Handle Copycats (License fraud)

[theScrabi]

Follow these instructions if you want to report an app on the Google Play Store!

---

Hey guys, I happen to notice some new copycats which seemingly violate our License.

Once again, it's OK to copy NewPipe as long as you do not violate our GPLv3 License. Please inform yourself about GPLv3 before forking!!!

I already mailed some of the copy kiddies, but they seem to not react on it (like always), so my question is how should we handle these copycats in the future?

List of known and active copies/forks

In the Google Play Store

• TubePlay Mp3 Video
• PlayTube Video Mp3
• Play Tube & Video Tube
• Play Tube & Video Tube (same name, different app)
• Tiny Browser & Video Saver
• GreenTuber block ads on videos
• Play Tube Block Ads for Video
• JanaTube
• Play Tube & Video Tube (same name, different app)
• Yance: Video Downloader Player
• Pure Play Tube - Block Ads
• Pure Tuber: Block Ads on Video
• Play Tube - Block Ads on Video
• Play Tube - Block Video Ads
• Ucmate Play - Tube Player
• Revanced
• Play Tube

In the Huawei AppGallery

• (to be added)

In the Samsung Galaxy Store

• (to be added)

Other copies/forks

• MyDownloader
• Ucmate (website version)

[ksh-b]

Thats embarasing. How come they even stay on playstore.

https://support.google.com/googleplay/android-developer/contact/takedown

[theScrabi]

I've tried that, but google does not seem to respond? Maybe I'm doing something wrong here. Howerver, I know that it works sice there was already a fork that got kicket out.

[yasinalm]

don't worry, you don't need to to do anything. it is impossible(99.99%) a single app stays alive until 500 downloads. Play store takes care of it extremely very well as YT is his own too. they can earn 1-2$ but loose 25$ (account registration fee). So, it is not worth that much effort to do something. they punish themselves.

A few examples can be found but they won't live longer and the ads will be eventually ceased.

[theScrabi]

Sure? audiorocket sem tho have more than 400k downloads.

[ericswpark]

Unfortunately while copycats will always be there (I have some on my hands too) it's just easier for you to send a take-down notice to Google and let them deal with it.

That being said, Google hates your app so they might just not be taking it down in spite. Who cares, the average 99% of people in the world likes it anyway ;)

[TheAssassin]

This list has been mined out of 600 MiB of parsed email data. If you can spot some of them, please get in touch with us.

Edit: These are package names I parsed from the ones in the field that was added a few weeks after the introduction of the bug reporting. For this and other reasons, this list is not complete, there might be more.

co.at.newpipe
com
com.akkayaxm.mscPlayer
com.cubic3.MyDownloader
com.dl.video
com.facecampt.free.music.player
com.FloTemp
com.gawo.rohgf
com.green.music
com.halara.trap
com.hvlapps.freemusicplayer
com.mp3musicdownloader.mp3.music.downloader
com.mp3musicdownload.music
com.mp3musicdownload.musicmp3
com.mp3music.newlife
com.mpool.mytube
com.musicmp3downloader.ilovemp3
com.musicmp3.newmusic
com.musicmp3.new\nmusic
com.music.paradise
com.mwiz.pingmusic
com.tenlishir
com.youtube.audiorocket
com.youtubed.ydownloader
com.youtubelistening.youtubebackground
com.youtubelite.floattube
com.zbm.probasse
idev4mobile.karaoke
idev4mobile.videotube
inc.players.youlayer
musicstream.videostream.newpipe
org.bardo.newpipe
org.le.keep_video
org.schabi.newpipe
org.schabi.vbl2013
org.schabi.videodownloader
org.schabi.youdownload
org.schabi.youdownloader
org.testng01.tubeb44

[coffeemakr]

I've created a small script to check if they are on google play: https://gist.github.com/coffeemakr/8862e7903c4bea21b99c6a457268af71

The following packages are on google play:

• co.at.newpipe (MOD edit: removed)
• com.gawo.rohgf (MOD edit: removed)
• com.mpool.mytube (MOD edit: removed)
• com.mwiz.pingmusic (MOD edit: removed)
• com.tenlishir (MOD edit: removed)
• com.zbm.probasse (MOD edit: removed)
• idev4mobile.karaoke (MOD edit: removed)
• com.video.tubeplayerorg (MOD edit: removed) (not on the list)
• idev4mobile.videotube (MOD edit: removed) (mentioned by @Poussinou)

A copyright violation can be submitted with this form: https://support.google.com/legal/contact/lr_dmca?&product=googleplay The description on how to fill out the form can be found here: https://support.google.com/legal/troubleshooter/1114905#ts=1115643%2C1115789%2C1117010%2C1697925

[theScrabi]

I didn't expect it to be so much xD

[TheAssassin]

Beware that this is not even the whole list, only the ones we captured on a side-channel. But yes, it's quite an amount. Time to take half a day and send some DMCA takedown notices, @theScrabi.

[Zero3K]

How about adding some code that checks the display/package name of NewPipe and if it has been changed, let the user know (and possibly refuse to work)?

[TheAssassin]

Then you'd also notify the copycat and tell them "oh, I need to remove that piece of code". They're not that stupid, because they must obviously know how how to develop for Android to create realistic apps. This measure is rather pointless IMO.

[theScrabi]

The only thing we could do is making it harder for copycats to change the email address where the but reports are send to.

[Poussinou]

@theScrabi Did you feel the DCMA takedown notice, out of curiosity? It only takes a few minuts and Google reacts in a few days (I already tried with an other app) I can see that the apps haven't all been taken down.

I would like to add this one (MOD edit: removed) to the list made by coffemakr !

[TobiGr]

Just found this app on Google Play: com.newpipestudio.newpipe They even use our screenshots.

[Poussinou]

There are also this other one: https://play.google.com/store/apps/details?id=com.newpipestudio.fildotube https://play.google.com/store/apps/details?id=com.newpipestudio.pelismagnet made by the same "developer"...

[theScrabi]

I found them to. hilarious xD. Sometimes it's funny what kind of B S they are creating :P

[comradekingu]

Better icon tho, ayyyyy :) Edit: Should we report all of them in a conduced effort? Seems my one complaint went on deaf ears.

[theScrabi]

I know that problem. Tho we should try to continue with reporting, because without punishment they might think it's ok what they do.

[Poussinou]

@TeamNewPipe @theScrabi

It looks like there is another one here ! Do not forget to report :)

[theScrabi]

Oe come on. Tho the icon looks nice. Can't we just steel that bock from him?

[Ostefanini]

Does play store will really help you in this war? Play yt in background is something quite illegal for them...

[theScrabi]

Well I wouldn't raise, there attention to much.

[ghost]

I found the following ones in the Play Store atm. Is there nothing we can do about them?

• https://play.google.com/store/apps/details?id=co.at.newpipe
• https://play.google.com/store/apps/details?id=com.floattube.liteyoutube
• https://play.google.com/store/apps/details?id=com.youtubelite.audiorocket
• https://play.google.com/store/apps/details?id=com.newpipestudio.newpipe
• https://play.google.com/store/apps/details?id=com.youtubelite.videorocket
• https://play.google.com/store/apps/details?id=co.RosyBrown.newpipe
• https://play.google.com/store/apps/details?id=youtubedownloader.downloader.newtube
• https://play.google.com/store/apps/details?id=com.rain.audio.rocket
• https://play.google.com/store/apps/details?id=com.newpipestudio.fildotube
• https://play.google.com/store/apps/details?id=idev4mobile.karaoke
• https://play.google.com/store/apps/details?id=idev4mobile.videotube

[theScrabi]

Report them. Thats the most we can do.

[theScrabi]

That guy releasing Fildo even calls himself. "New Pipeplayer" and rebranded NewPipe 3 times. ... Funny.

[anantoghosh]

@theScrabi Tweeting to https://twitter.com/GooglePlay may help. Those guys are pretty responsive.

[comradekingu]

Just contact a news outlet about the nature of what is actually on the Play store. It writes itself.

[theScrabi]

Someone put this on Reddit. Thanks :)

[Zykino]

Just as a side note : you may add the license to the github repository so everyone see it at the "usual place" and there is no "I don't know what I can do with GPL but it's open source". Github have a nice presentation of the current license of a repository, It won't hurt to use :)

[theScrabi]

Well we have a license, I don't know why it's not recognized by github.

[Zykino]

Official doc: https://help.github.com/articles/licensing-a-repository/

[TheAssassin]

Tried to rename it, didn't work: https://github.com/TeamNewPipe/NewPipe/commit/eee3ccafc33981daa276cf88644b2edaeff68c69

@Zykino any ideas?

[TobiGr]

Did you already try to delete the existing license and then adding it as described here?

[TheAssassin]

I'll try so next.

[TheAssassin]

@TobiGr tried to, didn't work.

@theScrabi maybe you want to give it a try?

[Zykino]

@TheAssassin I'm owner only for old school project so didn't tested it.

[ghost]

@TheAssassin: When I create a new repo at GitHub with GPLv3.0, clone it, diff LICENSE from that new repo (which shows that fancy GitHub license thingy) with LICENSE from NewPipe, I get exactly 0 differences, so it's really weird…

[TobiGr]

Hm. Maybe we can ask the GitHub support team. They answer quite quickly and we don't waste time.

[ghost]

I've asked them and they said it's because there are multiple files starting with the word license (including some Java files).

[TheAssassin]

Reverted the malicious commits.

@wb9688 they are technically right, there's these files:

NewPipe (dev)> find | ag license | 
./app/src/main/java/org/schabi/newpipe/about/License.java
./app/src/main/java/org/schabi/newpipe/about/LicenseFragment.java
./app/src/main/java/org/schabi/newpipe/about/LicenseFragmentHelper.java
./app/src/main/java/org/schabi/newpipe/about/StandardLicenses.java
./app/src/main/res/layout/fragment_licenses.xml
./LICENSE

However I don't understand why their detection logic even considers files called anything other than LICENSE{.md,.txt}. Their documentation implies those are the only permitted files. Also, it should be possible for them to detect it even if there's other files with similar names. They could even show a warning if there were multiple licenses and they wouldn't know which one's the right one, or show a list. This is really an issue with GitHub rather than our repository.

[ghost]

@TheAssassin: Yeah, I agree with you. Btw those last two don't start with License (but contain it), so they didn't count. And what's ag?

[ghost]

@TheAssassin: Hmm… now GitHub support says it's because of the copyright file.

[comradekingu]

@wb9688 Usually the license is to be found in a file called COPYING

[TheAssassin]

@wb9688 the GitHub support replies sound like excuses, to be honest.

I suggest to publish the whole topic here: https://github.com/isaacs/github (or even https://github.com/isaacs/github/issues/887). This might help others to sort out similar problems. My suggestion would be to just show what's wrong when there's problems detecting the license. I'd like to see GitHub implement something like that.

[racuna]

Found this on Google Play "recommended for you": https://play.google.com/store/apps/details?id=com.isong.up

[TheAssassin]

Thanks. We'll add it to the TODO list.

[theScrabi]

Lol what is this guy iSong up to: http://www.appisong.xyz/happy-new-year-contest.html

They even embedded push notification into the app, for what ever reason :/

[yeahtheboys]

Someone selling sourcecode. Is this allowed? :/

https://www.chupamobile.com/android-video/candytube-video-s-downloader-16258

[nico202]

@yeahtheboys If I understand the GPL correctly, yes. BUT they have to give credit AND if anybody buys/gets the binary from them, they HAVE TO give the source for free, too. And everybody buying it is free to give it away for free

edit: I'm wrong here, please see the following post from TheAssassin

[TheAssassin]

@nico202 let me correct a few bits:

If I understand the GPL correctly, yes. BUT they have to give credit

So far, so correct. But they don't just have to give credit, they need to release it under the same license as before. This is called copyleft principle, and that makes the GPL a copyleft license.

AND if anybody buys/gets the binary from them, they HAVE TO give the source for free, too.

Nope. If they sell the binary release, they must hand out the source code to people who request it, too, but they may demand a fee that must not be higher than the price for the binary release. The GPL FAQ have this topic covered, see https://www.gnu.org/licenses/gpl-faq.html.

And everybody buying it is free to give it away for free

That makes it free software, yes, rather than gratis.