One of the first Android apps – the Barcode Scanner from ZXing Team, an app that precedes the first official release of Android itself – is currently being revised-bombed in the Google Play Store. Hundreds of users left 1-star reviews claiming that a recent update spooked unwanted ads, while nearly 200 more came to the app’s defense with their own 5-star reviews.
It’s not entirely clear what’s going on here, but the prevailing theory is that the 100 million download app goes wrong for another one with the same exact name – one that may have been a clone of the ZXing app and one that done add malware in a recent update, according to digital security firm MalwareBytes.
MalwareBytes seems to be aware of the confusion; it updated its post yesterday to make it extra clear that the bad barcode scanner app this is from a company called Lavabird. Google has removed the app from the Play Store, so it would not be surprising if angry users search for it and find the wrong one.
:format(webp):no_upscale()/cdn.vox-cdn.com/uploads/chorus_asset/file/22293183/barcode_scanner_reviews.jpg)
The sudden attention surprised the app’s creator, Sean Owen The edge that he is not worried about his reputation – simply because he ridiculously thinks the allegations are.
‘[T]his is such an old known app that I think anyone who is informed would guess that it can not be this app: it is an open source. It was not updated years ago. And there’s just no motive to make an app for 13 years to contain only malware at the end is an improbably long game, ‘he says. The Google Play Store shows that the app was last updated in February 2019.
But he also does not rule out the possibility that his code will be manipulated in some way, perhaps by hijacking the intent that Android uses to give one app tasks to another. “A lot of people claim that it ‘definitely’ is this app in a way I’ve never seen before – and I’ve read thousands of comments over the years – so, who knows?”
Owen says he and his co-author, Daniel Switken, now regret that they decided to make the app open source, because it has always been cloned by companies that try to make money quickly by adding ads or skins. “We’ve been pursuing some of the bigger ones for OSS licensing / trademark issues for some time, but it was less than ten out of the 100s I saw even years ago,” says Owen.
This is not the first time his app has been mistaken for a bad clone, he says. ‘At one point, a research article claimed that this information called personal information to a third-party website, and it caused another wave [of bad reviews], but of course the authors found that they confused two similar programs. ‘
I downloaded the OG Barcode Scanner app again today for the first time in many years. When I launched it, the app warned me that it ‘was built for an older version of Android and might not work properly’, and I found that it only works in landscape orientation. But I did not see any ads, it made sure the barcodes were scanned quickly, and I have yet to see any pop-ups or browser hijacking.
:format(webp):no_upscale()/cdn.vox-cdn.com/uploads/chorus_asset/file/22293137/barcode_scanner.jpg)
Currently, ZXing Team’s Barcode Scanner app has 4.0 stars with nearly 640,000 reviews. Google did not respond to requests for comment on how it would handle the negative reviews.