If the methods are similar, however, the fix should be easy as well. In-app purchasing is much more common in iOS apps than it is in Mac App Store apps, but any of this kind of theft is bad for the ecosystem and bad for developers. The upcoming version of OS X, Read next: Email app creator Postbox buys a promoted tweet to attract Sparrow users. Sit back and let the hottest tech news come to you by the magic of electronic mail.
Prefer to get the news as it happens? The first, and perhaps most obvious response, is that Apple could make the IAP process more secure. This would relatively easy for the company to implement, and would fit well within the App Store distribution model, leaving the developers free to worry about writing more great apps for the iOS platform. Unfortunately, it would most likely require an iOS update to do so, which means that it would be a while before any Apple-provided solution could be made available to developers.
More immediately, the folks from Cupertino could try to better educate developers, helping them understand the limitations of IAPs and guiding them in implementing validation procedures that are both simple and secure.
And, finally, the public needs to be educated as well. Remember, this hack exposes the iTunes credentials of everyone who uses it, which means that the hacker now has access to the iTunes accounts of everyone who used his trick. Judging from its success, the hack seems to affect a large number of apps, which should, at least, serve as a wake-up call to both developers and Apple. On the one hand, developers can and should do a better job handling IAPs.
On the other, Apple could have largely prevented this problem, which threatens not only to leave it with a large contingent of unhappy developers, but also could have wide-ranging repercussions for users who are compromising the security of their devices for a purpose that is trivial in relation to the amount of damage that they could be doing to their data. Even if Apple shuts down this specific hacker, the proverbial cat is definitely out of the bag, and there is relatively little that prevents someone else from trying something similar, with possibly more nefarious intentions.
Still, Apple has a long history of doing the right thing, and it has gone to bat for developers in the past, as was the case with the Lodsys affair. Mobile Apps. Get the Apple Watch Series 3 at Walmart for the lowest prices ever. Evolves, in what way? If I refuse to acknowledge copyright violations as stealing, why am I bound by what others say? If language evolves to undermine the meaning of law, than the correct way of dealing with this reinterpretation of the word "steal" is to change the law accordingly.
As this has not been done, we should assume the law still implies the original meaning of the word "steal" is it applied when the law was created.
- Post navigation.
- Mac App Store Also Vulnerable To In-App Purchase Hack.
- Hacker Releases Tools for Bypassing Apple's In App Purchase Mechanism [Updated] - MacRumors.
Actually laws tend to explicitely define what they mean by words, so the whole point is moot. Ive read some comments on the pages in the links and they seem to say this is not Apples fault but the dev's fault for not using the "3 lines of code" to verify in app purchases. What I want to ask is why this is not the default behavior in iOS. Yeah, they've been distracted Anyone willing to bet that this issue is fixed in Mountain Lion just as it's been promised to be fixed in iOS 6?
In-App Purchase Hacker Strikes Again With Mac App Store Exploit
Apple has recommended all along that you verify receipts to make sure they're not fake. Some apps don't, and can be hacked. How surprising. Apple already explained to developers [macnn. Also, it's closed in iOS 6. With a few rare exceptions, most games with in-app purchases are designed so that your progress in the game is directly proportional to how much you're willing to spend. In several games, no amount of patience or skill will allow you to progress.
And in some games, progress itself is an illusion, with no obvious indication that your "missions" are being randomly generated and there is no way to ever "beat" the game. It's extremely shady on Apple's part to allow developers to label apps that require in-app purchases as "free". The way I see it, this is karma. I'm all for developers getting paid for their work. If they really want to nickel and dime you for every bell and whistle in the app or make you insert a coin each time you lose a life, that's their prerogative - but Apple needs to make it a lot clearer what you're downloading, since in-app-purchases mean "free" no longer means what it used to.
I see it as extremely shady by you not to mention that for every free app with IAP they are mentioned with the price. If you don't want to pay for them, don't download apps that have them. It's that easy. Unless you hate Apple. Quit your whining, kid! Back in my day we kept pumping more quarters into the machine no matter how many times the game cheated us and we liked it!
What the in-app purchase hack means for app makers
It is high time the App Store is split into 3'categories, with one for really free stuff. If you ask me, I'd even want 4, with one for really, really free stuff as in: No ads, either. At least let me, the customer, truthfully know what your business model is. I don't mind paying for software and regularly do. But I dislike the dishonesty in the pseudo-free sector. The ones that really piss me off are the gambling games. They have for now found a way to bypass gambling regulations, charging for chips and whatnot, while failing to actually reward the winners. A lot of these in-app purchases have an entirely client-side effect, such as changing how much in-game money you have.
- free download google input tools for mac.
- Apple Mac in-app purchases hacked; everything free like on iOS.
- Hacker exploits iOS flaw for free in-app purchases;
- mac lipstick matte russian red.
- excel 2008 for mac chart wizard.
- how to watch starcraft 2 replays mac.
- Hacker exploits iOS flaw for free in-app purchases | Macworld.
- Most popular.
As usual, if you control the hardware, you can do whatever you want. No need to mess with the purchase receipt system at all. It's totally Apple's fault that developers didn't use the provided security tools! Given that we're being so charitable, it's totally Linux's fault if you turn on SSH and set your root password as "password", right? Just checking.
Hacker Releases Tools for Bypassing Apple's In App Purchase Mechanism [Updated]
While Cupertino was distracted, Borodin came in and pulled off the same scheme on the Mac. This discussion has been archived. No new comments can be posted. More Login. Overreacting Score: 5 , Funny.
Have a cookie
Share twitter facebook linkedin. Re: Score: 2. Re: Score: 1. Re:Overreacting Score: 4 , Insightful. Parent Share twitter facebook linkedin. Re:Overreacting Score: 5 , Funny. Re: Score: 3. Sorry, but you are not taking the the time the coder spent. That resulted in a product that he can still sell even if you take for free. That is certainly not the case with the hooker. For her the time spent is gone. And when everyone says that, how does the coder make money? As soon as you can properly speak in English and use the correct terms to express your ideas we can discuss if infringing other people copyrights is so bad as you think.
On the other hand, as long as you keep using the wrong words to try and express your ideas you will be at most the target of jokes and contempt. The choice is yours, but keep in mind that being stubborn makes very little to help your cause. Re: Score: 3 , Insightful. Who said I was happy? I am decidedly unhappy about all of this.
You're doing it again too. Nobody stole anybody's else's work. Did not happen. Re: Score: 2 , Informative. He can't sell it if everyone just steals it. Just like the hooker. Re:Overreacting Score: 5 , Insightful. Reality says otherwise. GoG is selling games without DRM even if many people pirate them. A lot of indies have been successful selling games that have been pirated a LOT.
The term 'Theft' does not apply to IP by any law code of any country in the world.