15
Dec
infothumb

Even casual observers of the Android ecosystem know that piracy is a big issue for developers. But if a report from mobile security company Arxan is to be believed, app piracy and "hacking" is incredibly prevalent, or at least prevalent enough that most of the popular apps are available in a pirated or cracked form. According to the company's "State of Security in the App Economy" report for 2013 (PDF link), the top 100 paid Android apps have been "hacked."

info

We used "cracked" in the headline because Arxan doesn't mention the purpose behind these hacks, so we're assuming that in most cases they're free, pirated versions of paid apps. Arxan also doesn't define its methodology for deciding the "top 100 paid apps," but a relatively recent look at the Play Store's Top Paid Apps section would be a good bet. According to the report, the researchers identified and reviewed "hacked" apps from locations other than the Play Store, which probably includes some pirated versions of those apps that were simply uploaded in a non-modified form for illegal side-loading - not "hacked" in the traditional sense, but illegitimate and damaging to their creators all the same. In contrast, the report says that 56% of the top 100 paid apps on iOS have been hacked. That makes sense given the relative ease of installing non-vetted apps on Android and the difficulty of doing so on iOS.

Arxan also reports that 73% of popular free apps (no number given) have been "hacked," though again, the determination for both the popularity metric and the method of the "hack" was not divulged. From a purely economic standpoint, this probably includes apps that have been modified to run without ads or to open up premium content - illegally modified versions of popular streaming music apps are widely available, opening up paid options to non-paying users who side-load the APK. It should be noted that any time users go outside the Play Store to download apps, especially for APK files for popular apps, they run the risk of downloading a malicious app that seeks to obtain personal information or otherwise harm the user. Google has been making strides to combat this even among non-Play Store downloads, estimating that only .13% of apps from outside sources are installed after triggering a warning from Google's Verify Apps feature.

Arxan's conclusions should be taken with a grain of salt, since security companies have been known to overstate risk to make their own services seem more vital. The methodology and presentation of the data is somewhat alarmist, and fails to make a distinction between apps that are simply pirated or modified to work around ads or paid features, and those that are modified with intent to harm the user or collect data. That said, the conclusions from the report itself seem sensible enough for any developer: apps with access to sensitive user data should be protected against attack and reverse engineering, runtime analysis, and tampering. You can check out the full 12-page report covering Android and iOS below, along with the full infographic.

Source: Arxan.com (PDF), Arxan infographic (PDF) via InfoSecurity Magazine

Michael Crider
Michael is a native Texan and a former graphic designer. He's been covering technology in general and Android in particular since 2011. His interests include folk music, football, science fiction, and salsa verde, in no particular order.

  • dsfdsd

    No methods divulged = no valid study

    • http://www.youtube.com/crisr82 Kristian Ivanov

      Yeah I have to agree with that...no posted results by any company is worth taking seriously unless the exact method of research and details are available.

    • http://www.androidpolice.com/ Artem Russakovskii

      While I agree, I think it's safe to propose that they searched for top 100 apps on warez sites and forum. There are even entire databases of scene releases, which make it even easier.

      • thejoey

        They state how they picked the top 100 paid apps. Read the PDF.

        • http://www.androidpolice.com/ Artem Russakovskii

          I didn't mean that they picked the top 100 list off warez sites. I meant that they took the top 100 and then looked for cracked versions on warez sites (not arguing the selection methodology, but the conclusion methodology).

          • Mike Reid

            I think they could just look at the most popular Android app torrents.

            Those torrents contain the most popular apps, already selected.

            And as a dev, I'm "honoured" to see my app in some of those "most popular" torrents, LOL.

      • http://www.modminecraft.com/ Nick Coad

        No offense, but it doesn't matter what you might "propose" they did, since that's still just speculation. I don't necessarily disagree with the results as they're not particularly surprising, but I'm amazed anyone is taking the "study" remotely seriously with so much missing information about their method.

      • PhilNelwyn

        To "propose?"
        That's not the seriousness I'm used to from Android Police.

      • Johnny Bravo

        maybe, you wouldnt know until you downloaded it. But the issue they are popping up is that I say only 16% of the top paid android apps are hacked/cracked. would you believe my methods are true even if I did send you a fancy pie chart?

    • Android Developer

      Well they could simply see that the apk files of those apps are available.

      What they probably didn't check is what exactly was changed between the original app and the cracked one, but that's quite hard to do even on Android.

      • http://www.modminecraft.com/ Nick Coad

        Yeah sideloading apps is dangerous as hell if you don't know what to look out for.

        • Gabernasher

          xPrivacy probably does wonders. Everytime I download an app I forget about it and wonder for a second why the app refuses to work.

    • http://www.modminecraft.com/ Nick Coad

      Yep, I came to the comments to post the same thing. Even if this study is correct it's completely useless to anyone without the method being divulged because it simply can't be verified or trusted in its conclusions.

    • Hoggles

      All you have to do is goto any big torrent site and you'll have all the validation you need.

      So if you were doubting the study because "no methods were divulged"...then you are simply being ignorant to the in your face obvious facts.

      • http://www.modminecraft.com/ Nick Coad

        If you're preparing a study and presenting your conclusions you include the method you used to arrive at those conclusions. He's not being pedantic, this is literally high-school science.

        The OP isn't saying he can't imagine how they did it, I'm sure he has several possible theories - but that's the problem. There are many different ways they could have performed the study, some less valid than others, and that's why divulging method in any published study is important.

    • Gabernasher

      Maybe they just went to Pirate Bay and downloaded the apps? Not something I'd admit to considering it's not legal, but it's valid none the less.

      • http://www.modminecraft.com/ Nick Coad

        He's not saying that he's unable to think of any possible method they used, he's saying that as part of the published study they should have included their method. And he's right.

  • Trent Callahan

    Piracy is a huge issue. I'm not going to lie, I've had to pirate apps before because I'm a minor and my mother wouldn't let me purchase them. But it is a problem, and I for one wish it'd be solved.

    Most of us have done it at least once before, it's a shame /:

    • guest

      Theres no valid excuse for stealing from developers

      • Trent Callahan

        Yeah, I understand that. I'm not justifying piracy, I'm just stating that there are more underlying reasons as to "why," rather than simply to avoid paying.

        If I had a job/debit card, I would have most certainly shown my gratitude towards the developers.

        • Guest

          Piracy is wrong but the developer lost no money because of your actions. You couldn't afford to buy the apps anyway.

          • Trent Callahan

            No, it's because I didn't have a debit card. Do you enjoy being a douche?

          • CoolRaoul

            Why not buying a Google Play gift card for yourself?

            Ther'e available in many stores and no debit card needed
            ( https://play.google.com/intl/en-US_us/about/giftcards/ )

          • guest

            Because they aren't available in most countries.

          • enoch861

            He makes a valid point. You didn't have the cash to buy the app, in turn, you would have never been able to buy the app anyway. Thus it's not a lost sale because you would have never been able to buy the app in the first place.
            Now, if you had money but, yet, chose to pirate the app, then that would have counted as a potential lost sale if you didn't end up buying the app.

          • http://www.modminecraft.com/ Nick Coad

            Pretty sure he was on your side mate...

          • Dennis Ulijn

            So i should choose a life of no income, to justify me stealing anything that i can find?
            While i understand your reasoning, something illegal is always illegal; no backdoors.

          • educated

            Privilege ^ its not as easy as right and wrong. You cant think in binaries... there are many levels to society and class and youre not thinking about all of them.

          • http://www.modminecraft.com/ Nick Coad

            It's not stealing. The person you got the copy from still has it. Can we stop using hyperbole when talking about this stuff please?

          • Dennis Ulijn

            This is the wrongest idea that has ever spread the internet by one video. It is not stealing of the APK, indeed. It is, however, copying, and due to copyright, illegal. When you copied this APK, you did not buy this, therefore, directly stealing the income of the developer. While there is indeed the chance you would not even buy the game if you did not 'steal' it, at the moment of stealing you're using something for which you should have paid.

          • http://www.modminecraft.com/ Nick Coad

            It is literally not stealing. You can't steal something that someone doesn't possess (potential income). The law itself specifically understands this and that's why "piracy" and "theft" are two separate crimes.

          • Bryan Kolb

            The law at issue with regard to app/music/movie/etc. "piracy" is copyright law. The problem isn't that you are "stealing," the problem is that you are infringing upon rights that are vested exclusively in the copyright holder. A person who creates something has (under US law) the exclusive rights to distribution, copying, public display, etc. Diminution of market share due to illegal copying is a factor, but is not dispositive in the determination of whether the copying was illegal.

            Therefore, while copyright infringement may in many cases not be a "moral wrong" it is still most certainly illegal, which can itself be considered a basis for moral wrongness (if one feels that violation of a law is inherently immoral).

            You may not be stealing the copyright holder's stuff, but you are certainly taking his rights from him.

          • didibus

            I agree. This issue really isn't about semantics. Stealing is bad only because we decided so. We made up the concept of property and designed laws and values around it, one of which was that stealing property is wrong and punished.

            Piracy of digital goods is a new problem. It can not be defined in terms of old concepts. It just doesn't fit anything that predates it. It's not like a service and it's not like a physical product.

            We need to, as a society, decide, like we did with property, if we want to create a concept of digital ownership or creatorship and if it's replication without owner's or creator's consent should also be deemed wrong and punished.

          • Horatio algar

            No. Choose that life so you can justify your virginity.

        • guest

          Anyone knows what happened to the rest of this discussion, or why is was deleted?

          • guest

            ups sry, found it, my fault.

        • Dingus

          Go get a job and buy the Apps. Cut grass, shovel snow... I did it when I was 13.
          You don't have to be 18 to make money by working. It's good experience. That way you won't be in shock when you start having to pay your own way. I am sure "Mother" will be happy to see you take some initiative.

      • danishdhanshe

        Let us instead accept our fault and try to improve and educate others

      • Guest

        Validity is in the eye of the beholder. I recently sold my Nexus 4 to someone who didn't want to sign up for a Gmail account so he didn't access to the play store. I downloaded an alternative market for him and now he has access to legit and pirated apps. I don't know if he has downloaded any pirated apps but he can.

      • Bluewall

        While I agree with you, I have to ask you, did you never, like, NEVER downloaded any cracked software ? Or pirated music ? Or books ? Or movies ?
        I pay for all the apps I want. But I can't say I've never done anything wrong.

        • Dennis Ulijn

          That's beside the point, something illegal is always illegal. There is however some shortcoming on Google's Play store, where if you're not old enough to own a credit card, or you live anywhere where there are no Google Cards (or how they're called), there's no way you could buy it. Not that that's a reason to cross the line of the law, but it should be in Google's best intereset to AT LEAST give ALL users the ability to actually buy Google Play credit.

          • Bluewall

            I just don't get why Google can't sell the Google Gift Card in more countries ?
            Well, at least in Switzerland, we can now pay via our carrier :)

          • mateor

            The present legal status of an action is no moral ground to stand on. Standards change, as do laws. Censoring someone for breaking a law, especially a law designed to protect economic or moral standards, is reductive. Not too long ago, miscegenation was illegal. Not too long ago gay sex was illegal. The law changes, and it changes due to the actions of the disobediant opening the minds of the lawmakers.

            You can say you personally disagree, for moral or financial concerns. But an actions legal status is just a matter or current punishment, an arbiter of right nor wrong.

      • Neill Smith

        Lack of available legal purchasing options has always seemed pretty valid to me even if it's not the excuse on offer here. As an additional side note, stop conflating infringement with theft. If you truly feel infringement is a problem then you shouldn't need to resort to conflation with other problems to make your point.

        • http://www.modminecraft.com/ Nick Coad

          I agree, I think it's a valid excuse because it means they were never a potential revenue source for the developers anyhow.

    • danishdhanshe

      Really brave of you for accepting your mistake
      I started getting apps for free as soon as I got my first android phone thinking that they upload paid versions for free online
      Later on when I realized that I've entered piracy and am doing nothing but killing a platform so capable, I stopped
      Even developers need to eat!

      • Roemraw

        "Even developers need to eat!"

        That makes it sound like developers are a lower lifeform, but still deserve food.
        I know you didn't mean it like that, just thought it would be fun to point out :)

        • danishdhanshe

          Lol
          By that I meant that even developers are humans
          They need food, clothing and shelter like everyone does
          However, whatever you donate, 90% goes back into the application!

        • http://www.modminecraft.com/ Nick Coad

          I don't know if English maybe isn't your first language, but it's a really common turn of phrase used to remind people that we're all trying to make a living and we all need to get paid somehow.

          • Roemraw

            It is not. The common way I am used to seeing it is:
            "Developers need to eat too!"
            Once again, maybe because it is not my first language, but to me this sounds more like you recognize the people you are referring to (in this case develoeprs) to be equals to everyone else that needs to eat, byt using the "too".
            Whereas with "even" it sounds to me like you are using it in a sentence to refer to people/things that might be second-rate or something. Like for example: "Even serial killers deserve fair trials" or "Even animals deserve to be treated with respect"
            I hope you see what I mean, but once again, it could just be me, because if you translate that sentence to my native language the "even" is translated into a word that we do use more often to refer to second-rate things or maybe not second-rate, but people/things that might be overlooked at first.

          • http://www.modminecraft.com/ Nick Coad

            Oh yeah I definitely see what you mean, especially if English isn't your second language. I can see how it would be easily misinterpreted. But yeah, the phrase is very common in English and is used to suggest what I originally posted.

          • Mike Reid

            Yes, Most people want free apps.

            But they should be reminded that if they have a job, they don't do their job for free either.

            I swear, some of the silly comments I've seen posted when I had free apps on Play, indicate some people think that Google or their carrier pay me somehow. And thus, they should get quality apps for free because they spend $100 a month on their cellphone contract.

    • http://thegumshoe.com/ Michael Crider

      I'm not endorsing or condemning your actions, but I would like to state something for the record: Play Store gift cards have been available at most big box retailers in the US for more than a year, and they're being expanded internationally. Minors, find a way to pay for apps and games, please.

      • Bluewall

        And, sadly, you still can't find it in Switzerland. Why Google can't do like Apple and sell everywhere ? I'm wondering.

        • http://thegumshoe.com/ Michael Crider

          Here's an alternative for minors in countries that support paid Play Store apps: buy a pre-paid debit card from a retailer, load it with cash, and use it to buy apps. It's basically the same thing as a gift card, albeit a little more complicated.

          • Brother Love

            Pre-paid debit cards are not the norm outside the US and most that are you need a credit card to buy online

          • guest

            Also you have to be 18 to get one as far as I know.

          • http://www.androidpolice.com/ Artem Russakovskii

            So give your parent $50 that you made doing chores or whatever and ask them to buy you a prepaid card.

          • Brother Love

            I have credit cards and debit cards thanks being a wealthy UK citizen, I just don't like how people on here are judging other nations to our standards thinking whats available to us is easily available to them, when its nothing of a sort outside our privileged bubbles

          • proudofthisguy

            You might be the first person on the internet that can look past their privilege...

      • danishdhanshe

        I'm amazed they didn't get bring this to India yet
        I'd surely love to get one myself and stop paying my friend for my apps (using friends credit card)

      • guest

        "Google Play gift cards are currently available in Australia, Canada, France, Germany, Japan, the United Kingdom, and the United States."

        This basically leaves out ~185 Countries which makes your argument pointless.

        • http://thegumshoe.com/ Michael Crider

          That's about 600 million potential customers right there. I'm sure they would love to hear that they're "pointless."

          • guest

            You understood me wrong or I replayed wrong. I'm meant your Google Play Gift Card argument is pointless because 99% don't have access to them.

          • Brother Love

            they are pointless to an extent if they are only on retail in nations where credit cards and debit cards are the norm.
            they are more urgently needed in developing nations where most the public dont even have bank accounts

          • squiddy20

            Show me where he stated that he thought those people were pointless. His comment reads "..which makes your argument pointless. There is a difference. Do you know it?
            And these other people are right. While I have grown up entirely in the US, I don't find it hard to believe that other countries are not as technologically advanced as us, let alone when it comes to banking (no offense meant to anyone in those alluded to countries). One of the other commenters points out that they don't even have Play Store gift cards in India. Do you really think the average person would have access to a credit/debit card or a prepaid card then? Someone sorely needs a reality check.

          • http://www.modminecraft.com/ Nick Coad

            And how many customers AREN'T included in your story? Way more than 600 million. That's why it's a pointless angle to come from, because you have no idea whether the person you're talking to is even in one of those few countries.

      • squiddy20

        Yes, because everyone lives in the US or, alternatively, the world is the US. smh...

    • Mike Reid

      Let he who is without sin cast the first stone...

      I'm a dev.

      I was young and poor once.

      I understand.

      Microsoft at least, once had an internal policy that it was better to have pirated Windows on PCs that Linux or some alternative.

      I can kinda, sorta, feel the same way about my apps. The more people running them, the more talk, and advice, which helps paying customers too...

      But I want to continue deving my apps, so please, if you run them and can afford it, help me out, and help yourself out in the long run.

      • Trent Callahan

        Thanks for being understanding(: And EPIC Bible quote!(:

    • OmniWrench

      I didn't HAVE to pirate the apps, you DECIDED to pirate the apps. There's a very large difference. You could either chose to do without something you can't get, or you could chose to do something sketchy to get it cause you just want it so very, very much!

      Simply *wanting* something is not a actually a valid justification for anything.

  • Cheeseball

    Well, like stated in the article, considering the ease of being able to rip/convert .APKs and the sideloading feature of Android, piracy on the platform is going to be more prevalent when compared to the walled garden of Apple.

  • thomas sim

    Part of their 'hacked' apps might included legit apk download from forum simply because developers didnt upload in Google Play store.

    • http://www.androidpolice.com/ Artem Russakovskii

      What?.. What top 100 Android apps in the Play Store aren't in the Play Store?

      • Neill Smith

        Better battery stats works exactly that way and that's just the one example I know off the top of my head.

      • Andres Schmois

        I agree with this, however the study was very vague, could have provided a tad bit more detail.

  • http://ashutoshmishra.org/ Ashutosh Mishra

    Remove sideloading.

    ...about to be downvoted to oblivion...

    • Trent Callahan

      I don't support that notion, but I won't downvote you. I know how it feels to be barraged with hate by those who don't agree with me.(:

    • Roemraw

      it is way too useful (for legitimate purposes (such as AP posting APKs from staged rollouts)) to remove the feature all together.

      Perhaps a check to see if the sideloaded app is also listed in the playstore as a paid app and then do something.

      • Neill Smith

        So developers can't treat paid apps in the play store as a donate button and post apks elsewhere?

        • Christopher Lee

          Use a different crypto signature or app title: it would be relatively simple, albeit quite holey to distinguish in that sense.

          Of course, there are likely far more sophisticated approaches to this, but I doubt that this would end donate-style apps.

          • Neill Smith

            Which makes it harder to maintain updates from mixed sources. Not a complete deal breaker but when you're asking for people's money it's usually best to make it as easy as possible to for them to decide to give it to you rather than introducing extra hassles.

          • Christopher Lee

            Not really. Sign your "in the wild" APK with one key and your Play Store edition one with another, given that the entire approach you're describing necessitates that you maintain two copies of an app anyway (unless I'm misreading it, but I honestly don't know what you would be describing otherwise).

        • Roemraw

          They can, why not? I said the OS should do 'something' I didn't say it should dissallow you from installing it. It could notify you that a paid version is in the app store listed as a donate version or something.

          I am jsut saying that there are more options than simply removing sideloading and leaving it as it is.

          • Neill Smith

            Well forgive me for jumping to the wrong conclusion then. 'Do something' is just kinda vague is all.

          • Roemraw

            Yeh sorry about that. I was going to write that it should dissallow the isntallation, but then I figured what about giveaways (I once one a contest where the developer send me the APK to isntall an otherwise paid app) and so I figured that there are probably cases in which completely dissalowing the isntallation would not be suitable and your situation is also a valid case. So since I couldn;t find a good solution to this I decided to stay vague and state to just do something :)

    • Neill Smith

      And why not, you basically just suggested that everyone should be an assumed infringer. It's pretty rude really.

    • mateor

      Several apps I have worked on have been banned from Google Play due to TOS violation. These were security apps, the TOS violation was that our apps broke the ability of other apps to data mine the customer. That Flashlight app that was blatantly lying and stealing info? My users wouldn't have to worry about that.

      Losing side load puts Google as the sole gatekeeper.

  • h_f_m

    Figures the study is by a company that provides mobile app security.

    • http://www.androidpolice.com/ Artem Russakovskii

      Most security companies doing research in the mobile space offer some sort of security packages. It's silly to assume that the only credible reports are by parties that don't have interest in the field (though I see where your pessimism is coming from in this case).

      • hello

        Bias is bias...

    • http://www.modminecraft.com/ Nick Coad

      I definitely get what you're saying, and this study is super poor for many reasons, but a lot of companies will produce studies to prove that the problem they're fixing exists. It seems biased (and it is) but if they publish their study with appropriate documentation so it could potentially be repeated (the very essence of science) then there's no reason to assume they fudged it.

      In this case they didn't do that though... so... maybe you have a point. Hmm.

  • Andres Schmois

    When I first got into Android, I had the mentality of iPhone, pirate all the apps (back in eclair and Android 2.0). Then I became a developer, and started to realize that this was a terrible mistake, it is a lot more work to pirate an app than just pay 1-3 dollars for a well made app. I buy apps that are worth buying now. I hope that this study which really has a "weird" feeling to it (very vague) isn't taken as is. I really don't want our phones to start including intrusive DRM and end up with the shit that we have today on PC.

    • Trent Callahan

      That is a really scary thought. PC is dead. It's harder to buy things legitimately than it is to torrent them. I hope this doesn't intrude on Droid :(

      • http://thegumshoe.com/ Michael Crider

        I take issue with both of those statements - Steam and its competitors are easier to use than torrents, and most paid software is simply a download + a code you get via email.

        As a cash-starved college student I would often pirate games, which is a messy process requiring multi-gigabyte downloads that might turn out to be fakes or just poor quality rips. Now as a cash-starved adult, I just wait for the game to go on sale like a good software citizen. The same goes for movies and music - I haven't pirated anything since I got out of school.

        • Andres Schmois

          I agree, I pirated a lot before I found Steam. Now I'm a cash-starved college student that wastes all of his money on Steam games that I will never play.

          • Justin W

            "that I will never play"

            You just described 90% of the Steam user-base, and don't worry, I do it too. Eventually I'll get bored of the game I'm playing now to move on to those $.99 ones I bought, right?

      • Jake Lee

        "PC is dead". What even.

    • Cheeseball

      Actually we have less DRM on Windows PCs now. (e.g. no need for CDs/DVDs in a DVD drive, Starforce is gone, SecuROM is used lesser than before, etc.)

      Steam, Desura, GamersGate, Impulse, etc. are way better compared to the rootkit era of gaming. That and we've got services like The Humble Bundle and GOG.com promoting DRM-free games.

      • Andres Schmois

        I'm talking about retail games. Yes, I use steam all the time, I love the Humble Bundle, but looking at the big companies (*cough* EA *cough*) the same crappy DRM still applies. Just look at Sim City, that was probably the biggest fuck up any company could have done. Fortunately the game was destroyed by the community but can you imagine if it was just accepted? Always on DRM games are coming into play more and more and it's usually big retail games that a lot of people buy.

        • Cheeseball

          That's true, I hate games that require your system to be always online with an active internet connection, especially if it has a single player component.

          One of the worst examples is Diablo III. The console version can be played offline, but they never patched the PC version to do so? WTF Blizzard?

  • Leif Sikorski

    The amount of free Apps being hacked might show the problem. Countries where the Play Store is not available and device that ship without the PlayStore.

  • fonix232

    Some clarification of the term "hacked" would definitely help to explain the numbers. By this term, we could say that the many only aesthetically modified (e.g. inverse, black, etc. re-themed apps) are counted into the total "hacked" percentage - and those make a huge amount of total "hacked" apps.

  • Brat Sampson

    Surely this is missing an important point. Hackers like to hack things because they like doing it. Take a survey of all PC games/software released this year and you'll probably find that a vast majority of those have been 'hacked' and made available to pirates as well, along with almost all music and movies (especially the top 100 of anything.) That it's happened to Android apps is far less of a surprise to me than that it hasn't happened to iPhone apps.

    Either way the more interesting statistics for developers are surely the degree to which they're being pirated/downloaded vs being purchased, and those stats are always muddy at best what with a pirated copy not being a lost sale and etc etc forever. Hell, one thing they could do immediately to curb piracy would be to extend the refund window, but that's another discussion entirely...

    • Josh Haug

      Exactly. They always claim piracy as lost sales. This line of thinking is complete BS. I pirated Game Dev Story and liked it. Since then I've bought it 3 times (PC, Android Market, Amazon Market) so how is it that my piracy hurt them.

      Edit: and let me point out that I would not have bought it if I hadn't tried it by pirating it first. It looks boring but was better far better then I assumed by the scream shots.

      • Bryan Kolb

        Makes sense, scream shots probably would turn me off as well.

        • CERN

          Yeah, 'Dem screamshots!

          • Gabernasher

            Gizmodo uses one every time they have a porn related article.

        • Guest

          You know your the first person ever to make snarky comments on the internet about grammar. You should be proud. Your so original.

          • Bryan Kolb

            Snarly? I thought that was the funniest typo ever. I was just showing my appreciation of the laugh you brought me on an otherwise tedious day. Who doesn't make mistakes when typing out a quick comment once in a while?

          • http://mwinter.in/ Yan Gabriel Minário

            *you're. You're welcome.

          • http://www.modminecraft.com/ Nick Coad

            That thing that just flew straight over your head? That's the joke.

      • http://www.androidpolice.com/ Artem Russakovskii

        While you have a point and there are others like you, the majority of those downloading pirated games have no intention of buying them (or ability) and they don't use pirated apps as glorified extended demo versions.

        • Neill Smith

          Majority based on what?

          • http://www.androidpolice.com/ Artem Russakovskii

            Human nature to want free stuff, no matter the methods.

            That's not scientific, and I'm not sure a study to support this exists. But piracy is a huge market, especially outside the U.S. (Eastern Europe, Asia).

          • Javier Maria Casares

            You know that USA comes first in a lot of those P2P apps rankings? It's quite naive to think the rest of the world is to blame for piracy. Piracy can be reduced by some measures, like app prices and extended trial times (that Google reduced to a few minutes quite some time ago). Pirating a $1 app seems like a lot of trouble.

        • Colin Kealty

          though if they have no intention of buying them, or ability to, they are again not lost sales, since those sales would have never happened

          • http://www.androidpolice.com/ Artem Russakovskii

            However, depending on the architecture, this may increase server load, server costs, bandwidth costs, etc.

          • Colin Kealty

            I would think games that have to connect back to the server require an account which requires registration which is harder to then get a "hacked" version for, no? I've never really investigated hacked games

        • http://www.modminecraft.com/ Nick Coad

          And how do you know this? (you don't)

        • Mike Reid

          "I will eventually buy it" is an excuse that some people use to protect their ego from "I am a pirate/thief".

          They will say they were ripped off before and are just protecting themselves.

          And a year goes by and they are always short of cash, then just forget to buy when they have the money.

          One guy, who wanted my support, after I tried to gently point out he may have been pirating my app, appeared to get angry and said he would now NEVER by my app because I unjustly accused him. LOL. Like, I was going to buy it this week, I swear, after "testing" for several months...

          As an app dev, I've heard almost every excuse in the book, the most common being "I didn't know it was paid".

      • Chester Beedle

        Because the other 20 people that stole it didn't buy it later.

  • Adam Watts

    I wonder if the discrepancy is in part due to the technical savvy of the two platforms users? The people I know that use iOS wouldn't be interested, or in some cases know how to load a cracked app.

    • http://thegumshoe.com/ Michael Crider

      I wouldn't doubt the idea that Android attracts more tech-savvy users than iOS, but it hardly requires any technical knowledge to side-load an APK - heck, the OS even tells you how to disable its own security measure via a pop-up. The only real technical process is downloading the APK itself.

  • baconslayer09

    This is an absolute joke.

    Pirating on iOS requires you to jailbreak and then you can install any pirated app you want. So technically, every app on iOS has been "cracked". At least many Android apps have security built-in to prevent piracy on an OS that allows you to install whatever you want to begin with.

    • Cheeseball

      No. Considering that iOS 7 has no known jailbreak for the newer devices and the fact that many piracy repositories are being taken down, piracy on iOS has gotten a lot harder compared to Android.

      Remember, we still have side-loading, which is a double-edged sword.

    • http://gplus.to/mbirth Markus Birth

      Yeah, I also don't believe this 56% of "hacked" apps. Maybe it means 56 of 100 apps on iOS had to be modified to be able to use them via Installous & similar. But from what I remember, you could find almost ANY paid app for free 1-click install.

      • baconslayer09

        There was even a point where you can install pirated apps without a jailbreak using Zeusmos. iOS piracy was way more organized than Android piracy and it still might be at this point.

  • CERN

    Is the word "hacked" proper here? Well, this research maybe true, not just the top 100 apps but almost all of the popular apps are available online for free. But people don't seem to realise how easy it is to incorporate RATs or other dirty lines of codes to steal your personal data. Hence it is wise to stick to Google play.

  • CERN

    Why doesn't Google support debit cards in India? They should incorporate VBV and treat the transaction like a Point of Sale kinda system. Or at least add support for VCCs.

  • ghui

    jih

  • Jesuslifestoryisajuvenilelie

    Android why U no secure?

    • Mike Reid

      Because piracy helps Google establish and maintain dominance.

      Easy piracy is a "feature" of Android, and draws more people to it.

      Same as with Youtube, though piracy is much less prevalent there now.

  • USSENTERNCC1701E

    Could be they're including that wallet in app purchase exploit, that hack affects huge number of apps.

  • Ark

    Bullshit. Unless the app is a wrapper you can find any iOS app for free if you know where to look.

  • Ark

    Cool, Android=PC

  • Chris louthan

    A android game developer, that I work with made a great paid game, but for some reason couldn't get any main page advertising on the playstore, therefore no one knew about or downloaded his game. After a few months of frustration, he uploaded his game to a torrent site. Within a few weeks it had a few hundred downloads, and word began to spread within that community about what a good game it is.......that led to legitimate paid downloads on the playstore. It has been in the top 500 paid games since. The moral of the story is sometimes piracy serves a purpose for developers.

    On the other hand if some developers would quit fleecing the pockets of there customers through outlandish IAP's (yes I know, a popular topic in these forums) some of the modded pirated apps wouldn't be necessary. People want to play them, they just don't want to go broke doing it.

    I guess it would be better with Apple's store.....oh wait....weren't they just sued for billions for allowing developers to use shady practices regarding IAP's.

    • Marek P

      Maybe he should have then offered a free demo of the game instead, because, you know, people don't tend to pay for things they have absolutely no clue about. Add to that the fact that this game probably had very few or no downloads, ratings and reviews, this doesn't exactly encourage potential customers. Uploading it on a torrent achieved what a free demo version would have achieved.

    • Primalxconvoy

      Ironically, a popular retort from devs is that iaps are necessary due to piracy. I'd say that for games, they're the biggest reason why I'd look for the "unlimited coins and credits" version instead. Also, from a gameplay perspective, once you've got such gold, it's amazing to see how easy and thus broken the whole game is. You don't have any real reason to play as the "reward" is just the gold...

  • Gav456

    Ok, have a question regarding piracy, either from a legal or morality standpoint:
    I am a Tolkien fan, I own several copies of lotr, the Hobbit, the silmarillion, and others in non-digital form. Because I already own the books, do I have an inerrant right to download the e-book epubs for personal use?

    • Mike Reid

      Legally, probably not.

      Morally, who the heck knows ? Intellectual property rights are very difficult to analyze morally. Is it right to pirate when I'll never be able to afford the app and thus I'm not depriving the dev ?

      I'm a dev, BTW, and piracy is in my face every day from pirates who send "debug logs" from my app. I draw the line at support; some people ask for email support and pretend to be customers, while others claim to not realize the app is paid. Occasionally I convert a pirate into a customer, and that's the best I can do, I guess.

      • Primalxconvoy

        However, aren't debug reports good even from pirated sources? You get data from areas of the world, different devices and os versions that you might not have coded for.

        I've used hacked versions of games and apps and admitted it while submitting bugs and have bought the apps when possible for my devices when the bugs were fixed.

        In essence, use pirates as testers?

        • mjku

          "However, aren't debug reports good even from pirated sources?"

          Probably not. If the app was really hacked (depending on the definition), that could mean the app itself was altered from its original form and not just simply lifted from a device it was installed to. Their version of the app is then different than the one I published, making the debug logs potentially useless. I sure as hell would not spend any length of time chasing down "bugs" that only occur on a hacked version of my app.

  • OldDogeyes

    This article highlights the reason why malware on mobile isn't necessarily a bad thing. Anyone who pirates apps deserves to get infected. Back in the day I got burned by a pirated app. Reformatted my hard drive. Lost everything. Never bothered with warez since.

    If many of the dishonest scumbags who steal $2 apps would have their phone/tablet wiped a few times, that would fix that problem.

    • Primalxconvoy

      It's not that clear cut though. Some people turn to third party sources of apps and games due to not being able to access the play store on their device (Chinese tablets, android usb computers, ouya, etc), having their device blocked from that app at the play store (geo restrictions, unnecessary device restrictions, etc), circumventing excessive iap's (rr3, angry birds go, etc), having their paid version wiped by bad updates (most EA games), wanting to try the app for free before buying (no demo available) and other such reasons.

      • OldDogeyes

        I stand by my supposition. People who pirate apps deserve to have their devices wiped and data compromised.

        Sleep in the dogs bed and you deserve the dog's fleas.

        • Primalxconvoy

          So, are you stating that all of the Ouya users who sideload apps deserve such a fate? I think you're being a it too broad with the ol' brush of bile, there, Dougal.

          • OldDogeyes

            I said nothing of the sort. Sideloading is a method of installation. This article is about stealing paid apps, not a method of installation. Many legitimate installs are offered outside of app stores (XDA forums for instance and on an authors website as well).

            People who steal paid versions of apps deserve what they get.

          • Primalxconvoy

            Except that the only way (or believed known way) for users like this to get paid content onto their ouya or similar device is to sideload paid apps from a non official source, which could easily be considered piracy.

          • BrianLipp

            I may be focusing on the wrong thing here, but isnt is super easy to sideload the Play Store apk on devices like the Ouya, etc?

          • Primalxconvoy

            Not easy but possible. I haven't tried myself but I read that you have to not only install the apk it also the "Google framework" and other related gubbins into the device. Also, I think that you might need to install things that fake or mimic features such as the accelerometer and notifications etc for stuff to work. I think the Amazon store is easier to install but it's region locked so useless to me.

    • http://www.modminecraft.com/ Nick Coad

      Your whole argument only makes sense if you assume that all malware only impacts pirated apps, which is false.

  • mrjayviper

    one thing to remember though that in iOS, the number of jailbroken devices is small compared to the total devices still in use. While in android, anybody can install those pirated/cracked apps if they choose to do so. :)

  • http://www.emuparadise.me/roms-isos-games.php rarely online

    Freemium and in app purchases fuel the need for hacked or cracked versions of games and when you have people try to charge you $100 for a bloody kart then you deserved to have your app hacked.

  • Gustavo Parrado

    Even knowing that piracy is wrong when done for the sake of it, people keep comparing theft with piracy, which is pretty moronic. Crime is defined as something done wrong, that have CONSEQUENCES, if nobody is hurt in ANY way, then how can we say something is wrong? pirating apps because you don't have access to a credit card or gift card in any way is more about finding the only way out than hurting someone, the income doesn't come to the developer but not because of the "pirate"'s fault, but lack of good systems in place.

    I have downloaded some apps because 15 minutes is not enough to test, some apps need weeks to know if they work right (twitter clients, for example), no easy way out there, if proven worthy, I buy, if not, I delete it, done.

    I've known a lot of people who would not in any way pay for an app, so what is the real consequence of them pirating apps or games? in what way does that fact hurt the developer? you may try to see the world thru the politically correct way all you want, but in no way it changes reality. The fact is very simple, if I don't want to pay to see a movie, there's nothing that I, in my private life, can do to "steal" the makers of the movie, it doesn't matter if I see it or not, money is NOT going to them from me anyways. Grow up.

    • http://www.modminecraft.com/ Nick Coad

      "I have downloaded some apps because 15 minutes is not enough to test"

      I agree 100%. In Australia we have consumer laws protecting customers who receive faulty products, so I'm not sure how Google manages to get around this. There's no such concept in Australia of having a limited amount of time to return a faulty product for a refund. In fact a large retailer here (Harvey Norman) recently got in a lot of trouble for claiming the customer could only receive a refund within a certain period.

      • mjku

        15 minutes is the instant return window. If you send them a note a little later, you'll likely be able to receive your refund. I've done this even with the app devs themselves with 100% success rate.

    • thedesolatesoul

      In context of this statement where the people are not paying by choice: "I've known a lot of people who would not in any way pay for an app, so what is the real consequence of them pirating apps or games?"

      What if the app serves a REAL NEED? Would they still not pay for it?
      If it was not possible to pirate, then he would have no choice but to pay.

      • Gustavo Parrado

        these people simply don't get the app, it happens with a few other things, besides, in my country a credit card is hard to come by and google doesn't have a "gift an app" system which sucks.

        • thedesolatesoul

          Yes, I would really like the 'Gift an app' system even from developers.
          So what methods of payment are available in your country?
          Is PayPal available?

          • Gustavo Parrado

            no, I can only use paypal with my credit card, which defeats the purpose, and if I get money transfered to me, I can't get it out.
            There's ONE bank that offers a prepaid credit card if you have a savings account with them tho, but it's not very promoted and it's not the easiest to use, and having to have your savings account there makes it cumbersome because here you pay extra taxes if you have more than one savings account.
            There IS some ways, but you have to go to certain limits just to be able to buy apps, so the regular people just don't do it, instead they go to a more convenient answer: little shops that install those apps, games, etc for a little fee (all pirated :S), or tell their trusted friend who "knows about technology stuff" to do it.

          • thedesolatesoul

            I see. I asked the question to see if as a developer I could help in any way.
            So buying goods off Amazon or eBay is also impossible for you? In that case, this seems like more of a problem that your country isnt quite ready for digital transactions yet, the banks/government are not willing to open up these facilities yet.
            Personally, I usually focus more on the US/Europe on my apps (for instance, I do not spend effort on translations) because that is where I see most users are from (atleast from the Play Store statistics for my app).
            The user and small developer are both dependent on the big boys to open up the avenue :(

          • Gustavo Parrado

            Precisely part of my point, we can buy from Amazon and Ebay WITH a credit card, but as I said, few people have those, e-commerce is somehow limited to within the country, we can buy and sell via debit cards or cash on delivery.
            So, as you focus on US/EU (as the mayority of devs) not spending on translation even, what harm can it do that latinamericans pirate your app if you don't account those sales as even possible? Not talking specifical here, I say "you" as "any dev"

          • thedesolatesoul

            I know and I agree.
            I am just thinking what a valid solution for it would be. Maybe selling gift cards in your country so people can buy with cash. I am thinking of ideas where people can legally buy play store credit, via other means, maybe by doing jobs or giving honest reviews etc.

          • Gustavo Parrado

            Having the gift cards would be the best solution ever, as almost every transaction here is either debit or cash, allowing to gift apps would also help a lot.
            Paypal is not allowed as I recall, some apps have been removed from the playstore for using it, but other ways to get a "discount", like those you propose, writing a good review, promoting, or something like it would also be a good idea, just not as efective I'm afraid, but worth the shot anyways.

  • Jacob

    I think Google should push Playstore gift cards worldwide, this would diminish the piracy and it would encourage a lot of people to actually buy and download paid apps,

    I know lots of people who are afraid to give their credit card info, no matter company it is, well at least it´s like that here in Mexico, we even have iTunes and Facebook cards in almost every convinience store, basically every corner in the cities. Everyone I know who owns an iProduct use iTunes cards instead of credit cards and I can understand why it offers many advantages, limiting yourself and the kids from spending more than they should, and that´s important considering the huge amount of ridiculously expensive in-app purchases in the "free" apps.
    A couple of years ago, I had a lot of trouble trying to convince my parents to lend me their credit card, but now I have my own so it doesn´t matter anymore.

    Also it´s important to notice that it doesn´t matter how many apps have been cracked but how many are installed, and yeah just as many people are afraid to give their info, they are worried of people stealing it or getting some sort of malware, so I think the average user doesn´t know or try to install pirated apps.

    Anyway I hope Google makes it happen...

  • mustafa

    Forget paying for apps, I can't even access the play store without using a VPN

  • http://www.toysdiva.com Toys Samurai

    First of all, the fact that there are over 50% of iOS app gotten "hacked" is a surprise.

    Secondly, a friend of mine told me (he used an orig Droid RAZR) that he thought the iPhone is more user friendly. He has been using the Droid RAZR for almost 2 years and seemed to be very happy with that, so I asked a few more questions why he felt that way -- it turned out that he bought an iPod from some Chinese website (he's a Chinese himself), and it came pre-installed with dozen of apps and games that he would normally want to download (if free), or pay (if not free) by himself. When I told him that if he bought it from Apple or any legitimate source, he would got absolutely nothing of those sh*t, he was shocked, and told me that pre-installation of apps was the only reason why he felt the iOS is more user friendly. So, may be that over 50% of iOS hacked apps came from there.

    • Paul Taylor

      It was probably a Chinese clone that was actually running a skinned version of Android! Oh, the irony if that were true! :-)

  • http://blog.sawilson.org/ Scott Wilson

    Yet the iPhone is the least secure mobile device in history.

    http://www.businessinsider.com/report-apple-iphone-the-most-hacked-mobile-device-by-far-2013-3

    It's hacked ten times more often despite having eight times less marketshare. This is the difference between statistics and reality. I think I'll stick with reality.

  • Allan

    I like how "pirated" = "hacked" nowadays.

    Crapple fanboys must be reveling in their platform's iron wall of "security".

  • missinginput

    The only useful metric would be the % of users who pirate instead of purchasing an app

  • leo98918

    I would have to disagree with this. Every single iOS app has been cracked to be pirated. So that "56%" is a load of crap. When I had an iPhone, that's all I did, pirate every single app. I switched to Android and I've been buying the apps rather than pirating them. Now I have pirated a handful of apps at one time or another on Android, but only to try out an expensive app. If I liked it, I bought it.

    Now I understand this is just me, but I disliked Apple even when I owned their product.

  • Mike S.

    That's BS. When I had an iPad I DL EVERY single app, top 100 or whatever. They have everything.

    • thedesolatesoul

      but if I bought an iPad TODAY, will I still have access to all of those?

  • OmniWrench

    I'm really fuzzy as to what "hacking" or "cracking" in this context even means.. Of the Top paid apps listed in the play store right now are things that don't even have accounts or personal information associated with them, like Tasker or "Smart Tools" or a calculator.. or Christmas live walllpapers...

    What on earth does "hacking" a calculator or live wallpapers even mean?

  • ginobili

    As a student it was a little bit difficult to get a credit card and pay for apps so i cracked them all! But now i'm working and i pay every app i use. Same with games, i use to have hacked consoles and now i buy the games that i want to play.

  • Aleksandar Vasić

    It's a long thread so probably someone has already said this. I live in a country where paid apps are not available. Thus piracy is the only way we can get the paid titles without rooting, faking the location through market enabler and such - which btw Google has made much harder than it used to be. I'm not speaking in favor of piracy, I'm saying: GOOGLE GET OFF YOUR ASSES AND ALLOW PAID APPS EVERYWHERE!

    • castillodegredos

      True. Ive had Goodle Play Store for a few years, but still only apps and books. Theres no excuse in todays open world to delay ANY media. If you cant access apps/tv/films or whatever. Just do it anyway. Its easy. :) Theres no valid excuse for fragmenting it. Licenses? Not our problem. Fix it.

  • roflno

    Seriously who pays for android apps lol

    • castillodegredos

      Why wouldnt you? Its at most a couple of dollars for awesome functionality without ads. Are you a child?

    • mjku

      Grow up and give a buck.

  • castillodegredos

    I find it hard to believe that "hacked" versions of streaming services actually work? You need an account to partake of the goods. And what percentage of the pirate market is connected to phones without Google play acccess in Russia, China und so weiter?

    Sure, most of android users are cheap bastards (I only have android devices. Three of them. Stop being cheap bastards who dont want to pay for nice apps!) but the piracy thing is overrated. FUD.

  • http://planetmew.com/blog/ Christopher Glass

    The only way that those iOS apps didn't get pirated yet are because the Top 100 changes so radically that a ton of fly-by-night stuff appears and leaves within a few days, so many people never bother to get it or even see it to begin with.

    The pirated app repositories for Cydia are quite well filled out and I've never struggled to find an app there. I refuse to believe this story. Heck, they don't even cover if it's the latest version. Sure, you could find Subway Surfers hacked, but is it from 2 months ago and missing the streets of Moscow?

  • Random!

    DO WHAT YOU WANT 'CAUSE A PIRATE IS FREE! YOU ARE A PIRATE!

  • Random!

    I had the habit of using pirated apps, but then I heard about app wrappers and started to take note of the various security issues reported about android and root... Stopped using pirated apps. Still, I won't buy apps that are more than $2 (notable exception: wolfram alpha) and I would DEFINITELY use a pirate version of a streaming music app, just haven't yet for pure laziness.

  • guest

    I, for one, cannot buy apps, even if I wanted to throw my whole salary at swype I simply wouldn't be able to. Venezuela's currency is worthless internationally as the government fixed it priced overvaluing it (so if soemone accepted the exchange rate of the government they would be earning much less than any other currency), and as the exchange rate hurts the government itself they limit how much dollars you can buy in a year, and only if you have a CC. For a lot of people, it's simply impossible.

  • Angelica Thamson

    Now You Can Download Top Android Paid Apps For Free
    http://android2cloud.in/

  • Jorge

    iPhone apps are so hackeable as Android. Don't be misleading. I see every iphone app hacked/cracked. That's a fake report.

Quantcast