• Your favorite

    Apple

    ,

    iPhone

    ,

    iPad

    ,

    iOS

    ,
    Jailbreak
    , and
    Cydia
    site.
  • Russian Hacker Figures Out Way to Obtain In-App Purchases for Free



    A Russian hacker has successfully figured out a method to obtain in-app purchases from iOS apps for free.

    The “in-app proxy” method is simple, doesn’t require a jailbreak, and allows users to install in-app content for free. The hack works on all iOS devices 3.0-6.0. We do not condone the stealing of content in any form, and this story, like the 9to5Mac piece, is being written to alert the developer community. The hack is already gaining massive amounts of traction, and hopefully a fix is released soon.

    The three-step process involves installing a CA certificate, installing an in-appstore.com certificate, and changing the DNS record.hacker. Once the user completes the process they are met with the message pictured above instead of Apple’s purchase confirmation.

    A great deal of information is also processed through the developers servers as part of the process including:


    • Restriction level of app
    • ID of app
    • ID of version
    • GUID of your idevice
    • Quantity of in-app purchase
    • Offer name of in-app purchase
    • Language you are using
    • Identifier of application
    • Version of application
    • Your locale



    We do not recommend anyone use this process, and we will not provide information on the specifics of the hack. Developers, Apple, fix this. Now.


    Source: 9to5Mac
    This article was originally published in forum thread: Russian Hacker Figures Out Way to Obtain In-App Purchases for Free started by Phillip Swanson View original post
    Comments 185 Comments
    1. uri8472's Avatar
      uri8472 -
      Quote Originally Posted by confucious View Post
      Not sure what dictionary you use but the second definition of piracy in the Oxford English Dictionary is "The unauthorised or reproduction of another's work"
      Indeed, it does say that, but this is a recent change after the usage began being applied in this manner; it is not what the term has always referred to prior.
    1. confucious's Avatar
      confucious -
      Prior to what? The OED is updated to reflect what words actually mean in real usage. Piracy is piracy.
    1. uri8472's Avatar
      uri8472 -
      Quote Originally Posted by confucious View Post
      Prior to what? The OED is updated to reflect what words actually mean in real usage. Piracy is piracy.
      Yes, in modern usage it is commonly used to refer to copyright, and thus that second definition is a reflection on that. Fair enough. At the same time, however, you cannot just ignore the caveat in basing a definition on common usage when the term in question has little baring on the original definition, effectively making it a (political) slag. And if that is true, that it is not in and of it self a valid source for a definition, but exists, as you put it, to reflect how it's used in common speech. Therefore, it doesn't mean that such an application is ultimately correct, but an illustration of how a random term can be borrowed for alternate purposes (in this case, to invent a taboo; the term "copyright infringement" by itself is a lot less likely to instill fear and deter in the realms of the online.)
    1. mmaboi21's Avatar
      mmaboi21 -
      Please don't resurrect this thread...
    1. Sk37cH's Avatar
      Sk37cH -
      DJ Shadow has tried a different approach. He's teamed up with a BitTorrent client that routes you through an add before you get the magnet link. He receives a portion of the funds generated by the adds. Piracy is wrong, and destructive no matter how you look at it. But it's about time anti piracy acts started a different approach. Im starting to see more and more innovative approaches to combating piracy. Demonoid was hit with an ongoing DOS attack, and it was at a time when the site admin had added life stresses, and it seemed to have pushed him over the edge. What about all the bot comments on legitimate torrents from reputable UL's, that say "password protected RAR, don't DL" and similar. These files aren't even rars, and work fine. Seems like some anti piracy group is trying to put doubts in people's minds, I mean it worked for about 2 mins on me, before I realized it was on every show time torrent on the site.