Brainstorm on how google connects accounts

Google got all 5 of my accounts today, they all went down at almost exactly the same time. Very sad, might be time to look for a real job.

So how did they connect them? I always cleared cookies and browser data and signed in from a different ip address for each account. Maybe once or twice I messed this up and accidentally didnt clear cookies. But I don’t think I messed up for all the accounts. So I’m thinking this isn’t the issue.

Is it common code within the apps? All the apps were all very similar (lots of wallpapers, etc). Would using proguard be a solution to this problem? I havent used it before but im thinking it might not help because some common data would still exist like my startapp developer ID.

My last idea is my app deascriptions used across the accounts were similar. For example I had a disclaimer about the wallpapers saying I believed the images were fair use, etc. They were basically identical across the accounts.

This is all I can think of. What is most likely used to connect them? Can you think of any other reasons? I’m going to give it ONE more shot being very careful and I want to do it right.

Yikes! What was the reason? Copyright infringement?

Yah. The thing that bothers me is I don’t think all my accounts were guilty of it but they took them all even though it was probably just a few apps.

ok, sorry to hear about your loss but this is a great topic to discuss these issues, my first thought is did you use the same eclipse to build all your apps? same machine?

Well I built from command line using the same commands on the same machine. Could this be it? What common info would be included? My laptops serial number? Seems like a lot of people would be using the same versions of build tools.

My biggest worry is the ad network developer ID in the manifest. I can’t think of any way to mask this.

I wouldn’t worry about he developer id in the manifest, my opinion is eclipse or your keystore generator logs your machine id, anyone else want to chime in here, there is no way they would shut down your account for a particular description trend, images or anything like that or we would hear of other people’s account erroneously being closed. This is very specific to either your machine, ip address or some other targeting location device that Google uses.

Startapp support also said they have never heard of anyone being banned based on their developer ID so that gives me some relief.

I hadn’t considered the the machine specific thing but it does make sense and the key generation does seem like an obvious suspect.

I’m not super concerned about IP address because some place like universities will have thousands of google users and potentially 10’s or hundreds of developers logging in from the same IP. Also a lot of people use VPNs that all go to the same or a very similar ip address. I don’t think they could ban indiscriminately based on IP but maybe it is something they consider as part of a larger equation.

One thing thats strange is my first big banning was about 2 weeks ago, I lost 4 accounts for Intellectual property violations but the remaining 5 were untouched. Now with today’s banning they didn’t give a specific reason but said it was due to prior violations on this or other accounts. So its strange it took them 2 weeks to connect all of them. The original 4 that they took down were created and accessed strictly through a VPN in las vegas but from different IP addresses (all las vegas). The ones that went down today ( 2 weeks later) were pretty much accessed from vpn’s all over the place.

definitely part of their larger equation, listen, this reddit bad apps site looks like something Google pays very close attention to, these apps were taken down in one
day which is very fast:

Fake/Ripped Blackberry Messenger, Pou, Subway Surfers, Viber : BadApps

I would be highly concerned about any of your apps that may have Mobario as there is some movement on reddit as mentioned in the other thread and several Mobario Apps have been reported. I wouldn’t be too concerned as of right now as Google may or may not remove those apps, I would be more concerned about a pingjam repeat.

New extremely intrusive ad network - Mobario : BadApps

I try to be really safe about the ad network thing (startapp only). Theres no way I will ever use mobario. I consider my apps to be pretty legit and realistically theres not a lot of reason they should be banned, ive been working on getting rid of any IP violations I may have. It really sucks to lose these accounts.

I wonder where I can find more info about any machine specific info that may go into the final apk through keytool or anything else. All I can think of that I’m obviously doing wrong is using the same key name, alias, developer name, country, city, state, etc. This is easy to change but if its something else i dont know what to do.

  1. Which ad networks did you use?
  2. Did you use the same key for signing your multiple apps?
  3. Were the accounts having same set of apps contents wise (same as in ditto)?
  4. You didn’t try using the accounts from different devices like some old desktop/laptop so that mac address thing doesn’t come into picture (I am not sure if setting up a VM solves this concern)?

The best way to figure this out is to have someone who has successfully created new accounts that are safe for a long time and compare what they did/do to what you did/do and eliminate your suspicions 1 by 1.

Now let´s find someone to unleash the secret. Even if there was a person here, he wouldn´t tell I guess.

+1 this topic, this is crucial for people like us.

From what I’ve read from people who were caught with new accounts after a banning, I noticed the only 3 things NOT done is:

  1. Use a new/different pc for dev.
  2. Use a new router.
  3. Use a new device for testing.

About your device/phone used for testing:

We know for a fact that it is linked to your dev account, both by email and by device id. Google always knows when an app is installed and uninstalled. So they CAN monitor every device linked to a banned account for which apps are newly installed and look at those app dev accounts. Do they actually do this? No idea.

This point is new in this regard, never discussed here before but it could be valid
Oh my , where is Google taking us to,
So if I have done some Copyrights infringements in the past and now wants to develop some legit apps , for how long will google ban me , its insane

Guys, I don’t think there is an exact formula how this works. I guess at least 50% is just about pure luck. I had several accounts opened from my computer and even with the same credit card, they didn’t banned me instantly(they could’ve, right?) , they banned me after a while(1-2 months) because I kinda deserved it(but not every time). Now I have 2 accounts and trying to play by the rules.

But buying a new pc, a new testing device, new router - this is INSANE. You will spend a few hundreds of dollars and hours of work, and this will never guarantee you that you will not be banned.

Finding “holes” in Google’s system isn’t gonna work for too long, they’re smarter than us. Just try to play safe as possible, don’t work with shady networks, don’t spam the market and try to offer something valuable to the users. I think this is another 30% of how to not get banned, but still in my opinion LUCK is a major must have :smiley:

So…pray for yourself and your apps :smiley:

Yes, especially if you have a brand new $2000 computer and 4 testing devices like moi.

btw, having several GP accounts is not illegal. Lots of people do.

I just wish I could email google and tell them im ready to go legit and use my main email address with my apps. They dont respond.

How about a group of developers take out an ad in a Palo Alto newspaper - or perhaps Stanford one - where they say (only way seems to be to mount a PR campaign to shame Google - and by implicitly implying that Google is tracking people FOREVER):

Sorry Google
We are prepared to mend our ways.
We have made copyright infringing apps in the past.
But we are prepared to go legit.

When will you forgive us.
When will you stop tracking us.
We have changed our computers, our IP address, our credit cards. Yet you still ban us ?

How are you able to do such complex identity tracking ?

We think of you as our Big Brother (aka 1984). What do you think of us ?

  1. Never self rating your apps from your phone if this phone use before already banned dev acc ( google account ).
  2. Not self download from GP your application
  3. Use only firefox without any google installed plugins. For search better use duckduckgo.com ( Biggest enemy of google )and they search results much better for now.
  4. Change your MAC with SMAC software every time. If you can change your dsl modem MAC- change it too.
  5. Better connect from 3g wifi point. Save used ip from this 3g point for each account and never use same ip for another account.
  6. Create new adv account with new ID.
  7. Before entrance to account check your proxy ip with black list database.
    GOOD LUCK !