Your favorite Apple, iPhone, iPad, iOS, Jailbreak, and Cydia site.
iPhone Newsforums, a part of the
Concerns have been raised about Mac App Store security after a simple cut-and-paste workaround was found that defeats copy protection for some paid apps. While many pundits are blaming developers...
01-07-2011, 11:03 AM #1
"Massive Failure:" Mac App Store Titles Easily Pirated
Concerns have been raised about Mac App Store security after a simple cut-and-paste workaround was found that defeats copy protection for some paid apps. While many pundits are blaming developers for not following Apple's security guidelines, others are pointing out that the recommendations are complicated and incomplete.
Just hours after apps began appearing on the Mac App Store yesterday, news emerged that you could get around the copy protection on some apps by exchanging the receipt and signature files with ones from a free app. John Gruber of Daring Fireball said the vulnerability was due to poor programming, saying that "it appears that many apps don't perform any validation whatsoever," and urged Apple to "test for this in the review process, and reject paid apps that are susceptible to this simple technique."
However, developer Sean Christmann points out that the guidelines call for apps to validate receipts against plaintext data external to the binary itself, located in the Info.plist file. A much better approach, Christmann suggests, would be to validate against values hard-coded into the app. Christmann noted that the "pastebin" workaround not only allowed users to defeat the admittedly-lax security on Angry Birds, but also another paid app he had copied from a friend's computer, in what he called "a massive failure in the implementation of Apple's receipt system."
Jailbreaking and pirating are two very separate activities that are already too confused in the public's mind, which is why I'm not posting any details about the workaround here. Developers deserve to be paid for their hard work, which is the whole idea behind Cydia as a free market. With pirates gearing up to rip apps off the Mac App Store, developers need to be very cautious to protect their work from unauthorized copying. While following Apple's guidelines is an important first step, efforts can't stop there.
01-07-2011, 11:11 AM #2
Guess I should think twice before I build anything for the App store
01-07-2011, 11:24 AM #3
thats how i got Angry Birds on my Mac without paying 5 bucks
The Following User Says Thank You to name00 For This Useful Post:
01-07-2011, 11:28 AM #4
Mods warn us not to talk about piracy or we'll get banned, then the Staff Writers post this...
01-07-2011, 11:29 AM #5
01-07-2011, 11:53 AM #6
Who DIDNT see that coming?
01-07-2011, 11:55 AM #7
01-07-2011, 11:56 AM #8
01-07-2011, 12:14 PM #9
For a model like the App Store, devs should not be responsible for securing their apps; DRM and protection should be handled by Apple. What is that 30% going towards, anyway?
01-07-2011, 12:40 PM #10
Advertisement and transaction processing fees.
01-07-2011, 12:41 PM #11
- Join Date
- May 2010
- Thanked 3 Times in 1 Post
01-07-2011, 12:42 PM #12
this will happen regardless of the security implemented sooner or later. look at the trackers for the iphone, you can get any app for free and if you pay for them, a simple click will crack them and anyone can install them on their device. so it was a matter of time, although it was quite too easy this time
The Following User Says Thank You to dq13 For This Useful Post:
01-07-2011, 12:44 PM #13
Last edited by hollow0; 01-07-2011 at 12:44 PM. Reason: Automerged Doublepost
The Following User Says Thank You to hollow0 For This Useful Post:
01-07-2011, 12:48 PM #14
arrrrim a pirateEDM
01-07-2011, 12:50 PM #15
Why couldn't the App Store app check your installed apps against your Apple ID account purchases. Not saying you would need to be online to use apps, but even if there was a check once a week or something.Dunno how this would account for apps installed via disc or third party websites, but that also can come from the App Store
01-07-2011, 12:50 PM #16
Shouldn't this and the other article about the Mac app store be in the Mac news section instead of the iPhone news section? Or am I missing something?
01-07-2011, 12:56 PM #17
I have a paid app in the app store but chose not to add drm, if your going to pirate my app drm isn't going to stop you.
01-07-2011, 01:04 PM #18
I like apple stuff.
If you see the username "McMichael96" anywhere, it's probably me.
01-07-2011, 01:08 PM #19
Wonder how many people did this after reading this thread
01-07-2011, 01:09 PM #20
The Following User Says Thank You to feidhlim1986 For This Useful Post: