+ Reply
Page 1 of 4 123 ... LastLast
Results 1 to 20 of 72

Your favorite Apple, iPhone, iPad, iOS, Jailbreak, and Cydia site.


Thread: "Massive Failure:" Mac App Store Titles Easily Pirated

is a discussion within the

iPhone News

forums, a part of the

General iPhone

section;
Concerns have been raised about Mac App Store security after a simple cut-and-paste workaround was found that defeats copy protection for some paid apps. While many pundits are blaming developers
...
  1. #1
    MMi Staff Writer Paul Daniel Ash's Avatar
    Join Date
    Aug 2009
    Location
    Union Square, Somerville, Mass.
    Posts
    919
    Thanks
    6
    Thanked 995 Times in 401 Posts

    Default "Massive Failure:" Mac App Store Titles Easily Pirated


    Concerns have been raised about Mac App Store security after a simple cut-and-paste workaround was found that defeats copy protection for some paid apps. While many pundits are blaming developers for not following Apple's security guidelines, others are pointing out that the recommendations are complicated and incomplete.

    Just hours after apps began appearing on the Mac App Store yesterday, news emerged that you could get around the copy protection on some apps by exchanging the receipt and signature files with ones from a free app. John Gruber of Daring Fireball said the vulnerability was due to poor programming, saying that "it appears that many apps don't perform any validation whatsoever," and urged Apple to "test for this in the review process, and reject paid apps that are susceptible to this simple technique."

    However, developer Sean Christmann points out that the guidelines call for apps to validate receipts against plaintext data external to the binary itself, located in the Info.plist file. A much better approach, Christmann suggests, would be to validate against values hard-coded into the app. Christmann noted that the "pastebin" workaround not only allowed users to defeat the admittedly-lax security on Angry Birds, but also another paid app he had copied from a friend's computer, in what he called "a massive failure in the implementation of Apple's receipt system."

    Jailbreaking and pirating are two very separate activities that are already too confused in the public's mind, which is why I'm not posting any details about the workaround here. Developers deserve to be paid for their hard work, which is the whole idea behind Cydia as a free market. With pirates gearing up to rip apps off the Mac App Store, developers need to be very cautious to protect their work from unauthorized copying. While following Apple's guidelines is an important first step, efforts can't stop there.

    Source: AppleInsider

  2. The Following 3 Users Say Thank You to Paul Daniel Ash For This Useful Post:

    CaryDude (01-07-2011), dsg (01-07-2011), PlatoTheForms (01-07-2011)

  3. #2
    iPhone? More like MyPhone
    Join Date
    Jun 2010
    Posts
    164
    Thanks
    17
    Thanked 12 Times in 10 Posts

    Guess I should think twice before I build anything for the App store

  4. #3
    Green Apple
    Join Date
    Apr 2008
    Posts
    47
    Thanks
    25
    Thanked 5 Times in 3 Posts

    thats how i got Angry Birds on my Mac without paying 5 bucks

  5. The Following User Says Thank You to name00 For This Useful Post:

    ufcsean (01-07-2011)

  6. #4
    Livin the iPhone Life
    Join Date
    Sep 2007
    Location
    Ireland
    Posts
    1,436
    Thanks
    41
    Thanked 185 Times in 145 Posts

    Mods warn us not to talk about piracy or we'll get banned, then the Staff Writers post this...

  7. The Following 2 Users Say Thank You to feidhlim1986 For This Useful Post:

    chrisw05 (01-07-2011), DRFP (01-10-2011)

  8. #5
    My iPhone is a Part of Me Rob2G's Avatar
    Join Date
    Oct 2007
    Location
    San Luis Obispo, CA
    Posts
    604
    Thanks
    138
    Thanked 145 Times in 75 Posts

    Quote Originally Posted by name00 View Post
    thats how i got Angry Birds on my Mac without paying 5 bucks
    I hope you get banned.

  9. The Following 4 Users Say Thank You to Rob2G For This Useful Post:

    bk4life (01-08-2011), h2a (01-07-2011), Nick Hesson (01-07-2011), novadam (01-08-2011)

  10. #6
    Livin the iPhone Life JedixJarf's Avatar
    Join Date
    Jun 2007
    Posts
    1,917
    Thanks
    30
    Thanked 129 Times in 102 Posts

    Who DIDNT see that coming?

  11. #7
    iPhone? More like MyPhone Daerid's Avatar
    Join Date
    Jul 2007
    Location
    Seattle, WA
    Posts
    290
    Thanks
    2
    Thanked 23 Times in 18 Posts

    Quote Originally Posted by Volerikan View Post
    Guess I should think twice before I build anything for the App store
    Or follow the guideline...

    Quote Originally Posted by name00 View Post
    thats how i got Angry Birds on my Mac without paying 5 bucks
    And you're proud of this that you want to announce it to the world? Sad...

  12. #8
    Moderator Admin Broomhead's Avatar
    Join Date
    Sep 2007
    Location
    Outside Chicago IL
    Posts
    17,154
    Thanks
    502
    Thanked 1,718 Times in 1,171 Posts

    Quote Originally Posted by feidhlim1986 View Post
    Mods warn us not to talk about piracy or we'll get banned, then the Staff Writers post this...
    we're on it

  13. #9
    Developer n00neimp0rtant's Avatar
    Join Date
    Feb 2008
    Location
    Pittsburgh, PA
    Posts
    1,341
    Thanks
    25
    Thanked 600 Times in 136 Posts

    For a model like the App Store, devs should not be responsible for securing their apps; DRM and protection should be handled by Apple. What is that 30% going towards, anyway?

  14. #10
    What's Jailbreak? bimmercub's Avatar
    Join Date
    Jun 2007
    Location
    Moore, OK
    Posts
    25
    Thanks
    5
    Thanked 1 Time in 1 Post
    Advertisement and transaction processing fees.

  15. #11
    What's Jailbreak? Jay Marcase's Avatar
    Join Date
    May 2010
    Posts
    28
    Thanks
    1
    Thanked 3 Times in 1 Post
    Quote Originally Posted by n00neimp0rtant View Post
    For a model like the App Store, devs should not be responsible for securing their apps; DRM and protection should be handled by Apple. What is that 30% going towards, anyway?
    Mmmm...maybe keeping the store runnin perhaps?

  16. #12
    iPhoneaholic
    Join Date
    Feb 2008
    Location
    Miami, FL
    Posts
    403
    Thanks
    2
    Thanked 47 Times in 29 Posts

    this will happen regardless of the security implemented sooner or later. look at the trackers for the iphone, you can get any app for free and if you pay for them, a simple click will crack them and anyone can install them on their device. so it was a matter of time, although it was quite too easy this time

  17. The Following User Says Thank You to dq13 For This Useful Post:

    Saved0ne (01-08-2011)

  18. #13
    My iPhone is a Part of Me hollow0's Avatar
    Join Date
    Jun 2008
    Location
    Tampa, FL
    Posts
    671
    Thanks
    49
    Thanked 49 Times in 39 Posts

    "cydia as a free market" should be corrected to "open". Not all is free and can confuse certain people that are not tech savvy with this type of information.

    Quote Originally Posted by n00neimp0rtant View Post
    For a model like the App Store, devs should not be responsible for securing their apps; DRM and protection should be handled by Apple. What is that 30% going towards, anyway?
    Probably hosting and paying their reviewers.
    Last edited by hollow0; 01-07-2011 at 11:44 AM. Reason: Automerged Doublepost

  19. The Following User Says Thank You to hollow0 For This Useful Post:

    szr (01-13-2011)

  20. #14
    Britney Spears of MMi Zeal's Avatar
    Join Date
    Mar 2008
    Location
    Miami, FL
    Posts
    3,664
    Thanks
    27
    Thanked 180 Times in 148 Posts

    arrrrim a pirate
    EDM

  21. #15
    Livin the iPhone Life
    Join Date
    Sep 2007
    Location
    Ireland
    Posts
    1,436
    Thanks
    41
    Thanked 185 Times in 145 Posts

    Why couldn't the App Store app check your installed apps against your Apple ID account purchases. Not saying you would need to be online to use apps, but even if there was a check once a week or something.Dunno how this would account for apps installed via disc or third party websites, but that also can come from the App Store

  22. #16
    Green Apple Browning151's Avatar
    Join Date
    Jan 2009
    Posts
    88
    Thanks
    3
    Thanked 6 Times in 5 Posts

    Shouldn't this and the other article about the Mac app store be in the Mac news section instead of the iPhone news section? Or am I missing something?

  23. #17
    What's Jailbreak? LordBrian's Avatar
    Join Date
    Feb 2008
    Posts
    8
    Thanks
    1
    Thanked 0 Times in 0 Posts

    I have a paid app in the app store but chose not to add drm, if your going to pirate my app drm isn't going to stop you.

  24. #18
    iPhone? More like MyPhone McMichael96's Avatar
    Join Date
    Nov 2009
    Location
    var/root
    Posts
    140
    Thanks
    6
    Thanked 10 Times in 8 Posts

    Quote Originally Posted by name00 View Post
    thats how i got Angry Birds on my Mac without paying 5 bucks
    Oh, So I guess the dev of Angry Birds just lost $5 because of you... So he(or she ) spent all that time making an AWESOME app just for you to pirate it?... Hmmm. I hope you become a dev one day and NEVER get paid for it because people pirate your apps...
    I like apple stuff.
    If you see the username "McMichael96" anywhere, it's probably me.

  25. #19
    Theme Creator Raptors's Avatar
    Join Date
    Mar 2009
    Posts
    2,441
    Thanks
    145
    Thanked 483 Times in 353 Posts

    Wonder how many people did this after reading this thread

  26. #20
    Livin the iPhone Life
    Join Date
    Sep 2007
    Location
    Ireland
    Posts
    1,436
    Thanks
    41
    Thanked 185 Times in 145 Posts

    Quote Originally Posted by LordBrian View Post
    I have a paid app in the app store but chose not to add drm, if your going to pirate my app drm isn't going to stop you.
    Very unfortunate but also very true. No amount of DRM is going to stop someone who doesn't want to pay for software.
    Hope your App sells well.

  27. The Following User Says Thank You to feidhlim1986 For This Useful Post:

    LordBrian (01-08-2011)

+ Reply
Page 1 of 4 123 ... LastLast
Posting Permissions
  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts