Re-Engineering BB Project From Xcode

what are binaries ? This stuff is kinda over my head.
Didn't get to see the video, but is it the case that someone has not been rebuilding clones from scratch, but is somehow lifting the source code from app stores and then ...what was going on in the video with buildbox?

 

@Jamie binaries are the compiled .ipa file that you submit to Apple via Xcode. All apps on the AppStore for iPad/iPhone are .ipa
it is really a zipped compilation of all the data and code that makes up an app. BB Docs are also zipped files of similar stuff. Code and resources. Whoever this guy is, he has a lot of code experience to figure out how to convert the .ipa into a working BBdoc file. For him to be able to do this with this level of accuracy is blow-mind. Disturbing and amazing at the same time. I would also doubt that he is a paying customer of Buildbox. But could easily be lurking on these forums in the un-paid section.

 

thanks for clarifying

 

Hi,
Just to add some thought on this matter.
In past we have same issue that someone is cloning our games on iTunes, Google Play, Amazon Apps with exact values on Game Play and exact graphic that we have in game.
They appear to be exact clones.

We try to investigate and even hired lawyer, you can find pretty damn good lawyer for this matter, to help protect us and remove all exact clones from App Stores.
On their work they come across some pretty good way how anyone is able to clone any game that is been publish on Google Play Store or Amazon Store, as they are open source.

To our knowledge its really hard to get hand on .ipa file, but on .apk as its open source is really easy.

We now that here or there will be someone who will find that way how to do this thing, but what we are doing now is publish for iTunes and after we publish on other App Stores.

Hope we could assist and help.

 

Hi guys,

after I read this thread my (tiny little) hair went all up... and tried to "understand" what's going on...

- the "easiest" way these guys re-engineer our apps is by using APK files. So, once downloaded from the store and they can access them from their devices getting the resources is really a kid's game... exactly 1 minute and all the stuff is there.

Something should be done so I was trying to figure out a solution. I haven't done much work on Android BUT I know that there are some tools that can be embedded in Eclipse (ProGuard?) which should allow the obfuscation of the apps (although these chaps go directly for the BB resource files).

There is a commercial tool that promises to encrypt also the resources called DexProtector. I have no clue how much it costs - there is also no trial version... - but if anybody wants to try and let us know if this is successful it would be great. It would be good if (after the launch) @TreySmith could explore the feasibility of this (or any other tool) so that we could focus on creating rather than worrying.

Interesting how the guy who ripped all those games has the guts to put his name and his face for the world to see... guts or total stupidity...

 

I believe we should do something. It seems that not happy of just ripping people off from their work is not enough - He also "SELLS" license to the source code (the templates and sources) to third parties on chupamobile.com

http://www.chupamobile.com/author/kalak

the source code of "Cavern"...

 

@netkomm This guy has just a handful of BB games. What I saw on the YouTube video was a far more diverse collection.
But the original owners of any BB game he is selling should make Chupa shut him down.
@Simon Crack had to do that with some of his stuff. I wonder if it is the same guy?

 

Different guy - he's selling a couple your games @Kevin W - take him down!

 

Hey guys, Phillip from tastypill here. I noticed this about a month ago when some of our exact games started popping up on Chupamobile and then saw some versions out on the Google Play Store. This guy here had ripped a few of our games and was selling them (http://www.chupamobile.com/author/1touchapp) so we emailed Chupa with proof and they were nice enough to take them down. It looks like he's still selling line zen and ball jump bbdocs.

We also found this Google Play account with a couple of our games published (https://play.google.com/store/apps/developer?id=LabErys&hl=en). We emailed him directly threatening to file a complaint with Google and he took the games down. He does however still have a published version of bounce, line zen, ball jump and circulate. From the looks of it they all have A LOT of downloads which is very upsetting since it looks like he's making a bunch of money off of the backs of others.

I'm not sure if it's the same guy or what but hopefully some of the respective owners will also file complaints for these and put these shadesters out of business. @TreySmith @Florian Porkert @Simon Crack

 

@TreySmith These look familiar
http://www.chupamobile.com/ui-graphic-asset/colorful-2d-games-hd-backrounds-pack-11387
Apparently Chupa Mobile is full of scammers who rip off and sell stuff

 

Well... this has been highlighted a few months back when we saw what was happening with all the high download bbox games such as ball jump, line zen and bounce being totally cloned exactly in the Google Playstore. Apparently no one took this seriously then... I guess the threat comes now that whoever this person may be have been able to reverse engineer any buildbox game into a bbdoc...

In other words this person could be a Bbox customer... or even worse he managed to hack the Bbox securities to get himself a free copy of Bbox so that he can clone all the bbox games... There are many lurkers in here and thats why we are now very cautious of whatever games that we have only showing them when necessary. Really hope the Bbox team can do something about this.

 

As first measure I am thinking to "forget" Android for a while until I can work out the implementation of obfuscation for the resources. Now it's way too simple for these guys to get everything out.

 

I'm pretty sure I found out how this has been done, it has nothing todo with Android, so whatever countermeasures necessary (and I could think of a few) should be taken by Buildbox Team ASAP!

@TreySmith I would really like to see a change here...

 

After just couple of hours, I've found out how they do it. BB Team will probably have a difficult time coming up with a solution since I assume this is something that could not be easily fixed.

 

How did this person get your bbdocs....or did they just reskin your ideas?

 

How? Simple. Apk are open books... Sadly.

 

I have heard of code obfuscation techniques being used in Flash with Actionscript and in HTML5 with javascript to make it harder for people to abstract the source code from nonsense. I guess it could be neat if the same could be applied to the cross-platform code bbox exports, but I don't know how hard that is to implement, and I am not sure that bbox should do it. If bbox does it, it would mean we cannot edit the code ourselves after exported out of bbox. However, if there is a resource to use in addition to bbox to help obfuscate code, that would be neat, perhaps. I guess the worry I have about using an additional obfuscator tool is that it might ruin the code, causing bugs and affecting the gameplay. Perhaps this is a product opportunity for @TreySmith and team to make a code obfuscator that will not produce bugs? Or is this just an opportunity to tighten up security where possible (should at least do this as Andy said earlier in thread)

 

Even if the code is obfuscated, the 99% of bbdocs are graphics and XML files. So it needs something a bit more radical... most likely won't be able to obfuscate graphics but at least will make these people sweat to rebuild the apps for more than a minute (currently)

Of course this level of encryption will bring down the performance of the game... so a lot of things that need to be evaluated.

 

TexturePacker had a way to protect sprite files. But I don't know if this can be applied to our stuff.

 

We have a few ideas that I think will help quite a bit. Will be knocking things around with Nik over the next week or so.