

New iPhone app piracy over week one. - mrcharles
http://smellslikedonkey.com/wordpress/?page_id=274

======
ErrantX
It's refreshing to see someone disagreeing with the notion that piracy is
universally good for a game/program etc. because it does convert into some
sales.

And with hard stats too.

I wouldn't call it proof either way but it is a nice counter point to previous
posts I've seen.

Im not surprised to be honest; if the game can be completed in a reasonably
short amount of time I guess there is no real reason for the pirate to pay.
He/She is not paying for _more_ game but for what they just completed - I dont
think many people put much monetary value on their past :D

~~~
aerique
I like the data as well but I'm not so sure it disproves anything. As he said
in his blog the game is currently climbing the charts which would be
consistent for a game worth playing that wasn't released with a lot of pre-
release hype. It's only one week's worth of data so far but definitely worth
keeping track of.

Also if the pirate types are still the same as in my Atari ST / Amiga days
then these people really aren't interested in buying your software anyway.
They generally just collect and hoard all the software without using much of
it.

It would be very interesting if he's able to find out from his data how long a
pirated version is played as compared to a bought one. (And also the age of
the users but that data's probably way out of reach.)

------
scotty79
> The game is however slowly rising up the charts (e.g. top 100 apps in Japan)

I wonder if any of these can be due to a buzz generated by people playing game
for free?

I modern harsh world you have to give away a lot to actually sell anything.
You can't sell a newspaper without DVD. You can't sell DLC without giving free
client to anyone who wants it. You can't sell a game without giving cash to
advertisers or free pleasure to pirates. You choose what you prefer but
pirates will get what they want anyway. Because they can.

~~~
patio11
Pirates will not get what they want, and neither will many legitimate
customers, once publishers figure out the lesson of piracy: pirating the
client is easy, pirating the server is hard, divide value accordingly and
retool your business model to suit.

I just opened my Kindle today and am having a "Wow, I'm living in the future"
experience, so let's roll with what living in the future looks like for
gamers:

1) The bestselling American PC game (dominating the industry, with 4 of the
top 20 slots) will be a $60 paperweight without a $15 pay-per-month account,
verified server-side.

2) There will be an explosion of what is euphemistically called free-to-play
games, which are actually free-to-trial and then turn on aggressive
monetization within minutes of starting. All content is locked down on the
servers. Anything you buy can vanish at a whim. There is generally no maximum
price for the game -- they are designed to extract more and more money from
you the more you value the game.

~~~
scotty79
And where do you place huge amount of interesting innovative flash games
available completely free?

~~~
davidalln
Most flash games aren't created with the purpose of making grandiose amounts
of money, but rather for fun or for showing off

~~~
scotty79
Most open source software is created with the purpose of making grandiose
amounts of money, but rather for fun or for showing off.

But it's still business and lots people make a lot of money out of it.

------
awolf
They touched on it in their post, but I'd recommend making the app free and
then charging $3.99 to unlock its full features.

Advantages: \- Their app will be a lot tougher to crack. It won't be an
automatic process like it most likely is now. Last I checked, all it took to
crack an app was breaking the encryption and adding a "SignerIdentity" key to
the Info.plist. \- They take away the "try before buy" excuse some pirates use
as justification. \- They get their product into more people's hands => get
more people talking about it.

~~~
elai
Not really, you would have to just modify the StoreKit library to act like a
sandbox account all the time, or with the specific app, therefore all in-app
purchases would be marked as successful. With server side in-app purchases,
you would have to circumvented receipt verification, but there's probably a
way for that.

------
bshep
How are pirated iPhone apps detected anyway?

I always thought the app was decrypted in memory and then run, and cracked
versions were dumped from memory and written to disk. So once loaded, the app
binary looks the same to both a cracked app and a legit app. How can you tell
the difference?

~~~
cesare
IIRC, some apps just check the integrity of the info.plist file (which needs
to be modified for the crack to work).

~~~
eli
Of course, if you actually started using this method to put up a nag screen,
the pirates would just remove the integrity check too. I would imagine the
only reason it's even possible is because the game works fine and the pirates
didn't notice the flag.

~~~
vessenes
I'm not sure this is true, or if it is true, it might not be true in the way
the original guy who wrote the story mentioned. He said his app was up about
40 minutes after launch on a pirate site. I get the impression that what you
download from Cydia rewrites the system calls, once for all, and does not
rewrite each app internally. These apps are distributed binary, yes? So you're
going to need a cracker with a disassembler, iphone dev kit and some time to
pull out the internal checks. This opposed to doing it once for all on the
iphone OS side. I'm betting that's how it's done, and if that's how it's done,
then adding those checks will have some impact.

~~~
cesare
> These apps are distributed binary, yes?

Like OS X apps, iPhone apps are distributed as bundles (directories)
containing all the required files
(<http://en.wikipedia.org/wiki/Application_Bundle>).

The info.plist file is a plain xml of key/value pairs of properties that tell
the OS how to handle the app, which kind of files can be opened with it etc.

AFAIK, the application that kids use to crack iPhone apps adds a key/value
pair to the info.plist which is needed to load the app on a jailbroken device.
So, you just need to check for its presence. If the key is there, the app has
been cracked.

~~~
eli
I understand how it works, but my point is that if you use this check to
shutdown the app or constantly nag the pirates, they will simply crack the
game to remove the check. The only reason this guy was able to gather
statistics was because he allowed pirated versions to continue to function
normally.

Pirates have been reverse engineering and cracking Windows Mobile games by
hand like this _years_.

------
martingordon
I wonder if the developer did anything to ask users to buy the legitimate
version. I have an app in the App Store and I limit users to a certain number
of photo uploads before giving them a notification to buy it. I've had about a
20% piracy rate. 0.85% of the total (4% of pirates) bought the app after
pirating and 0.63% bought it before seeing the message.

~~~
spicyj
0.63% of the total, or of pirates?

~~~
martingordon
0.63% of the total

------
timdorr
What's unfortunate is that this pushes Apple to work harder to lock us out of
our devices, since it all depends on jailbreak-ability.

Example: I want to be able to redirect calls to my existing number to an audio
message that I've got a Google Voice number now. I can _only_ do that by
jailbreaking and hacking about.

~~~
martingordon
You can set up forwarding using the instructions here:
[http://www.wireless.att.com/learn/basics/choosing-
features-s...](http://www.wireless.att.com/learn/basics/choosing-features-
services/call-forwarding.jsp)

Note that you will be charged as if your phone is dialing the GV number. When
I was in the UK and had forwarding set up, I was charged the $1.79/min as
people left me voicemails as if my phone was dialing the GV number.

------
hyyypr
_tiny violin music_

------
jrockway
Once nice thing about Android is that you have to give applications permission
to spy on you. Reading the useful "unique IDs" (phone number & IMEI) requires
the "read phone state" permission. (That is why random apps that don't deal
with your phone need that permission. And is why I don't install them unless I
can see the source code.)

Anyway, I would not pay for an app that collects my personal uniquely-
identifiable information and sends it to an untrusted third party. The pirates
have the right idea here.

~~~
middus
The pirates have the right idea? Seriously? If you do not agree with a piece
of someone else's work, don't buy it, fine. But disagreement does not give you
the right to steal it.

~~~
smokinn
That only works if you can check what the other person's work is like. When
the app is distributed as a binary on a locked system that can only run one
app at once you have don't know whether it's phoning home or what it's
sending. If it's talking over wifi you can sniff on your lan but if the data
is encrypted, good luck.

