Score:5, Interesting)

      by Dan East ( 318230 ) on Tuesday November 13, 2012 @09:55PM (#41976831) Journal

      I've been rather surprised at the porousness of Apple's walled garden. My iPad is 100% stock (not jailbroken, etc), and all of the apps came directly from the app store. A couple weeks ago I noticed some odd files in my dropbox root folder. There were two executables - one for Windows (Xbox 360 MSP Generator.exe.), one for OSX (IGenerate 6.7) - both for generating "free" XBox points. Fortunately Dropbox allows you to (via their web interface only) view the versions and history of files. Both those files came from my iPad. Then last week it happened again with just a windows executable (iLividSetup.exe), also from my iPad.

      So some iOS app is interacting with the Dropbox app in some way (either via API or just throwing files into a folder that Dropbox must have all permissions open on). I have yet to determine which app it is. I only use 6 or 7 apps regularly, so I'm pretty sure it's not any of those, and I have yet to do a more systematic check on the other dozens of odd lesser used apps. The moral of the story is that these app stores are not foolproof by any means, and malware is still being approved, even if the attack vector is novel, dependent on a 3rd party app (dropbox) and is cross-platform.

      Anyone else see this behavior in their Dropbox files?

      • by Inda ( 580031 )
        Google says a metric tonne of people are having the same issue.

        Looks like malware, sounds like malware, is malware.
      • by mybecq ( 131456 )

        So some iOS app is interacting with the Dropbox app in some way (either via API or just throwing files into a folder that Dropbox must have all permissions open on).

        Most likely they're using Dropbox's iOS SDK [dropbox.com]. That would have required you to give permission however.

        Check Dropbox's My Apps [dropbox.com] to see if any 3rd party apps have access.

        • Thank you. The mystery deepens further. I only have one app listed for Dropbox access:

          App name: PDFReader Dropbox Uploader
          Publisher: Kdan Mobile
          Access type: Full Dropbox

          When I click on Kdan mobile it's a 404. I triple checked my app history, and I have never installed that, or any other, PDF reader on my device. I've never needed to. I also have never given any access to dropbox for an app. Perhaps that is just a sham app the malware claims to be when getting access to dropbox?

    • by Splab ( 574204 )

      Really? So you have sat down and read through every single line of code in everything you use? Or are you just believing some creature out there is doing that for you and hoping to god they spot the problems?

  • Regardless... (Score:4, Insightful)

    by klingers48 ( 968406 ) on Tuesday November 13, 2012 @07:00PM (#41975509)
    ...Of whether or not the user has pirated the software, this kind of name-and-shame digital vigilantism on the part of the software author is just playing with fire. Especially (but not only) when it's shoddily coded and hitting false positives.

    I can imagine them sitting around their dev table brainstorming "Ok guys, what's the best possible way we can open the company up to libel and defamation lawsuits? Hey, I know... Let's even give people who use and rely on Twitter as a business tool an opportunity to claim commercial losses against us as a result of an automated piracy accusation going out to their X-million followers!"

    Sometimes things just aren't thought through very well...
  • Misrepresentation (Score:2, Interesting)

    by Anonymous Coward

    The app is posting a tweet purporting to come form the user, whereas it actually comes form the app's author. As the app's message is implying that the user is violating copyrights, a crime, this is defamatory, so the author of the app is libelling the user. The user isn't a public figure, so doesn't have to prove malice on the part of the app's author. As I see it, the only defence for the app's author would be to prove that the user did illegally copy software.

    • by tftp ( 111690 ) on Tuesday November 13, 2012 @09:11PM (#41976579) Homepage

      As I see it, the only defence for the app's author would be to prove that the user did illegally copy software.

      It wouldn't be even nearly enough. For example, an ISV cannot set fire to your house upon detection of unauthorized use. There is a specific limit to what software developers may do when they have a good reason to suspect piracy. Have a look at Microsoft's solution - MS had enough lawyers thrown at the problem, so what MS did is basically the maximum of what is legal and safe.

      In this case the software developer committed several crimes. And those crimes do not even PREVENT the piracy! What would prevent it? Simple: just don't run the software! Or run it in demo mode. Good solutions are numerous.

      One good advice that got overlooked here is this: always maintain good communication. Talk to the user. Let the user always know what is happening. Let the user make his decisions. In this case the software bypassed the communication phase and decided to become not only the detective, but also the judge, the jury and the executioner. Note that only a judge can order a convicted offender to publicly humiliate themselves. This rarely happens, but such sentencing does occur now and then - usually as an offer that can be refused (if you like the inside of a prison more, for example.) This software took upon itself the right that rare a human is entrusted with.

  • by Anonymous Coward on Tuesday November 13, 2012 @07:13PM (#41975619)

    Seriously, would it be so hard to include that in the article?

    The company you want to avoid from now on is called "Enfor", and they deserve to have this bullshit rubbed in their face. If you want to sock 'em in the gut, email Apple and explain to them what happened after you legitimately purchased the app, and ask for a refund. I'm sure this is breaking one of their SDK rules somewhere, but even if it isn't- they have a walled garden to protect legitimate users from this kind of crap. When stuff like this gets past them, it makes Apple look bad as well as the company who wrote it.

    So email Apple and tell them how you feel about this betrayal of trust. Tell them the app has publicly humiliated/embarrassed you, that you want a refund, and that this whole situation has shaken your confidence in Apple's walled garden. If enough people do this, Apple will turn around and tear a strip off Enfor- either by freely issuing refunds to anyone who asks for it, or by taking down the offending apps (goodbye sales!), or by banning the developer.

  • Apple should provide anti-piracy protection to its developers. It could--it is a walled garden and each device has a unique ID... but chooses not to.. Most developers don't make a penny selling iOS software... Apple should take as many steps as possible to encourage a healthy marketplace for quality developers. Ideas such as waiving the $99/year fee for apps that good but not yet profitable would be a start.. And re-vamping the app store to make it easier to find software would be another good first step.
    • Only if the device can be jailbroken you can use pirated software in it. If you are using the most recent version of the OS at this time you simply can't do it, what more do you expect them to do? All the jailbreaks are basically methods to break the security model of the OS.

  • by Nyder ( 754090 ) on Tuesday November 13, 2012 @07:37PM (#41975821) Journal

    and everyone that knows me knows I pirate software, music, movies, whatever. In fact, I'm the go to guy.

    See, I tell people I pirate software, so no, the app wouldn't bother me.

    But it goes to show, the only people that buy dvd/bluray's are the ones who get hit with DRM and warnings about copyright, because I sure as fuck don't get those when I download pirated versions.

    You buy goods because you like the abuse. I pirate the goods because I don't like to be abused.

    • No, you pirate becaus you dont like paying for things. The rest is pseudophilosophical rationalizaton.

  • I'd sue them for personal defamation and, If I operated in any business capacity, damages to my corporate/professional image.

  • I'm finding more frequently the reason people use a pirated version is to avoid this type of stuff. I'd be willing to bet only 25% of their customer base knows that. I'd also be willing to bet future customers are going to think twice about paying.

    Why did Enfour do it? "Only 25% of our apps in use are legitimate copies. Piracy is threatening the survival of all independent devs," she wrote.

    • by gl4ss ( 559668 )

      25% is a ridiculously good rate. they should have just been happy with that. greedy fucks.

  • There that's who they are! so claims the article.Don't buy their products and send them alot of pissed off customer emails. Let em know how ya feel.
  • Doing crap like that should be illegal.

    The 'author' should be taken out back and flogged for it.

  • I'd forgive them if they were to compensate me financially for libel, defamation of character, and unauthorized access to a computer device or service.

    • If I were in this company's shoes I would negotiate with Apple a way to offer at least a partial refund to my customers. That would be a sincere apology.

  • I would be fine with this. It would at least save me the trouble of announcing all the pirated software I'm using as I usually do. All apps should have this.

    Pirate and Proud.

  • The common thread you see in many cases of software or content which are heavy on the anti-piracy (advocacy, DRM, etc) is that they (er, the organisation responsible) have no integrity, no shame, and are mostly hypocrites.

    Not absolutely every one of them, but near enough that to say otherwise is nothing more than legal nit-picking.

    Seriously folks, when will Big Business (and even some small ones) stop thinking that ALL their customers are a bunch of ratbags, when will they stop thinking that THE UNIVERSE
  • This is a serious problem for both Android and iOS apps, and it's something that Blackberry had figured out from the very beginning. On the Blackberry, the user has a CHOICE as to whether to allow the apps access or not. You don't just get a screen saying "the app needs access to these things" and you have the options of exactly "take it or leave it." You get little checkboxes to say "No, the app can't access my personal contacts" and the app will still install, run, and work without access to your perso

  • ... is Google.

    If I am unsure of the spelling of a word or not entirely sure of the meaning I just type it into the Chrome URL box and I end up with a Google search with corrected spelling and links to the definition by default.

    Probably not as easy on an iPad of course ... but $50 for any iPad app seems exorbitant. Unless I am missing something, if the point of the app is to be a dictionary, you really don't need an app (rig up a web service or something?). Ok this app has sound bytes for pronuncia

  • by eno2001 ( 527078 )

    For some people quitting piracy is just as hard as quitting the fap. Oddly there seems to be a direct correlation between the two activities.

  • Many many years ago, the Amiga IRC client "AmIRC" used to do a similar thing if you had a known pirated key. Everything sent to the IRC channel would come out as "/me is a lame software pirate", however would appear normal to the user themselves (so they were usually unaware until someone told them).

    It was actually fairly well accepted as a clever and cute anti-piracy mechanism; but unlike the app in TFA, it never screwed up (as far as I heard about).

This is now. Later is later.

Working...