Kevin Baker是一名英国的Android应用开发者，他认为检索功能差、产品易被山寨和翻版，是Android Market声名欠佳的主要原因。而苹果iTunes App Store却不会有这种情况，因为苹果制定了严格的应用审核制度，所有产品均需通过一系列测试方可发布，而Android Market却几乎是来者不拒——谷歌的应对措施只是事后删除违规应用。
“我曾在八个月前向Android Market投放了一款《Sinister Planet》游戏，尽管收获不少好评，但销量增长很缓慢。主要问题在于，Android Market的应用检索功能非常不理想，谷歌只推荐两种类型的应用：1、他们自己开发的产品；2、iPhone应用的移植版本。而像我一样的独立开发者根本没有什么立足的空间。
以下是Baker开发的原版《Sinister Planet》，以及其“盗版”游戏《Galaxy Wars》的对比截图：
游戏邦获悉Baker所指控的这家发行商目前在Android Market上仅存一款游戏《World Wars》，该游戏用户评论至今为止已超过100条，而且几乎都是好评。不过在Androlib网站的缓存版本上可以发现，该发行商曾推出14款游戏，它们看起来都很相似——都只是简单的街机游戏翻版。它们都是免费游戏，从Androlib的图片中可以看出，某发行商首次在该应用商店现身的时间是2月17日，第一条用户评论发布于2月21日。
《World Wars》亮相后马上就有一条用户评论问：“这不就是《The Wars》吗？”
《The Wars》是由Chillingo发行的一款付费游戏，对比以下两张截图就能发现，这两者极为神似——背景中的山丘和树木如出一辙，只不过《The Wars》的游戏场景拥有更多细节，从这点可以看出它是原版游戏。
据Baker所称，该发行商将他的游戏更名为《Galaxy Wars》就发布到应用商店销售，“他们还把《Monstie Wars》的名字替换成了《Demon Defense》来出售。”（《Galaxy War》目前仍有保存在Androlib网站的链接，而且自称它是由“本公司开发的Android应用”。）
谷歌方面的说法则是，Android Market推行的可识别应用的代码签名要求，可以增加盗版和重复发布应用的难度。他们还建议开发商采用Proguard等Android工具，“缩放、优化或模糊应用代码”，这样可以生成更难进行逆向工程的小型可执行文件。另外，该应用商店的付费应用授权（Application licensing）也可以加强版权保护力度。
Baker对此答道，“我确实使用了Proguard，但我的应用还是被盗版了……另外许可校验服务（License Checking Service）虽然可以查看应用的状态（例如它是否已有用户购买记录），但前提是黑客没有移除那些代码，而事实上他们要做到这一点简直易如反掌。”
据Jones所称，该联盟目前约有200名成员，他自己开发的一款应用名为Rapid Download!，现已被谷歌清理出户，因为它支持用户从一些网站轻松下载盗版内容，而这一点明显违反了Android Market的规定。
游戏邦认为，盗版应用及其分枝内容，极有可能成为Android Marekt成长过程中的一大挑战。在本月初，Android Market被发现约有50款应用携带影响手机运行的恶意插件，这些插件会将用户数据发送到一个远程服务器，然后让用户下载更多应用程序。不少用户都下载了这些翻版应用，而它们正好都是已植入恶意插件，换了个包装的山寨产品。
Lookout的市场营销总监Alicia diVitorrio提供的建议是，“合法应用程序中隐藏的恶意插件为用户敲响了一记警钟，那就是谨慎下载应用，注意查看开发商和发行商的名称——只下载那些你信任的开发商的产品。一定要阅读用户评论，查看应用等级。为了预防万一，还得补充参照PC World、Appolicious或者Cnet等第三方网站的评论。”
“我收到谷歌的一封邮件，他们说我的应用被Android Market禁止了：‘很抱歉通知您，《Sinister Planet》含有ID com.neosoft数据包，违反了Android Market的开发者内容条款，所以被本应用商店移除了。在您创建或上传其他应用之前，请详细参阅我们的内容条款，以及运营项目条款。如果重复违规，我们将停用您在Android Market的发行帐号。欲了解更多情况或者联系我们，请回复此邮件，或者访问Android Market帮助中心。非常感谢，Android Market团队。’
Developers express concern over pirated games on Android Market
Android being run on a Samsung smartphone Developers are concerned about app piracy on Android. Photograph: Bloomberg via Getty Images
App developers are concerned that Google is being too lax in its regulation of the Android Market, where apps are made available for download to the millions of Android phones now in use – and allowing copyright infringements, as well as the risk of malware-laden apps, to flourish.
There are also concerns that it’s simply too hard to get discovered on the Market – meaning that unless you’re one of Google’s own apps, or a port of an iPhone app, you probably won’t feature in a prominent place where people might see your work.
Kevin Baker, an Android developer based in the UK, says that the combination of lack of discoverability and ease of copying and republishing is turning the Market toxic. Unlike Apple, where the iTunes App Store has rigorous pre-approval processes in which apps are run against a suite of tests to check that they comply with its rules, the Android Market allows anyone to post apps – although Google can then remove them from both the Market and any handsets to which they have been downloaded.
Baker told the Guardian:
“I have a game on the market called Sinister Planet which was released about eight months ago. Sales have been pretty slow, although picking up slowly over the months, despite a lot of great reviews. The main problem is that Android Market discoverablity is very poor, and Google themselves don’t help the situation by only featuring apps their are either (1) created by Google, or (2) iPhone ports. Independent developers like myself hardly ever get a look in.
“One of my customers emailed me three weeks ago, and informed me that another company was selling a version of my app – pirated and uploaded as their own. Of course I contacted Google right away.
It took Google two days to take the app down. This publisher was also selling other versions of pirated games. I contacted the original developers of those games but they were still being sold a week later. You’d think [Google] might have a hotline for things like that!
“I would also note that the publisher selling the pirated games is still trading on the Android Market. They didn’t even get their account suspended. If there’s going to be malware hidden inside apps, it’s that the exact place where it would be? Why are these accounts still allowed to be trading? It’s negligent as far as I’m concerned.”
The publisher in question is Joyworld, which at present has just one game available on the official market, called World Wars, which has so far got more than a hundred reviews – almost all favourable. But a cached version on the Androlib site shows 14 games, which all look much the same – simple reheated versions of arcade games. They’re all free. The graphs on Androlib imply that Joyworld first appeared on the market on Thursday 17 February, with the first reviews appearing on 21 February.
The reviews of World Wars include one soon after its appearance which says “WTF? This is the exact same as The Wars”.
The Wars is a paid-for game published by Chillingo, based in Macclesfield. Comparing the screenshots from The Wars and from “World War”, they look extremely similar – notably, the backdrop of mountains and trees is identical in the screenshots – but those on The Wars is more detailed, implying that it is the original.
The Wars game on Android Market Screenshot from Android Market of The Wars, published by Chillingo. Note sprites and Menu button in lower left.
Screenshot from Android Market of Joyworld’s World Wars Screenshot from Android Market of Joyworld’s World Wars. Note shape of sprites and Menu button.
Baker says JoyWorld was selling his app under the name of “Galaxy War”, and adds: “They were also selling a game Monstie Wars, under the name of Demon Defense.” (Galaxy War is still linked on the Androlib site, where it claims that it was “developed for Android by Joyworld” and that “I am the developer of this application”.
The developer site link given for Joyworld is invalid. The Guardian has been unable to contact the developer.
Google said that code signing, which identifies an app, is enforced on the Android Market and makes it harder for would-be pirates to copy and re-upload apps. Developers are also advised to use Android tools such as Proguard, which “shrinks, optimises and obfuscates your code”, leading to smaller executable files that are harder to reverse engineer. Application licensing for paid apps can also strengthen protections, Google suggests.
Baker responds that “I did use Proguard, and that didn’t stop my app being pirated and uploaded … and the License Checking Service is what we use to check an app has been paid for. It simply does a request to the Market to check the status (ie has the app been paid for). This works fine, if the hacker hasn’t removed that bit of code. Which is easy to do.”
Separately, another disgruntled developer, Rich Jones, has set up the “Android Developers’ Union”, demanding a bigger cut of app payments (Google presently takes 32%), better promotion that doesn’t rely on the order of entry, public bug tracking, better payment options, removal appeals and better liaison, and “algorithmic transparency” about how apps appear in searches on the Market.
Jones has claimed to have around 200 members; his own app, called Rapid Download!, was removed, apparently because it allowed easy downloading from sites that host pirated material – which breaks Google’s Market terms.
But piracy of apps, and its wider ramifications, could become a problem for the Android Market. Earlier this month, about 50 apps offered on the Android Market were found to be infected with malware that could take over – “root” – the phone once installed; they used a privilege escalation exploit to install a further application which could send user data back to a remote server, and potentially download further apps with root privileges. Thousands of people had downloaded the apps, which were copies of existing – harmless – apps that had been repackaged to include the malware.
Though Google subsequently removed the apps from the handsets using its remote “kill switch” functionality, and issued a program called “Android Market Security Tool” to remove any rootkit software from infected phones, the mobile security company LookOut warned that that too had been re-uploaded with malware added, apparently targeting Chinese users, who form one of the fastest-growing groups of Android owners.
Alicia diVitorrio, director of marketing at Lookout, suggested: “The growing trend to conceal malware in seemingly legitimate applications is just another reminder to always use discretion when downloading applications. Pay close attention to the developer name and publisher of the application – only download applications from developers you trust or know. Always read the reviews and check the ratings. As an additional precaution, check out third-party review sites like PC World, Appolicious or Cnet as well.” (The Guardian also reviews apps for all mobile platforms on its Apps Blog.)
The idea of “only downloading applications from developers you trust and know” however leaves unanswered the question of how you would “trust and know” a developer when the Android Market has more than 200,000 apps.
And even Google seems to have problems deciding which developers are trustworthy, as Baker discovered a fortnight ago:
“I woke up to an email from Google telling me my app has been suspended from the Market: ‘This is a notification that the application, Sinister Planet with package ID com.neosoft.SinisterPlanet has been removed from Android Market due to a violation of the Developer Content Policy. Please review the Content Policies and Business and Program Policies before you create or upload additional applications. Note that repeated violations may result in a suspension of your Android Market Publisher account. For more information, or to contact us, please reply to this email, or visit the Android Market Help Center. Thanks, The Android Market Team’
“I’ve been selling my game all this time and not one complaint or problem. It’s just an arcade shooter. In fact I’m selling it in South Korea and the Korean Gaming Rating Board gave it the all-clear for ‘all ages’.
“So of course, I thought it must be some kind of error. I’ve since sent about 20 emails to Google asking for clarification and not one single reply. It’s like all my emails are marked as ‘spam’.
I’ve spend all this time building up my sales and ratings, now I’ve got to start over. I also love the part where they threaten to suspend my account for repeated violations – without ever telling me what I did!
Google says that there is a link provided on the email that goes out to banned developers which lets them appeal a decision.
Baker responded that “I looked through Google’s official forums and there are lots of people in the same situation [as me]. Never get a response.”
Overall, Baker is not happy.
“There are currently apps called ‘Throw Shit at Stuff’, other apps to download illegal files, Google obviously value these apps much higher than mine, despite the fact that it had an average rating of >4.5 and was in the top 5% of Arcade games. Now I’ve had to start over again, despite putting maybe 500 hours of work into it over the past year.”
Baker’s conclusion? “I’ve got my app already approved for the Amazon Market, hopefully they can do a better job than Google. Google’s ‘open’ policy is a joke as far as I’m concerned.”（source:guardian）