Here at Ars, we’ve seen time and again how simple web and/or mobile games can be cloned or outright stolen by unscrupulous developers aiming to cash in on someone else’s game concept. But developer Josh Simmons was in a unique position to inflict a particularly rude punishment on websites that were directly stealing and monetizing his web game Sqword without permission.
Since its launch last year, Simmons says he has attracted a “steady group of daily active users” for Sqword, which involves placing letters sequentially in a 5×5 grid to make as many valid words as possible. But as noted on Simmons’ blog (and noticed by 404 Media), searching for Sqword also brings up several “game aggregator” sites that simply embed the game content from Sqword.com in an iFrame window, only now surrounded by annoying banner ads.
“This made me angrier than it should have—not because Sqword is a cash cow—we don’t run ads on the site and don’t make money from it, it’s just for fun—but because it was a passion project with friends, something pure and intentionally free to play WITHOUT ads,” Simmons writes. “It’s against my ethos as a developer, there are banners and popups everywhere. If I build an app, I believe it should either be free or it should be upfront about what the subscription or purchase price is (and then not upsell you). I couldn’t abide seeing my code monetized in this way.”
Instead of taking the “mature and responsible” route of simply blocking these external sites from using his code, Simmons says that he inserted a stealth attack in the Sqword code. Now, if the site detects it’s being loaded in an iFrame, it will display Goatse, the decades-old shock meme that has somehow evolved into an email service. The NSFW image served by Sqword also comes along with a self-incriminating message for visitors to the aggregator site: “I steal other people’s code because I’m a total hack.”
As of press time, we found at least a couple of aggregator sites that apparently haven’t noticed their stolen word game has been replaced with one of the rudest images on the Internet. Many other sites apparently have noticed the change and have simply shifted to embed the (equally stolen) Pokémon-themed Sqwordle on pages that were showing the shock image just days before.
Simmons uses this case as a cautionary tale, not just for game thieves but for any web developer that hosts external content on their site. “If you are using an iFrame to display a site that isn’t yours, even for legitimate purposes, you have no control over that content—it can change at any time,” Simmons warns. “One day instead of looking into an iFrame, you might be looking at an entirely different kind of portal.”
More than that, though, we think Simmons has opened up a completely new front in the never-ending war against plagiarists that look to profit off of the work of others. We can only hope this leads to a popular crusade where web-game developers put trollish content bombs into their sites as a matter of course, turning these aggregator sites into minefields of ironic punishments for their unscrupulous ways.