Monday, January 9, 2012

Hoisted by my own petard: or why my app is number two (for now)

I have to admit that I have taken some small pride in the fact that my app, Yoga-pedia, has been the number one yoga app on the Windows Phone marketplace since its debut over the summer. Imagine my surprise when I checked the marketplace today and found another yoga app in the lead!

Of course I had to know what made this app so special and so I clicked through to check out the competition. OK, the cover art shows a barely clad buxom brunette in some faux pose – “it’s one of those apps” I said to myself; those soft-core apps that are all about titillation and little else.

Needing to satisfy myself that I had this app pegged, I quickly scanned the description… what’s this!? “No matter what your issue, there is most probably a pose for that” – that’s my line (after all, my paid app is “A Pose for That”). My eyes dropped to the screen shots – no way! – Other than the home page, the screen shots were lifted right out of my app!

This free app included the four yoga instruction videos only included in my paid app. Just to be clear, these videos feature my wife as the instructor, I filmed the videos (and even composed and recorded the music).

I’d been beaten by my own content!

Two things happened in quick succession; first, I got really pissed; and then I was awash in a flood of questions…

  • Who the F#$! is behind this? (and please let me meet them one day)
  • How did they do this? (and is there something I could have done to prevent it?)
  • What can I do about it? (and how much of my time is this going to suck up?)
  • Is this a common problem (if so, why haven’t I heard about this before?)
  • Why did they do this? (they don’t show ads and the apps are free)
  • What other apps does this publisher have? (and are they also stolen?)
  • And do I tell my wife? (because she is going to be even more pissed than me)
Who’s behind it? Well, I can’t say for sure – the company name has no other reference on the web that I could find – but they’re out of China and I am working on a few leads…

How did they do it? I believe they downloaded the XAP from the marketplace and while they couldn't take my code (it’s not in their app), they definitely lifted my resources (they are named identically to mine including spelling mistakes). Obfuscation/encryption can protect the code – but did nothing to shield my external resources (like the videos).

What can I do about it? Microsoft has an established process that I have initiated – I’ve been led to believe that they will act swiftly given the unequivocal evidence I was able to develop. If this is all there is to it, Microsoft has made the process straightforward (I will post more if it’s more involved).

Is this a common problem? I have no idea – can someone else share?
Why did they do it? I really don’t know – BUT the pirated version of the app uses
  • music and video library
  • phone identity and
  • data services
There is no reason to use these services to play my four simple videos – is this malware? Phishing? What are they doing with this app? I’ll have to take a closer look – I expect (hope) Microsoft will too.

What other apps does this publisher have? Some over-the-top soft-core apps and a collection of language apps – I suspect all of these are “resource-heavy” with little or no exposed app logic (so they are all stolen) – they are driving adoption for sure – but to what end?

And, last but not least, do I tell my wife? Well, of course I did and, yes, she is pissed – especially when I explained that there is no way we are suing anyone in China for copyright infringement.

At the time of this posting, the offending app is still live - but to be fair, it’s been 5 hours since I discovered the app, 4 ½ hours since I first contact Microsoft, 3 ½ hours since Microsoft gave me the contacts and process to begin the take down process, and 2 hours since I initiated the process.

I’m coming for you Ryan! (and you'd better hope that I get to you before my wife does)


The offending app has been taken down by Microsoft. It took 24 hours and, as I tweeted earlier, given the legal hoops I'm sure Microsoft had to jump through, I think that's pretty good.

On the other hand, the bad actor, Ryan Lan AG, still has 10 apps on the marketplace. I think publishers who so blatantly abuse their fellow publishers should be blacklisted. ...but that's just me. Ryan - you want to man-up and identify yourself?