I have just recently been alerted to a developer who has completely cloned one of my latest games QuBe.
As you can see, screenshots alone, there are already similarities here. However, on downloading of the 'clone' I see that their game behaves like they managed to download the original source, swap out a few assets to make it look slightly different, and publish as their own released game!!
So this makes me ask the question: Is it possible to break apart a store release build of a Game Salad game, re-engineer it, to the point of it being like-for-like identical source code, in terms of behaviour, scenes, even bugs and quirks I know about.
Like I mentioned above; it is like they have got hold of the source, swapped a few graphics and republished.
Is this known about? How is this possible? The same developer has cloned our Tiny Goalie game also.
Any help or tips to prevent this from happening in future games would be really helpful, as it makes me a little weary using Game Salad again, knowing all your hard work can be duplicated like-for-like from a store build version of your game.
This happened to me too a couple of years ago with the original Air Supply.
I got in touch with Apple sending documented evidence of the similarities - like you, some scumbag had stolen my file, changed a couple of graphics, and published it as their own.
Apple was very responsive, and the game was taken down within a day or so.
It's a reprehensible thing to happen to anyone, and I'm very glad GS is taking this seriously this time.
@Armelline said:
I have to say I agree completely. Code obfuscation really should jump to the absolute top of their list and they should push an update out with it asap. It's potentially a platform killer. I thought they'd done this already, very distressing that they haven't
Agreed, this is an insane situation ! There is already the ongoing threat from template makers making identical copies of your game and selling it to anyone with $20 who wants to upload your work as their own, but this goes one step further, it seems to be an invite to every low life out there to help themselves to your work.
@CodeWizard said:
So, it looks like a fix for this will be implemented by EOB Monday. We'll push to get it out as a hotfix to 11.1. Can't get much more top-priority than this!
@dgackey said:
We're going to address this permanently with an engineering solution. BlackCloakGS and adent42 are working on it now.
Great stuff, as I'm sure you are aware these kinds of things threaten not just GS users work, but the GameSalad platform itself, good to see you stamp on this one quickly !
dgackeyAustin, TXInactive, PRO, Chef EmeritusPosts: 699
We have investigated the account of the individual who published the infringing games and terminated that user's account for violating our Terms of Service.
For what it's worth, that ChupaMobile page looks like it's infringing (big time) on @FatFish's IP, but based on what I can tell they're offering Cocos2D clones built with art assets that look similar to the original, so this wasn't the source.
However, it's still probably worth filing a complaint with Chupa Mobile vis report@Chupamobilemobile com.
Dan
Dan Magaha · COO · GameSalad, Inc · danm@gamesalad.com
tenrdrmerMember, Sous Chef, Senior Sous-ChefPosts: 9,934
That's awesome you guys are adding some security.
It's worth mentioning though. Basically all the games on the store are able to be ripped in this fashion by any coder who knows what they are doing. If i remember right way back when this was being looked at before the engineers even downloaded angry birds and easily manipulated the code to there liking and republish. Obviously they didn't submit it but they did it to see if t was possible and it was. They pain here is GS is much easier to use for the layman so ripping has always been an issue. Nice to see it being addressed.
Keep in mind though if a human made it a human can break. This stuff mostly keeps the honest people honest.
It's worth mentioning though. Basically all the games on the store are able to be ripped in this fashion by any coder who knows what they are doing.
The problem here is it is crazy easy to do this and you don't need to know any coding at all. I just tried with one of my apps and it took me less than three minutes to figure out how to get to the file. So long as the project file is included in the binary (which is crazy!) and people know about it, there is absolutely no security (OS X even gives you hints what to do!).
Great to hear this will be fixed so soon. Then I'll be off to publish some security updates.
@pHghost said:
The problem here is it is crazy easy to do this and you don't need to know any coding at all. I just tried with one of my apps and it took me less than three minutes to figure out how to get to the file. So long as the project file is included in the binary (which is crazy!) and people know about it, there is absolutely no security (OS X even gives you hints what to do!).
Additionally, stealing a GameSalad game and making minor alterations, no matter how simple it is to do so, will get you nowhere in then end. It's more likely to cost you more than you'll ever make.
As my story shows, if you can objectively demonstrate that the game has been stolen, a quick email to Apple will get the game pulled from the app store.
Add to that that @dgackey is thankfully willing to ban anyone's account that tries this now, I can only hope it will put people off doing it.
Can you explain how doing any of this is different then some one selling a clone of a game. It's the exact same thing except that person is mass producing the problem and making money. Why do people turn a blind eye to that yet this issue is far more important?
@Jeromy said:
Can you explain how doing any of this is different then some one selling a clone of a game. It's the exact same thing except that person is mass producing the problem and making money. Why do people turn a blind eye to that yet this issue is far more important?
I can't explain it, no. I'm not a fan of cloning or stealing.
I have to go out otherwise I'd go into greater detail. Sorry!
Yes we're aware of them, and as @dgackey has said we'll be in touch with them very soon!
@Andrea_Comisi said:
Did you make tiny striker with gamesalad!?
Can you explain to me how he did it with gamesalad, even if it was project with game salad?
Tiny Striker was built in a whole different game engine. Took a fair few days to get that control to feel right as well, hehe I did think of trying it out in GS by myself but it made my head explode so passed it over more of a wizard.
@CodeWizard said:
So, it looks like a fix for this will be implemented by EOB Monday. We'll push to get it out as a hotfix to 11.1. Can't get much more top-priority than this!
It will not be out tonight we are having some trouble with the encryption algorithm we are using to protect the xml files. We will get this out to you ASAP. Hopeful tomorrow or Wednesday. Sorry for the delay.
Braydon_SFXMember, Sous Chef, Bowlboy SidekickPosts: 9,273
@BlackCloakGS said:
It will not be out tonight we are having some trouble with the encryption algorithm we are using to protect the xml files. We will get this out to you ASAP. Hopeful tomorrow or Wednesday. Sorry for the delay.
The protection for our projects is needed, but using encryption means that we will need to file an Encryption Registration for the US and France. Am I wrong? I hope so!
To circumvent this in the US I think the encryptions needs to be no deeper than 56 bits.
dgackeyAustin, TXInactive, PRO, Chef EmeritusPosts: 699
@Hopscotch I don't believe that's the case. Game software is generally considered EAR99 for the purposes of export restriction, which means it's a "low level" consumer good and isn't subject to any of that reporting (unless you plan to export it to a country that is on the "bad" list):
Thanks @dgackey, however this seems contrary to the drama that Apple makes around this issue. The mobile/online nature of apps differentiating it from normal games, plus the potential of data transfer across borders.
From my digging (first point is relevant):
These conditions are OK:
If you are using the iOS and Android native encryption methods(?), and only for internal app specific functionality (no exporting or transfer of data).
If the encryption is only used for online user authentication or in combination with a single online purchase.
If the encryption is not higher that 56-bit.
Not OK:
Accessing online data via https/SSL.
Using non standardized/proprietary Encryption methods.
Hope we are OK as the government approval process takes a month, requires a legal entity and makes the app approval process take longer.
@Hopscotch Let me shed a little light on this to clarify. We are talking about two different things:
1 - An encrypted app. (The app is encrypted so you can't reverse engineer it)
2 - An app that uses encryption. (The application communicates using encryption)
When App Store providers including Apple talk about apps using encryption it is to do with VPN like SSL and IPSEC. Which means the application uses encryption to communicate. There are export laws that you have to obey in that regards that is why you have to tick the box about export compliance when you publish your app. The laws prevent the export of these kinds of apps to certain countries.
On the other hand if you encrypt the source code in your app that is perfectly fine because the app is not using encryption but it's encrypted. Your answer to the export compliance remains the same when you publish your apps. Hope this helps. ha ha just saw what you posted above but I am not gonna delete it now ...
Comments
Super response and action from GS! /thumbsup
Respect also to you @FatFish, in the way that you approached the issue.
MESSAGING, X-PLATFORM LEADERBOARDS, OFFLINE-TIMER, ANALYTICS and BACK-END CONTROL for your GameSalad projects
www.APPFORMATIVE.com
Awesome!
This is fantastic news. It's great to see the GS team being so proactive on the issue. Good job and thanks again.
@FatFish
I'm sorry this has happened to you
This happened to me too a couple of years ago with the original Air Supply.
I got in touch with Apple sending documented evidence of the similarities - like you, some scumbag had stolen my file, changed a couple of graphics, and published it as their own.
Apple was very responsive, and the game was taken down within a day or so.
It's a reprehensible thing to happen to anyone, and I'm very glad GS is taking this seriously this time.
QS
Dr. Sam Beckett never returned home...
Twitter: https://twitter.com/Quantum_Sheep
Web: https://quantumsheep.itch.io
Thanks for the quick replies, guys!
Great to know we're in good hands.
My GameSalad Academy Courses! ◦ Check out my quality templates! ◦ Add me on Skype: braydon_sfx
@FatFish
....here may be your perp!!!
He/she even shows your app links and sensor tower info.
http://www.chupamobile.com/ios-full-games/tiny-goalie-template-4378
Complete Guide to iOS Publishing {} Complete Guide to Mac Publishing
Agreed, this is an insane situation ! There is already the ongoing threat from template makers making identical copies of your game and selling it to anyone with $20 who wants to upload your work as their own, but this goes one step further, it seems to be an invite to every low life out there to help themselves to your work.
Good work, stamp these *&^%s out !
Great stuff, as I'm sure you are aware these kinds of things threaten not just GS users work, but the GameSalad platform itself, good to see you stamp on this one quickly !
We have investigated the account of the individual who published the infringing games and terminated that user's account for violating our Terms of Service.
For what it's worth, that ChupaMobile page looks like it's infringing (big time) on @FatFish's IP, but based on what I can tell they're offering Cocos2D clones built with art assets that look similar to the original, so this wasn't the source.
However, it's still probably worth filing a complaint with Chupa Mobile vis report@Chupamobilemobile com.
Dan
Dan Magaha · COO · GameSalad, Inc · danm@gamesalad.com
That's awesome you guys are adding some security.
It's worth mentioning though. Basically all the games on the store are able to be ripped in this fashion by any coder who knows what they are doing. If i remember right way back when this was being looked at before the engineers even downloaded angry birds and easily manipulated the code to there liking and republish. Obviously they didn't submit it but they did it to see if t was possible and it was. They pain here is GS is much easier to use for the layman so ripping has always been an issue. Nice to see it being addressed.
Keep in mind though if a human made it a human can break. This stuff mostly keeps the honest people honest.
>
The problem here is it is crazy easy to do this and you don't need to know any coding at all. I just tried with one of my apps and it took me less than three minutes to figure out how to get to the file. So long as the project file is included in the binary (which is crazy!) and people know about it, there is absolutely no security (OS X even gives you hints what to do!).
Great to hear this will be fixed so soon. Then I'll be off to publish some security updates.
Did you make tiny striker with gamesalad!?
@Andrea_Comisi
Do you mean Tiny Goalie? if so, yeah he did.
@FallingBoxStudios i'm talking about tiny striker : https://itunes.apple.com/us/app/tiny-striker/id868365169?mt=8. the thing that interested me is the fact that the ball perfectly follows the gesture accomplished! Can you explain to me how he did it with gamesalad, even if it was project with gamesalad?
@FallingBoxStudios i'm talking about tiny striker : https://itunes.apple.com/us/app/tiny-striker/id868365169?mt=8. the thing that interested me is the fact that the ball perfectly follows the gesture accomplished! Can you explain to me how he did it with gamesalad, even if it was project with gamesalad?
*just in case it was projected with gamesalad?
True enough. Apple seems to be taking a tougher stand on blatant clones, as seen here:
http://techcrunch.com/2014/08/22/clones-of-flappy-bird-sequel-swing-copters-flushed-from-app-stores/
Hope that continues!
Additionally, stealing a GameSalad game and making minor alterations, no matter how simple it is to do so, will get you nowhere in then end. It's more likely to cost you more than you'll ever make.
As my story shows, if you can objectively demonstrate that the game has been stolen, a quick email to Apple will get the game pulled from the app store.
Add to that that @dgackey is thankfully willing to ban anyone's account that tries this now, I can only hope it will put people off doing it.
QS
Dr. Sam Beckett never returned home...
Twitter: https://twitter.com/Quantum_Sheep
Web: https://quantumsheep.itch.io
Can you explain how doing any of this is different then some one selling a clone of a game. It's the exact same thing except that person is mass producing the problem and making money. Why do people turn a blind eye to that yet this issue is far more important?
I can't explain it, no. I'm not a fan of cloning or stealing.
I have to go out otherwise I'd go into greater detail. Sorry!
QS
Dr. Sam Beckett never returned home...
Twitter: https://twitter.com/Quantum_Sheep
Web: https://quantumsheep.itch.io
Yes we're aware of them, and as @dgackey has said we'll be in touch with them very soon!
Tiny Striker was built in a whole different game engine. Took a fair few days to get that control to feel right as well, hehe
I did think of trying it out in GS by myself but it made my head explode so passed it over more of a wizard. 
Are we still on for tonight, babe?
QS =D
Dr. Sam Beckett never returned home...
Twitter: https://twitter.com/Quantum_Sheep
Web: https://quantumsheep.itch.io
It will not be out tonight we are having some trouble with the encryption algorithm we are using to protect the xml files. We will get this out to you ASAP. Hopeful tomorrow or Wednesday. Sorry for the delay.
Thanks for the update!
My GameSalad Academy Courses! ◦ Check out my quality templates! ◦ Add me on Skype: braydon_sfx
The plan is we will encrypt the project file using 256 bit key that is unique per project.
@BlackCloakGS, @CodeWizard, @dgackey, how will this impact our Export Compliance with regards to Encryption?
The protection for our projects is needed, but using encryption means that we will need to file an Encryption Registration for the US and France. Am I wrong? I hope so!
To circumvent this in the US I think the encryptions needs to be no deeper than 56 bits.
MESSAGING, X-PLATFORM LEADERBOARDS, OFFLINE-TIMER, ANALYTICS and BACK-END CONTROL for your GameSalad projects
www.APPFORMATIVE.com
@Hopscotch I don't believe that's the case. Game software is generally considered EAR99 for the purposes of export restriction, which means it's a "low level" consumer good and isn't subject to any of that reporting (unless you plan to export it to a country that is on the "bad" list):
http://www.bis.doc.gov/index.php/licensing/commerce-control-list-classification/export-control-classification-number-eccn
At any rate, even 56-bit encryption would be more than adequate for our purposes.
Dan Magaha · COO · GameSalad, Inc · danm@gamesalad.com
@Hopscotch -- I think you need to report to Apple if you are encrypting user data in an app, not when the app data is encrypted to prevent IP theft.
Thanks @dgackey, however this seems contrary to the drama that Apple makes around this issue. The mobile/online nature of apps differentiating it from normal games, plus the potential of data transfer across borders.
From my digging (first point is relevant):
These conditions are OK:
If you are using the iOS and Android native encryption methods(?), and only for internal app specific functionality (no exporting or transfer of data).
If the encryption is only used for online user authentication or in combination with a single online purchase.
If the encryption is not higher that 56-bit.
Not OK:
Accessing online data via https/SSL.
Using non standardized/proprietary Encryption methods.
Hope we are OK
as the government approval process takes a month, requires a legal entity and makes the app approval process take longer.
MESSAGING, X-PLATFORM LEADERBOARDS, OFFLINE-TIMER, ANALYTICS and BACK-END CONTROL for your GameSalad projects
www.APPFORMATIVE.com
@Hopscotch Let me shed a little light on this to clarify. We are talking about two different things:
1 - An encrypted app. (The app is encrypted so you can't reverse engineer it)
2 - An app that uses encryption. (The application communicates using encryption)
When App Store providers including Apple talk about apps using encryption it is to do with VPN like SSL and IPSEC. Which means the application uses encryption to communicate. There are export laws that you have to obey in that regards that is why you have to tick the box about export compliance when you publish your app. The laws prevent the export of these kinds of apps to certain countries.
On the other hand if you encrypt the source code in your app that is perfectly fine because the app is not using encryption but it's encrypted. Your answer to the export compliance remains the same when you publish your apps. Hope this helps. ha ha just saw what you posted above but I am not gonna delete it now ...
Free Mini Games and Demo Templates