The Chinese app ban confused a lot of people when they see the app they used is no longer available.
Most of the apps are bundled with Google and Facebook Ads and are malicious they are filled with bloat and only aim to betray the user by mining their data.
I blogged in my previous article on #SurveillanceCapitalism.
The move was a good but biased step ahead, for the user’s privacy but the ban is partial and limited to few apps, particularly Chinese ones, and Big Brother apps like Facebook’s bundled App Manager in OnePlus and other major smartphone vendors and the GAFMA are not in the list.
SHAREit is bloat. After the ban, a whole lot of clones of SHAREit popped up, on the Play Store. Most of them do this, clone a FLOSS File Sharing app called TrebleShot
Reskin it, add ads and trackers and tell it’s made in India. They don’t tell their users that it’s a fork nor do they give any citation as to how to get the modified source code.
This Tweet explains the logic.
Don’t install the app on your smartphone just because it’s (#madeinindia)[https://twitter.com/hashtag/madeinindia]. If it’s developed by a for-profit privately run business, it should be analyzed in the same way we’d do with Google/Facebook/Microsoft etc. Support genuine Indian 🇮🇳 apps which also respect your privacy.
— spians (@spianslabs) (July 8, 2020)[https://nitter.net/spianslabs/status/1280760758700085248]
Which respect your privacy the forks are proprietary and violate the upstream project’s license - GPL 2.0, hence we can not audit and make sure they respect your privacy, especially the ones which bake in ads and analytics.
Attention for the wrong reason :(
Look this YouTube video
In an interview the developer of Dodo Drop, he claims he “took 4 weeks to build it by himself”, rather it’s a shameless clone. He probably read the original documentation from the TrebleShot developer himself and then added ads, violated the GPL 2.0 license and tagged it with the Made In India buzzword and published it to the Play Store.
Here are some other Popular forks or should I say, clones.
Most do the same thing, some cosmetic changes and not add any big features, although some acknowledge the original project and advertise the link, where the user can audit the respective source code.
- github.com/ashfaqmehmood/Dodo-Drop This developer forks the app, removed the license and uploads a zip with his modification of the source code.
/ This is their logic, read their Play Store app description- Indian ShareIt App is Made In India App. It is made for supporting Indian Prime Minister ’s आत्मनिर्भर भारत अभियान! /
These developers at least attribute back to the original project by linking it in the description distribute their changes and comply with GPL 2.0 with their modified source code.
These developers gives an attribution but does not advertise their modified source code.
- play.google.com/store/apps/details?id=com.sharekaro.sampra -play.google.com/store/apps/details?id=com.indishare.india
GPL? Watch this video
What can I as a user do?
In general, if you find a fork which violates GPL by not publishing the modified source code, email the app’s developer, rate and report the app in the Play Store, with a descriptive review. Inform your friends if they have downloaded the app before.
Read these points from the FSF.
how the license was violated: Is the copyright notice of the copyright holder included? Is the source code completely missing? Is there a written offer for source that’s incomplete in some way? This could happen if it provides a contact address or network URL that’s somehow incorrect. Is there a copy of the license included in the distribution? Is some of the source available, but not all? If so, what parts are missing?
As long as they don’t abuse the license, it’s all good. We should feel proud of the devs who give back to the community.
When using FLOSS ~ Free Libre Open Source Software software don’t mislead your users by not giving a clear attribution, users who would install it just because it’s forked by it’s Indian, when all the developer did was kang, obfuscate and republish the app violating the GPL license. It lowers the respect of the far fewer, but real Indian developers who actually put in time to contribute back to the project by distributing the source code.
If you are a developer who cloned TrebleShot and is reading this, you are to use the software under the terms of the license and release the source code, or consult velitasali.com/ the original developer for if you have any issues, my intent was just to inform people that most of these clones are not infact written from scratch and are just proprietary re skinned TrebleShot clones.