Join 3,556 readers in helping fund MetaFilter (Hide)


"Your app's anti-piracy module, it's not working"
November 29, 2012 1:40 PM   Subscribe

An iOS application developer has come up with an extreme way of fighting software piracy—by auto-posting "confessions" to its users' Twitter accounts. "...Enfour, the maker of a variety of dictionary apps, is auto-posting tweets to users' accounts to shame them for being pirates. But the auto-tweeting seems to be affecting a huge portion of its paid user base, not just those who actually stole the apps." Follow-up. A personal account: Can’t spell “pirate” without “-irate”: on DRM and punishing the customer
Enfour has since launched a “crucial maintenance release” to iTunes, and the issue has seemingly been resolved...

I found Enfour’s accusation especially insulting given the price I paid for the software—US$55. That is to say, the iOS version of the Oxford Dictionary of English costs the equivalent of a dense printed-and-bound volume of the very same. Worse, I grumblingly upgraded from the 3G to the 4S a year ago explicitly to purchase this expensive dictionary software (in fact, it was the very first purchase I made in iTunes once I was home from the AT&T store). I have frequently taken to Twitter to manufacture arguments over the cost of Enfour’s Oxford application, always defending my purchase.

...I remember seeing the app’s request pop up, and I’d simply assumed the dictionary had added some sort of social networking functionality, something like “share this crazy new word with your friends!” or whatever. (Enfour’s software integrates very nicely with another app, the excellent Terminology, which does indeed include a “Twitter” button along with each definition.) At no point did Enfour disclose its intention to “post to Twitter on [my] behalf,” however. The request seemed perfectly innocuous.

One user did deny Enfour this permission request, and he discovered that Oxford booted him from the software entirely. This is to say, he could not use Enfour’s Oxford at all unless he granted the dictionary permission to humiliate him publicly.

Enfour has since admitted there was a “glitch” that caused “false positives” in the software. What’s especially harrowing, though, is that Enfour apparently mined the data in the iPhone itself in an effort to determine, not whether Enfour’s own software is pirated, but whether any software on the iOS device is pirated. This is ominous news for anyone with a jailbroken phone; for my own part, my device is perfectly legal (to a fault), but I do have a copy of TestFlight, a type of software that allows me to test beta builds of developers’ apps.
posted by flex (74 comments total) 14 users marked this as a favorite

 
But the auto-tweeting seems to be affecting a huge portion of its paid user base, not just those who actually stole the apps.

Well who in their wildest dreams could've ever imagined that would happen.
posted by glhaynes at 1:42 PM on November 29, 2012 [24 favorites]


AN IOS PROGRAM THAT COSTS $55?! I wouldn't be ashamed to pirate that, to me it'd be a badge of honor.

This is one reason why I always go open source if I have the chance, a kind of software you don't see a lot of on the mobile App Store.
posted by JHarris at 1:43 PM on November 29, 2012 [6 favorites]


Impersonating someone using a computer without permission is a federal crime, right?
posted by East Manitoba Regional Junior Kabaddi Champion '94 at 1:45 PM on November 29, 2012 [40 favorites]


cf. Game Maker branding their legitimate users' assets with a skull and crossbones because it thought they were pirating.

This is what happens when programmers think they're being clever.
posted by danny the boy at 1:48 PM on November 29, 2012 [2 favorites]


So did I read that right: the app refused to launch until you entered your twitter handle and, presumably, your password?
posted by Think_Long at 1:48 PM on November 29, 2012 [1 favorite]


Their app is $55 and they're wondering why people don't want to pay for it?
posted by item at 1:49 PM on November 29, 2012 [3 favorites]


So since I don't use twitter I am okay to steal this, right?
posted by elizardbits at 1:50 PM on November 29, 2012 [4 favorites]


or what JHarris said
posted by item at 1:50 PM on November 29, 2012


The forecast today is for partly cloudy skies and a 100% chance of a DoS attack on Enfour
posted by mcstayinskool at 1:51 PM on November 29, 2012 [9 favorites]


Why are people shocked that an app with Oxford dictionary content costs $55? That's like saying that subscriptions to OED.com should be really cheap because, hey, it's just a website and most websites are free.

But: I'd be really really (really) upset if I paid $55 for an app and it tweeted on my behalf that I stole it. Somewhat more upset even than I'd be if it did that after I'd paid $0.99 for it.

And Oxford University Press should be outraged.
posted by glhaynes at 1:51 PM on November 29, 2012 [12 favorites]


"There was old code from a previous version of the module that was timed to activate on November 1," Enfour VP of Communications Tracey Northcott told Ars via e-mail. "This didn't affect everybody. It only affected people who let the app go to 'sleep' while using it on November 1. If the user shut down the app after using it, then there would be no issue. If a person didn't use the app between October 31 and updated on or after November 2, then they would not have been affected at all. There are still some people who have this issue as they haven't yet updated their apps."

I'm not a programmer or UX expert and I don't play one on TV, but is this as dumb as it sounds? "Only" affected people who....use apps in a really common way of using apps?
posted by rtha at 1:52 PM on November 29, 2012 [3 favorites]


What's the internet equivalent of being run out of town on a rail?
posted by marylynn at 1:59 PM on November 29, 2012


What's the internet equivalent of being run out of town on a rail?

CueCat?
posted by delfin at 2:01 PM on November 29, 2012 [15 favorites]


I have an Android device and Enfour, Inc.'s 'American Heritage Dictionary 5' app is $24.99 in the Google Play store. I honestly cannot see anything it would do that a comparable $2 or $3 app (or even an ad-supported free app) couldn't, but you'd better believe I'm now damn curious and seriously tempted to install it without paying using my Blackmarket pirate app, an app that the guy working at the Sprint store hooked me up with the last time I upgraded my phone. Of course, I'm not saying I will be doing such as thing, but still: damn curious. Damn damn curious.
posted by item at 2:01 PM on November 29, 2012 [4 favorites]


Oh also, apparently this is what it tweets: How about we all stop using pirated iOS apps? I promise to stop. I really will. #softwarepirateconfession

So it doesn't just tweet on your behalf, but it makes you lie as well. ASSHOLES.

Why are people shocked that an app with Oxford dictionary content costs $55? That's like saying that subscriptions to OED.com should be really cheap because, hey, it's just a website and most websites are free.

Because:
1. It's an iOS app, for which $5.99 seems grossly overpriced, let alone $55. ANY app that costs that much is going to infuriate people, regardless of content.
2. Lots of laypeople have had no experience with the Oxford English dictionary, which is frequently sold to libraries, takes up a whole shelf, and costs thousands of dollars.
3. Your website comparison is Analogy Fail. Outrage over the price has more to do with its Appiness than its Oxfordness.
posted by JHarris at 2:01 PM on November 29, 2012 [2 favorites]


Why are people shocked that an app with Oxford dictionary content costs $55? That's like saying that subscriptions to OED.com should be really cheap because, hey, it's just a website, most of them are free

Just to be clear, OED.com is the Oxford English Dictionary. The app is the Oxford Dictionary of English.

Big difference.
posted by Egg Shen at 2:01 PM on November 29, 2012 [26 favorites]


Class action suit for libel and defamation of character, anyone?
posted by mullingitover at 2:02 PM on November 29, 2012 [2 favorites]


equivalent of being run out of town on a rail?

Probably something like what happened to that self-proclaimed security expert who taunted Anonymous.
posted by thewalrus at 2:02 PM on November 29, 2012 [4 favorites]


Wait, so they just called their app Oxford, but it isn't the OED?! MUST... CONTAIN... RAGE......
posted by JHarris at 2:04 PM on November 29, 2012 [5 favorites]


Why are people shocked that an app with Oxford dictionary content costs $55? That's like saying that subscriptions to OED.com should be really cheap because, hey, it's just a website and most websites are free.

Because information isn't worth what it once was, like it or not. A set of encyclopedias once cost hundreds if not thousands of dollars, but now that all of that (and 100000000000000x more) info is effortlessly available for free on the internet, those books are barely worth more or less the paper they're printed on.
posted by item at 2:05 PM on November 29, 2012 [1 favorite]


So did I read that right: the app refused to launch until you entered your twitter handle and, presumably, your password?

Since iOS 5, Twitter has been 'integrated' into the OS. It's stored like an email account in the settings, and apps can request access to use that account, similar to how they can request access to location data or contacts.

That's the standard way of handling it. I don't know for certain if that's the case here.
posted by dumbland at 2:06 PM on November 29, 2012


Why haven't they been bounced from the app store?
posted by empath at 2:07 PM on November 29, 2012 [6 favorites]


The Oxford English Dictionary and the Oxford Dictionary of English are two different dictionaries (confusingly), both published by Oxford. Yes, the Dictionary of English is cheaper than the OED. But it's still not free. Looks like they're going for about $50 on Amazon.
posted by glhaynes at 2:07 PM on November 29, 2012


: "Wait, so they just called their app Oxford, but it isn't the OED?! MUST... CONTAIN... RAGE......"

And the Oxford Dictionary of English is apparently a terrible read, too! From the reviews:
This is a terrible dictionary . It took me 2 weeks just to get to m. It took me 5 weeks to get to z. Don't waist your time!!!!!!!!!!!!
posted by mullingitover at 2:07 PM on November 29, 2012 [12 favorites]


What's the internet equivalent of being run out of town on a rail?

Reaching the frontpage of Reddit.
posted by Talez at 2:10 PM on November 29, 2012 [1 favorite]


The company should be banned from the App store. This is basically malware behavior, unacceptable even if it only affected pirates.
posted by Mitrovarr at 2:10 PM on November 29, 2012 [23 favorites]


So, wow, this developer didn't just check if it thought its OWN code had been copied, it apparently looks for evidence that you might be using your phone in ways this company doesn't like, and then publicly shames you.

So what's worse, software theft, or libel? I'd call these guys about a thousand times worse than any software pirate, ever.
posted by Malor at 2:32 PM on November 29, 2012 [12 favorites]


I mean, this is probably actually breaking the law, because the software has misrepresented itself as being you, and posting on your behalf.... this certainly would fall under the computer fraud and abuse acts.

This is, in other words, something they could absolutely go to jail for, if our law enforcement was actually out to protect the public, and not the powerful.
posted by Malor at 2:34 PM on November 29, 2012 [13 favorites]


Oxford University Press should be outraged.

I once got suckered into the Oxford Concise Dictionary CD-ROM for Windows with its promise of "240,000 words, phrases, and definitions".

It turned out that 2/3 of that count was literally just a list of words. "HTML" wouldn't even tell you what the letters stand for.

And typical of the 65,000 actual entries was "tanagram" - with no hint of what it means but "Origin C19: of unknown origin".

So I get the impression they ain't real fastidious about who they get into bed with, electronically.
posted by Egg Shen at 2:38 PM on November 29, 2012 [4 favorites]


There are many dozens of these tweets in the past day alone, all identical.

I count about 250 in the past 24 hours.
posted by mrgrimm at 2:43 PM on November 29, 2012


The -irate article mentions that Ron Swanson got busted.
posted by mrgrimm at 2:45 PM on November 29, 2012


... which is pretty funny considered his actual most recent tweet, from March 24, 2012:

"Twitter was a mistake. I'm leaving it behind and going outside to look at nature, then use my hands to make something. Join me. Goodbye."
posted by mrgrimm at 2:46 PM on November 29, 2012


Impersonating someone using a computer without permission is a federal crime, right?

No. It's a crime in many states and impersonating a federal officer or employee of the United States is a federal crime but criminal impersonation in and of itself is not a federal crime.

Enfour is in Japan anyway so it's academic.

This is, in other words, something they could absolutely go to jail for, if our law enforcement was actually out to protect the public, and not the powerful.

Under what statute? What jurisdiction? "What the law should do" vs "what the law says" are not quite in tune here. It's a shitty situation but (the hypothetical) you installed the app, you gave the app access to your Twitter. Your remedy here is probably civil if you even want to pursue it.
posted by Talez at 2:51 PM on November 29, 2012 [2 favorites]


Mass complaining to Apple is probably the best solution to pursue here. Enough of an outcry, and they could get banned from the app store, shutting them down.
posted by Mitrovarr at 2:57 PM on November 29, 2012 [3 favorites]


"This is a terrible dictionary . It took me 2 weeks just to get to m. It took me 5 weeks to get to z. Don't waist your time!!!!!!!!!!!!"
I suspect he skipped a page or two on the way…
posted by Pinback at 3:00 PM on November 29, 2012 [3 favorites]


It's an iOS app, for which $5.99 seems grossly overpriced, let alone $55. ANY app that costs that much is going to infuriate people, regardless of content.

App store apps are bizarrely underpriced, I think. It's all due to inertia. Apps used to just be toys, so everyone got used to paying for toys, and they are reluctant to change spending habits. This is a bad thing. The "iOS apps must be cheap!" mentality is one of the things that has led to the horrors of the freemium model. Most apps just hide the cost in in-app purchases. Rosetta Stone software is super expensive on the PC, but they can't charge 180 dollars for an app because of market expectations, so they disguise the 180 dollar price tag as an IAP.

Still, apps have been getting more expensive since the app store was unveiled. 10 dollar apps are not uncommon now. At some point, tablets will start putting out titles concurrently with PC and console releases (it happened with The Walking Dead), and it'll tough to justify a big price difference between the two. The Spiderweb software guy took a bit of flack for the iPad version of Avernum being much cheaper than the PC version. He was forced to do it because of market expectations. He made a killing in volume, but that was when the app store was an emptier place.
posted by painquale at 3:15 PM on November 29, 2012 [6 favorites]


I wonder if this violates US law related to computer fraud and abuse. Also why hasn't Apple or Twitter commented on this. This story has been all over the place in the last couple of weeks.
posted by humanfont at 3:18 PM on November 29, 2012 [1 favorite]


How about we all stop using proprietary software? I promise to stop. I really will.

(And, in the meantime, at risk of victim-blaming: it is hard to sympathize about this sort of mishap with folks who have things like iPhones and Twitter accounts.)

this certainly would fall under the computer fraud and abuse acts.

I was wondering about this, too.
posted by kengraham at 3:26 PM on November 29, 2012 [1 favorite]


Malor writes "So, wow, this developer didn't just check if it thought its OWN code had been copied, it apparently looks for evidence that you might be using your phone in ways this company doesn't like, and then publicly shames you.
"

I wonder if this "mistake" isn't actually the desired behaviour and the code was put in a few month ago by some developer who knew they were going to get laid off or as a job dead man switch.
posted by Mitheral at 3:28 PM on November 29, 2012 [1 favorite]


Those of you who think this was actually illegal... well, maybe. I'm not a lawyer. However, each person this happened to had to give the app explicit permission to use their Twitter account. Now, they all likely assumed it was going to be used the way most apps do: some kind of social sharing feature, or whatever. I'd have assumed the exact same thing.

To subvert that expectation in this way was scummy, and they deserve a huge hit to their reputation, but it was only an expectation. They didn't hack into anyone's Twitter account. They asked for and were given access, and then used it to shit on their users.
posted by gilrain at 3:30 PM on November 29, 2012


(And, in the meantime, at risk of victim-blaming: it is hard to sympathize about this sort of mishap with folks who have things like iPhones and Twitter accounts.)

I, um

what?
posted by Sebmojo at 3:34 PM on November 29, 2012 [8 favorites]


gilrain: To subvert that expectation in this way was scummy, and they deserve a huge hit to their reputation, but it was only an expectation. They didn't hack into anyone's Twitter accounts. They asked for and were given access, and then used it to shit on their users.

Social engineering is still hacking, and granted permission is not valid if you misrepresent what you wanted it for, or use it in unexpected and destructive ways.
posted by Mitrovarr at 3:41 PM on November 29, 2012 [3 favorites]


I'm not sure I would call directly asking for access to a Twitter account social engineering. If they had disguised the prompt as a request from a friend, or something, then yeah.

Isn't social engineering about gaining access by misrepresenting yourself as someone with more privilege than you actually have? The app didn't misrepresent itself at all. It didn't state one way or the other why it wanted the access.
posted by gilrain at 3:48 PM on November 29, 2012


I wonder, if you didn't HAVE a Twitter account, would it just not work, as well as if you refused it access?

(And I don't think 'no, dictionary, no twittering' should be a killer for an app to work. It's ridiculous. I have most of my apps set so they don't touch my social networking things, because to be honest I don't want them to send things on Twitter or Facebook in my name unless I get to approve it first.)
posted by mephron at 3:54 PM on November 29, 2012 [2 favorites]


I could see myself paying $55 for an app if it did something extremely, extremely useful. But if I paid $55 for an app, it had damn well better work perfectly all the time and never libel me on social media. $55 should be enough to buy silence from my app.
posted by vibrotronica at 4:12 PM on November 29, 2012 [5 favorites]


(And, in the meantime, at risk of victim-blaming: it is hard to sympathize about this sort of mishap with folks who have things like iPhones and Twitter accounts.)

Please try. These things are not necessarily evil.

No. It's a crime in many states and impersonating a federal officer or employee of the United States is a federal crime but criminal impersonation in and of itself is not a federal crime.

I think Malor might be thinking about the statutes against unauthorized access, which oftentimes means guessing someone's password. But since Twitter access is a system-level service on iOS, that might not be viable.

This is why I like Android's permission system, which is quite fine-grained, although I notice that, even there, programs typically request permissions you wouldn't expect they'd need, like the ability to do arbitrary things on the network connection. Even such a permission system is useless when people just blindly approve whatever permissions a program requests, because most apps request all kinds of things out of habit.

Enfour is in Japan anyway so it's academic.

I don't think the fact that you're in another country protects you against crimes you committed in this country, but IANAL.
posted by JHarris at 4:38 PM on November 29, 2012 [1 favorite]


For $55 it had better at least fart
posted by thelonius at 4:39 PM on November 29, 2012 [4 favorites]


Here's Enfour's website.

They also sell Symbian and PalmOS software! And the latest news on their Newton page says they'll keep supporting it!
posted by 23 at 4:48 PM on November 29, 2012


So did I read that right: the app refused to launch until you entered your twitter handle and, presumably, your password?
Twitter functionality is built into iOS 5. Supposedly you need to give the app permission to use it, though.

Anyway, this is a perfect example of how people who think it's perfectly reasonable to let developers just do whatever they want with any data on your phone are idiots. Maybe it is more convenient for some developers, but you know what? the users computing device isn't there to make your life easier.
posted by delmoi at 5:01 PM on November 29, 2012 [1 favorite]


it is hard to sympathize about this sort of mishap with folks who have things like iPhones and Twitter accounts.

Please try. These things are not necessarily evil


Owning an iPhone & having a Twitter account? Fine. Giving an iPhone app permission to use your twitter account? I'd have an easier time sympathizing with Zynga players whose game updates show up on my Facebook page again because they've switched to CityMafia4 or whatever version I haven't explicitly blocked yet.
posted by straight at 5:02 PM on November 29, 2012


Another case: GameMaker DRM goes berserk, defaces dev work

In this case users who had "pirated" the program (due to errors, anyone) had their game graphics overwritten to include a skull and crossbones. The software company continues to insist that without DRM everyone would stop paying them.
posted by 23 at 5:54 PM on November 29, 2012 [1 favorite]


He must have messed up some mundane detail.
posted by dirigibleman at 5:59 PM on November 29, 2012


Twitter was a mistake. I'm leaving it behind and going outside to look at nature, then use my hands to make something. Join me. Goodbye.

Lulz. Jackass.
posted by drjimmy11 at 6:22 PM on November 29, 2012


I wanted to try the free version of GameMaker on a laptop that doesn't have an internet connection, but the GameMaker people are so paranoid about piracy, you can't even install their demo without it phoning home. My only options were to try a pirated version or just forget it.
posted by straight at 6:39 PM on November 29, 2012 [2 favorites]


Again, the war against so-called piracy reminds me of the war on drugs. It can't be won, but that won't stop a pile of incompetents from doing their worst, wreaking all manner of collateral damage as they go.

stupid
posted by philip-random at 6:43 PM on November 29, 2012 [11 favorites]


I was surprised to discover recently how trivially easy this sort of thing is once you have users' twitter account details. It's obvious now that I think about it, but of course there's nothing magic that stops your app which tweets for you from doing it while you're not looking. I'm amazed some rogue developer hasn't sold a database of accounts off to spammers yet.
posted by lucidium at 6:44 PM on November 29, 2012


This behavior is almost certainly against Twitter's Terms of Service for Developer Partners, which is a legally binding contract in the US.
posted by nonreflectiveobject at 6:53 PM on November 29, 2012 [2 favorites]


JHarris writes "I don't think the fact that you're in another country protects you against crimes you committed in this country, but IANAL."

If nothing else Apple's store is in the US.

delmoi writes "this is a perfect example of how people who think it's perfectly reasonable to let developers just do whatever they want with any data on your phone are idiots. "

Who the heck thinks this? I would posit though it's a prime example how we shouldn't trust apps just because they come from a vetted, walled garden store. An annoyingly common theme that seems to come up so often (IE: "I don't have to worry about virus/trojans/malware/etc. because Apple's vetting all this stuff so it's _SAFE_". *Hollow laugh*).
posted by Mitheral at 7:11 PM on November 29, 2012 [1 favorite]


I'm really disappointed at the media coverage on this. None of the the news orgs and blogs covering this have any official reaction or no-comment from Apple or Twitter. There is no legal analysis either. It's just grar everywhere and the story has been out for a few weeks now.
posted by humanfont at 8:30 PM on November 29, 2012 [2 favorites]


As Mitheral says, isn't this exactly the sort of thing that we're supposed to be protected from, in return for allowing Apple's app-store non-policies screw over users and developers? Any time there's a thread about Apple's authoritarian walled garden, it's full of apologists who claim that it's worth it because they're protected from bad software. (Somehow. I don't think the review process really cares about things like this.)
posted by hattifattener at 10:55 PM on November 29, 2012 [4 favorites]


For all the arguments over lost money and theft... how many of the pirates in this case (or in a number of cases) were actually going to buy the product before finding the pirated copy? A board over/under or study would be great.
posted by Slackermagee at 1:37 AM on November 30, 2012


I was surprised to discover recently how trivially easy this sort of thing is once you have users' twitter account details...I'm amazed some rogue developer hasn't sold a database of accounts off to spammers yet.

It's one of the decent advantages of OAuth. In order for someone to access your account, you grant permission to an app/software/website which gives it an authentication key. This authentication key only works with the API key for that app.

So while some rogue developer could, in theory, sell their API key and their authentication codes to a spammer, as soon as such behaviour was reported to Twitter, they could just revoke access for that API key, invalidating everything.
posted by Hartster at 2:01 AM on November 30, 2012 [5 favorites]


App store apps are bizarrely underpriced, I think. It's all due to inertia.

I tend to think that app prices are low because many app developers aren't working for a wage, but rather operating as owners of tiny, high-risk startup companies hoping to make it big. For every successful, well-supported app there seem to be many others that sit there with no reviews and little support. Basically the genius of the App Store is that it gets a huge amount of trial-and-error product development work done basically for free, by "paying" the developers in hope and dreams.
posted by jon1270 at 2:03 AM on November 30, 2012 [1 favorite]


Basically the genius of the App Store is that it gets a huge amount of trial-and-error product development work done basically for free, by "paying" the developers in hope and dreams.

Some back of the envelope analysis suggest that Apple makes more profit from every iOS developer because they have to buy Apple kit in order to develop for iOS (realistically, at a minimum a phone to test on and a desktop or laptop OSX box) than the entire earnings of the iOS development community.

I'd have to go looking for the figures, but I believe the mean iOS developer makes a loss, which in turn means that the iOS development community is (on average) paying Apple in order to generate Apps which make Apple products more compelling. No wonder Apple is willing to practically pay to keep the whole iTunes App ecosystem going!
posted by pharm at 2:25 AM on November 30, 2012


This has little to do with Apple or Twitter policies about developers, because this happens in very similar ways with other technology (like Facebook and Android) which no one complains too much about. This is down to naive end users giving permission to a third party to access their Twitter account, and a crooked third-party developer who will likely find it more difficult to sell apps in the future, and may even find himself at the end of one or several well-deserved lawsuits.
posted by Blazecock Pileon at 3:14 AM on November 30, 2012


This is why I like Android's permission system, which is quite fine-grained, although I notice that, even there, programs typically request permissions you wouldn't expect they'd need, like the ability to do arbitrary things on the network connection. Even such a permission system is useless when people just blindly approve whatever permissions a program requests, because most apps request all kinds of things out of habit.

Conversely, I'd say that if the user could remove individual permissions without rooting their android*, this would be less of an issue. Alternatively, I'd like an obligatory blurb where each program explains how it uses each permission.

*this sentence is dedicated to Philip K. Dick.
posted by ersatz at 3:37 AM on November 30, 2012 [2 favorites]


This behavior is almost certainly against Twitter's Terms of Service for Developer Partners, which is a legally binding contract in the US.
I think it would be great if Twitter sued the crap out of them. They probably won't, but right now companies are getting away with this kind of behavior without any real penalties.
delmoi writes "this is a perfect example of how people who think it's perfectly reasonable to let developers just do whatever they want with any data on your phone are idiots. "

Who the heck thinks this?
I wouldn't have thought anyone would say that either, but when the whole thing about path secretly uploading people's contact lists, from their iphones, and that any apps could access your photos someone who claimed to be an iPhone developer was claiming it was "no big deal" and other crap.

The basic counter argument I've seen is that adding more permissions and crap makes developing phone apps more work and that it makes it more difficult to include some features. But the thing is, user privacy is more important than your stupid app. Or at least it should be.
Some back of the envelope analysis suggest that Apple makes more profit from every iOS developer because they have to buy Apple kit in order to develop for iOS (realistically, at a minimum a phone to test on and a desktop or laptop OSX box) than the entire earnings of the iOS development community.
It's $99 plus you have to own a mac, I think. Realistically though this is how most closed platforms work - you have to pay for dev kits in order to develop for the platform. It's still a much better deal than it was 10 years ago when you might have to spend thousands and get special equipment to develop for Nintendo or Sega.

The android dev kit is free, though. I'm not sure if you need to pay a license fee to put your stuff in the Google play store, though.
This has little to do with Apple or Twitter policies about developers, because this happens in very similar ways with other technology (like Facebook and Android) which no one complains too much about.
I've never heard about an android app posting stuff to people's twitter feeds without their permission. Doesn't iOS have twitter functionality built in, while on android an app developer would need to get their own API key in order to post things? Or do iOS apps each require their own API key?
posted by delmoi at 12:29 PM on November 30, 2012


Conversely, I'd say that if the user could remove individual permissions without rooting their android*, this would be less of an issue. Alternatively, I'd like an obligatory blurb where each program explains how it uses each permission.
The network permissions thing is typically so they can show you ads. One thing a developer could theoretically do is distribute features as separate modules with their own permissions. So if you wanted to write, say, a note taking app you wouldn't need network permissions for it to work, and then if you wanted to have the app automatically upload to drop box or other cloud providers you could download a separate module that has that permission.
posted by delmoi at 12:31 PM on November 30, 2012


It's $99 plus you have to own a mac, I think.

Not much point developing for iOS without an iOS device! On which Apple makes a huge, huge margin.

Realistically though this is how most closed platforms work - you have to pay for dev kits in order to develop for the platform.

Sure. The difference is that with Nintendo or Sega you don't have a huge long tail of developers buying dev kits and losing money.

Note that I don't accuse Apple of being a bad actor here, but it's notable that the average developer loses money & the development community is on average paying Apple for the privilege of making the iPhone a more compelling device for Apple's customers.
posted by pharm at 3:28 PM on November 30, 2012 [1 favorite]


Conjecture:
I think Apple charges for access to the App Store, not to make a profit (that's small potatoes compared to the sale of devices after all), but more to give weight to their App Store editorial pronouncements, and to (slightly) raise the bar for app inclusion.

Like how Metafilter charges $5 to keep out spammers, and so trolls lose something if they get banned. If your app gets removed, you've lost something, no matter how minor. You can't afford to keep doing that forever, so you have to edit yourself, not wasting resources submitting apps that will obviously get rejected.

But mind you, Google charges only $30 for access to the Play app store, and that's a one-time charge, not paid yearly, and it doesn't seem to have changed the platfield or relative quality level of apps much in ways that can't be accounted for from other factors. I don't have access to any figures, but both stores seem to have standout apps, diamonds in the rough, iffy projects, and a flood of crap upon which those things all float.

Both stores also have a surprising lack, compared to the PC space, of open source projects, although on Android you can always install F-Droid for that.
posted by JHarris at 4:08 PM on November 30, 2012


Agreed JHarris, I don't think Apple ever set out with any kind of "devilish plan to exploit developers" or anything like that.
posted by pharm at 2:44 AM on December 1, 2012


So the caveat is - I have worked with this company and the VP Tracey Northcott is a friend close enough to me that she was there when I gave birth to my son.

I do not represent the company in any way. This comment is my own opinion and not discussed with them.

They know they've made a mistake. They are a small family company and the main programmer added in this feature as a means to try and fight against piracy. It wasn't the right way to go about it - which I think they realize at this point. They have talked at length with Apple and their content providers to resolve any issues.

It wasn't done maliciously, they aren't a dodgy 3rd party company - they (basically the president and senior programmer) naively believed this was a way to help curb some of the piracy issues they face.

Do I agree with what was done? No. I don't think this was the best approach. I think they've fucked up on a grand scale - not for the bug that revealed the software but for having it there.

But I also disagree with the online personal prosecution involving trolling them about deceased members of their family, commentary on things like her pregnancy photos and general unwarranted character assassination. These personal attacks are not on the level of an easily deleted tweet from a twitter stream. They been relentless and hurtful.

Without the resources available to them they can't fight software pirates. Perhaps now their lesson has been learned and can serve as an example to finding a more positive way to help small producers protect their revenue stream.
posted by gomichild at 2:54 AM on December 3, 2012 [2 favorites]


It wasn't done maliciously

Maybe not on an individual level from their point of view, but it probably felt like that to every customer they accused if piracy.

They managed to accuse their entire customer base of doing something illegal in a very public fashion. Not only that, they didn't accuse them en masse: They accused each and every one individually in a way that meant that each customers own personal network of friends and contacts would see the accusation.

"Not the best approach" doesn't even begin to cover it. It was an astonishingly rude thing to do.
posted by pharm at 3:35 AM on December 3, 2012 [3 favorites]


These personal attacks are not on the level of an easily deleted tweet from a twitter stream. They been relentless and hurtful.

Well, you know what the anti-piracy groups say. Since you can't catch every pirate, you have to come down really hard on the ones you do catch in order to make it an effective deterrent. Sometimes it happens the other way around.
posted by straight at 8:11 AM on December 3, 2012 [2 favorites]


« Older "The bottom line:...  |  One of the more memorable thin... Newer »


This thread has been archived and is closed to new comments