An iOS application developer has come up with an extreme way of fighting software piracy—by auto-posting "confessions" to its users' Twitter accounts.

If you search Twitter for the hashtag #softwarepirateconfession you'll find a stream of tweets stating, "How about we all stop using pirated iOS apps? I promise to stop. I really will. #softwarepirateconfession." There are many dozens of these tweets in the past day alone, all identical. So what's happening? It turns out that Enfour, the maker of a variety of dictionary apps, is auto-posting tweets to users' accounts to shame them for being pirates. But the auto-tweeting seems to be affecting a huge portion of its paid user base, not just those who actually stole the apps.

An apology in Japanese was posted on the Japan-based Enfour's site, listing affected products including more than a dozen English dictionary and thesaurus apps, such as American Heritage, Collins, and Australian Oxford dictionaries. There are another half-dozen or so Japanese language apps affected as well.

Enfour VP of Communications Tracey Northcott also apologized on Twitter. Northcott wrote on November 1 that "The anti-piracy module kicked in today for legitimate users," and she called the problem a "bug" and a "glitch in the anti-piracy measures." She wrote, also on November 1, that an updated version of the apps rushed onto the App Store had fixed the auto-tweet problem. (Whether the "fix" eliminates the auto-tweets entirely or makes it so they only affect people who actually stole the app, she did not say.) She's still doing damage control this week, advising people on Twitter to update to the latest version.

Why did Enfour do it? "Only 25% of our apps in use are legitimate copies. Piracy is threatening the survival of all independent devs," she wrote.

I tested one of the apps and found no problems. However, people are still complaining, and the timing of the complaints suggest either that they are using older versions of the apps or that the promised fix hasn't been fully successful.

You calling me a pirate?

The problem gained wider attention in the past couple of days because of a blog post written by Andreas Ødegård, a user of the "Oxford Deluxe" dictionary app and editor at the tech site Pocketables. He writes in a post on November 10:

I sat down to grade papers for an English class, and loaded up the dictionary app I’ve been using for ages to check a word. I got asked for access to my Twitter account, declined, and was thrown out of the app. Again and again. OK, I thought, apparently some update means the app now requires access—nothing new, apps need location access to access photos, and I don’t plan on sharing any words on Twitter anyways, so why not. I checked my word, went back to grading. A few minutes later, I get a Twitter notification email about someone replying to my tweet. What tweet? This one: How about we all stop using pirated iOS apps? I promise to stop. I really will. #Softwarepirateconfession

Ødegård writes that he paid $55 for the app in August 2010, and posted a screenshot of the receipt to prove it. But his iOS device is jailbroken and has Installous, an "app store" that rips off apps from the real Apple App Store and makes them available for free. Ødegård continues:

I have Installous, a jailbreak app for installing pirated apps, installed, but have only ever used it once: When Scanner Pro, which I also legally own, introduced a bug in the app that made the app stop working completely on my device. Installous lets you browse a list of available pirated versions of the app, which also means you can use it to go back to an older version of an app you legally own. This is otherwise impossible in iOS, unlike on Android. Don’t know if there’s a relation there, but I assume so. If I were to guess, I assume the developer got tired of having the $50 app stolen, included a check for Installous, and simply forgot to actually add a method to see if the users had used it for the app in question. Whoops?

While Ødegård suggests the problem is limited to owners of jailbroken iOS devices, others say that's not the case. One commenter on the Pocketables blog post writes that "this has nothing to do with having a jailbroken iPad or iPhone. It is happening to everyone." A commenter on Hacker News reported using Enfour's Longman Dictionary of Contemporary English on a device that is not jailbroken, saying, "The latest version displays 'I'm a software thief' as a notification, says to run the app in safe mode and then crashes."

We've contacted Enfour for further comment but have not heard back yet. As noted, complaints have continued to come in after the application update that was supposed to fix the problem. Enfour's American Heritage Dictionary—4th Edition app was updated last on November 1, but several customer reviews of the current version detail the same complaint about the pirate tweets. On November 2, user Sean O'Brien wrote:

Apparently, even though I paid nearly $25.00 for it, something in the code of this app identified me a owning a pirated copy. It then asked for access to my Twitter account through my iPhone. I gave it access because, it's the American Heritage Dictionary! If any app can be trusted with my Twitter account, it ought to be my expensive dictionary app. But no, it tweeted the following message: "How about we all stop using pirated iOS apps? I promise to stop. I really will. #softwarepirateconfession"

The App Store on iOS devices can display reviews from either the current version or all versions. Three more users writing on November 3 and November 4 weighed in with similar complaints about the American Heritage app's current version. That Longman app we mentioned above has similar complaints about the current version.

We weren't able to replicate the problem ourselves in the Ars Orbiting HQ. I have a couple of jailbroken iOS devices, so I tried recreating the problem by purchasing the American Heritage Dictionary—4th Edition. The app hasn't asked me to authorize Twitter on either device, and my Twitter account has not been hijacked.

While that suggests Enfour's fix has been at least partially successful, there are enough complaints still floating around to make us wonder if the problem is completely gone. The "confessions" are still rolling in on Twitter.

Enfour's problem exists between keyboard and chair

Enfour can call it a "bug" if it wants, but the bug wasn't just in the implementation—it was in the idea itself. Surely, there are better ways to fight piracy than forcing users to post involuntary "confessions" to their Twitter feeds. But since Enfour was insistent on shaming pirates, they should have tested the system a lot more thoroughly before rolling it out. If you're going to auto-tweet a confession to a user's Twitter account, make sure the confession itself isn't false.