尽管谷歌Android Markt发展迅速，但许多应用开发商对其过于宽松的政策，侵犯版权、恶意插件等问题的意见却越来越大。

除此之外，该应用商店的产品检索，也成了开发商的一大烦恼，据称除非是谷歌自己开发的应用，或者iPhone的移植版应用，才有可能在该应用商店中获得较高的曝光率，而其他应用却难有露脸的机会。

Kevin Baker是一名英国的Android应用开发者，他认为检索功能差、产品易被山寨和翻版，是Android Market声名欠佳的主要原因。而苹果iTunes App Store却不会有这种情况，因为苹果制定了严格的应用审核制度，所有产品均需通过一系列测试方可发布，而Android Market却几乎是来者不拒——谷歌的应对措施只是事后删除违规应用。

Baker最近向英国媒体guardian网站讲述了自己的遭遇：

“我曾在八个月前向Android Market投放了一款《Sinister Planet》游戏，尽管收获不少好评，但销量增长很缓慢。主要问题在于，Android Market的应用检索功能非常不理想，谷歌只推荐两种类型的应用：1、他们自己开发的产品；2、iPhone应用的移植版本。而像我一样的独立开发者根本没有什么立足的空间。

有个用户在三周前给我发了封邮件，告诉我有另一家公司也正在销售这款游戏——他们盗版了我的游戏，并以自己的名义发布上去。我当然马上联系了谷歌，但谷歌两天后才将那款盗版应用撤下来。我发现该发行商也正出售一些其他盗版游戏，于是就联系了那些原版游戏开发者，但一周后我还是看到那些盗版游戏仍未撤架。想想看，谷歌当时的电话线可能都快被开发者打爆了，可居然还会有这种情况。

除此之外，我还发现该发行商仍然活跃于Android Market，他们的帐号甚至都没有被停用。如果有恶意插件想钻空子，这些盗版应用不正是最好的藏身之处吗？为什么这些违规帐号还能大行其道呢？我认为谷歌真是太大意了。”

以下是Baker开发的原版《Sinister Planet》，以及其“盗版”游戏《Galaxy Wars》的对比截图：

sinister planet

galaxy wars

游戏邦获悉Baker所指控的这家发行商目前在Android Market上仅存一款游戏《World Wars》，该游戏用户评论至今为止已超过100条，而且几乎都是好评。不过在Androlib网站的缓存版本上可以发现，该发行商曾推出14款游戏，它们看起来都很相似——都只是简单的街机游戏翻版。它们都是免费游戏，从Androlib的图片中可以看出，某发行商首次在该应用商店现身的时间是2月17日，第一条用户评论发布于2月21日。

《World Wars》亮相后马上就有一条用户评论问：“这不就是《The Wars》吗？”

《The Wars》是由Chillingo发行的一款付费游戏，对比以下两张截图就能发现，这两者极为神似——背景中的山丘和树木如出一辙，只不过《The Wars》的游戏场景拥有更多细节，从这点可以看出它是原版游戏。

world wars

the wars

据Baker所称，该发行商将他的游戏更名为《Galaxy Wars》就发布到应用商店销售，“他们还把《Monstie Wars》的名字替换成了《Demon Defense》来出售。”（《Galaxy War》目前仍有保存在Androlib网站的链接，而且自称它是由“本公司开发的Android应用”。）

不过游戏邦发现，该发行商提供的开发者网站链接是无效的，所以无法获知该发行商的具体情况。

谷歌方面的说法则是，Android Market推行的可识别应用的代码签名要求，可以增加盗版和重复发布应用的难度。他们还建议开发商采用Proguard等Android工具，“缩放、优化或模糊应用代码”，这样可以生成更难进行逆向工程的小型可执行文件。另外，该应用商店的付费应用授权（Application licensing）也可以加强版权保护力度。

Baker对此答道，“我确实使用了Proguard，但我的应用还是被盗版了……另外许可校验服务（License Checking Service）虽然可以查看应用的状态（例如它是否已有用户购买记录），但前提是黑客没有移除那些代码，而事实上他们要做到这一点简直易如反掌。”

另一名不满的开发者是Rich Jones，他成立了一个“Android开发者联盟”，提出要求谷歌返还更多的应用营收分成（谷歌目前针对应用营收抽成32%），提供更好的应用推广渠道（废除先来后到的次序安排），公开追踪应用漏洞，更优化的计费服务，更完善的交流合作，以及让应用排名算法“透明化”等主张。

据Jones所称，该联盟目前约有200名成员，他自己开发的一款应用名为Rapid Download!，现已被谷歌清理出户，因为它支持用户从一些网站轻松下载盗版内容，而这一点明显违反了Android Market的规定。

游戏邦认为，盗版应用及其分枝内容，极有可能成为Android Marekt成长过程中的一大挑战。在本月初，Android Market被发现约有50款应用携带影响手机运行的恶意插件，这些插件会将用户数据发送到一个远程服务器，然后让用户下载更多应用程序。不少用户都下载了这些翻版应用，而它们正好都是已植入恶意插件，换了个包装的山寨产品。

尽管谷歌随后可将远程删除用户手机上的应用，并推出了“Android Marekt安全工具”，移除手机设备上的隐匿软件，但移动安全公司LookOut却发出警告，Android盗版应用仍含有大量恶意插件，而其中最大受害群体则是发展最迅速的Android中国用户。

Lookout的市场营销总监Alicia diVitorrio提供的建议是，“合法应用程序中隐藏的恶意插件为用户敲响了一记警钟，那就是谨慎下载应用，注意查看开发商和发行商的名称——只下载那些你信任的开发商的产品。一定要阅读用户评论，查看应用等级。为了预防万一，还得补充参照PC World、Appolicious或者Cnet等第三方网站的评论。”

但是Android Market现在的应用数量已经超过了25万款，用户要辨别哪些开发商更可信，这个问题仍然无解。

即便是谷歌也难以决定哪些开发商更值得信赖，Baker在两周前发现了一个问题：

“我收到谷歌的一封邮件，他们说我的应用被Android Market禁止了：‘很抱歉通知您，《Sinister Planet》含有ID com.neosoft数据包，违反了Android Market的开发者内容条款，所以被本应用商店移除了。在您创建或上传其他应用之前，请详细参阅我们的内容条款，以及运营项目条款。如果重复违规，我们将停用您在Android Market的发行帐号。欲了解更多情况或者联系我们，请回复此邮件，或者访问Android Market帮助中心。非常感谢，Android Market团队。’

我的游戏发售这么久以来，从来没遇到用户投诉或者其他问题。它只是一款射击游戏。事实上，我还向韩国市场推出了这款游戏，韩国游戏界可都给它开绿灯了。

当然，我想它一定有什么地方出了差错。所以就向谷歌发送了20多款邮件，想进一步说明情况，但没有收到任何回复。我花了这么多时间来创建这款游戏，积累它的名气，现在又得另起炉灶重新开始了。他们只是声明重复违规可能被停用帐号，却没告知我究竟错在哪里。”

谷歌表示邮件中带有一个链接，被禁的开发商可以通过该链接提出相关请求。

Baker的反应是，“我查看了谷歌官方论坛，发现许多和我一样的开发者也都没有收到任何回复。”

总而言之，Baker对此事十分不快：

“Android Market还有其他大量支持下载违规文件的应用，尽管我的应用平均得分在4.5以上，而且是排在前面5%的街机游戏之一，但谷歌显然更重视那些违规应用。现在我又得重头开始了，过去一年的500多个小时的心血全白费了。”

Baker最后表示，“我已经向亚马逊应用商店提交了审核申请，希望他们做得比谷歌更好。谷歌的‘开放性’政策在我看来真是个笑话。”（本文为游戏邦/gamerboom.com编译，转载请注明来源：游戏邦）

Developers express concern over pirated games on Android Market

Android being run on a Samsung smartphone Developers are concerned about app piracy on Android. Photograph: Bloomberg via Getty Images

App developers are concerned that Google is being too lax in its regulation of the Android Market, where apps are made available for download to the millions of Android phones now in use – and allowing copyright infringements, as well as the risk of malware-laden apps, to flourish.

There are also concerns that it’s simply too hard to get discovered on the Market – meaning that unless you’re one of Google’s own apps, or a port of an iPhone app, you probably won’t feature in a prominent place where people might see your work.

Kevin Baker, an Android developer based in the UK, says that the combination of lack of discoverability and ease of copying and republishing is turning the Market toxic. Unlike Apple, where the iTunes App Store has rigorous pre-approval processes in which apps are run against a suite of tests to check that they comply with its rules, the Android Market allows anyone to post apps – although Google can then remove them from both the Market and any handsets to which they have been downloaded.

Baker told the Guardian:

“I have a game on the market called Sinister Planet which was released about eight months ago. Sales have been pretty slow, although picking up slowly over the months, despite a lot of great reviews. The main problem is that Android Market discoverablity is very poor, and Google themselves don’t help the situation by only featuring apps their are either (1) created by Google, or (2) iPhone ports. Independent developers like myself hardly ever get a look in.

“One of my customers emailed me three weeks ago, and informed me that another company was selling a version of my app – pirated and uploaded as their own. Of course I contacted Google right away.

It took Google two days to take the app down. This publisher was also selling other versions of pirated games. I contacted the original developers of those games but they were still being sold a week later. You’d think [Google] might have a hotline for things like that!

“I would also note that the publisher selling the pirated games is still trading on the Android Market. They didn’t even get their account suspended. If there’s going to be malware hidden inside apps, it’s that the exact place where it would be? Why are these accounts still allowed to be trading? It’s negligent as far as I’m concerned.”

The publisher in question is Joyworld, which at present has just one game available on the official market, called World Wars, which has so far got more than a hundred reviews – almost all favourable. But a cached version on the Androlib site shows 14 games, which all look much the same – simple reheated versions of arcade games. They’re all free. The graphs on Androlib imply that Joyworld first appeared on the market on Thursday 17 February, with the first reviews appearing on 21 February.

The reviews of World Wars include one soon after its appearance which says “WTF? This is the exact same as The Wars”.

The Wars is a paid-for game published by Chillingo, based in Macclesfield. Comparing the screenshots from The Wars and from “World War”, they look extremely similar – notably, the backdrop of mountains and trees is identical in the screenshots – but those on The Wars is more detailed, implying that it is the original.

The Wars game on Android Market Screenshot from Android Market of The Wars, published by Chillingo. Note sprites and Menu button in lower left.

Screenshot from Android Market of Joyworld’s World Wars Screenshot from Android Market of Joyworld’s World Wars. Note shape of sprites and Menu button.

Baker says JoyWorld was selling his app under the name of “Galaxy War”, and adds: “They were also selling a game Monstie Wars, under the name of Demon Defense.” (Galaxy War is still linked on the Androlib site, where it claims that it was “developed for Android by Joyworld” and that “I am the developer of this application”.

The developer site link given for Joyworld is invalid. The Guardian has been unable to contact the developer.

Google said that code signing, which identifies an app, is enforced on the Android Market and makes it harder for would-be pirates to copy and re-upload apps. Developers are also advised to use Android tools such as Proguard, which “shrinks, optimises and obfuscates your code”, leading to smaller executable files that are harder to reverse engineer. Application licensing for paid apps can also strengthen protections, Google suggests.

Baker responds that “I did use Proguard, and that didn’t stop my app being pirated and uploaded … and the License Checking Service is what we use to check an app has been paid for. It simply does a request to the Market to check the status (ie has the app been paid for). This works fine, if the hacker hasn’t removed that bit of code. Which is easy to do.”

Separately, another disgruntled developer, Rich Jones, has set up the “Android Developers’ Union”, demanding a bigger cut of app payments (Google presently takes 32%), better promotion that doesn’t rely on the order of entry, public bug tracking, better payment options, removal appeals and better liaison, and “algorithmic transparency” about how apps appear in searches on the Market.

Jones has claimed to have around 200 members; his own app, called Rapid Download!, was removed, apparently because it allowed easy downloading from sites that host pirated material – which breaks Google’s Market terms.

But piracy of apps, and its wider ramifications, could become a problem for the Android Market. Earlier this month, about 50 apps offered on the Android Market were found to be infected with malware that could take over – “root” – the phone once installed; they used a privilege escalation exploit to install a further application which could send user data back to a remote server, and potentially download further apps with root privileges. Thousands of people had downloaded the apps, which were copies of existing – harmless – apps that had been repackaged to include the malware.

Though Google subsequently removed the apps from the handsets using its remote “kill switch” functionality, and issued a program called “Android Market Security Tool” to remove any rootkit software from infected phones, the mobile security company LookOut warned that that too had been re-uploaded with malware added, apparently targeting Chinese users, who form one of the fastest-growing groups of Android owners.

Alicia diVitorrio, director of marketing at Lookout, suggested: “The growing trend to conceal malware in seemingly legitimate applications is just another reminder to always use discretion when downloading applications. Pay close attention to the developer name and publisher of the application – only download applications from developers you trust or know. Always read the reviews and check the ratings. As an additional precaution, check out third-party review sites like PC World, Appolicious or Cnet as well.” (The Guardian also reviews apps for all mobile platforms on its Apps Blog.)

The idea of “only downloading applications from developers you trust and know” however leaves unanswered the question of how you would “trust and know” a developer when the Android Market has more than 200,000 apps.

And even Google seems to have problems deciding which developers are trustworthy, as Baker discovered a fortnight ago:

“I woke up to an email from Google telling me my app has been suspended from the Market: ‘This is a notification that the application, Sinister Planet with package ID com.neosoft.SinisterPlanet has been removed from Android Market due to a violation of the Developer Content Policy. Please review the Content Policies and Business and Program Policies before you create or upload additional applications. Note that repeated violations may result in a suspension of your Android Market Publisher account. For more information, or to contact us, please reply to this email, or visit the Android Market Help Center. Thanks, The Android Market Team’

“I’ve been selling my game all this time and not one complaint or problem. It’s just an arcade shooter. In fact I’m selling it in South Korea and the Korean Gaming Rating Board gave it the all-clear for ‘all ages’.

“So of course, I thought it must be some kind of error. I’ve since sent about 20 emails to Google asking for clarification and not one single reply. It’s like all my emails are marked as ‘spam’.

I’ve spend all this time building up my sales and ratings, now I’ve got to start over. I also love the part where they threaten to suspend my account for repeated violations – without ever telling me what I did!

Google says that there is a link provided on the email that goes out to banned developers which lets them appeal a decision.

Baker responded that “I looked through Google’s official forums and there are lots of people in the same situation [as me]. Never get a response.”

Overall, Baker is not happy.

“There are currently apps called ‘Throw Shit at Stuff’, other apps to download illegal files, Google obviously value these apps much higher than mine, despite the fact that it had an average rating of >4.5 and was in the top 5% of Arcade games. Now I’ve had to start over again, despite putting maybe 500 hours of work into it over the past year.”

Baker’s conclusion? “I’ve got my app already approved for the Amazon Market, hopefully they can do a better job than Google. Google’s ‘open’ policy is a joke as far as I’m concerned.”（source:guardian）