AppleInsider StaffApple has battled piracy for years on the iOS App Store, trying to stay one step ahead of hackers. With the opening of the Mac App Store on Thursday morning, Apple has yet another digital storefront to protect.
On the day of the store's launch, reports emerged that a simple cut-and-paste workaround had been discovered that illegally 'cracks' some paid apps. Crackers apparently found that replacing the receipt and signature files in some paid app packages, which can be downloaded from third-party sites, with the receipt from a free app allows the app to run in some cases.
According to John Gruber of Daring Fireball, the vulnerability exists only in apps that don't follow Apple's app validation advice. For example, some apps check only for a valid receipt, without checking whether the receipt matches the app's bundle ID.
Beyond the simple file replacement crack, some hackers claim to have cracked Apple's security for the Mac App Store, according to Gizmodo. In late December, one hacker known as Dissident announced that the crack, named KickBack, would not be released "until well after the store's been established" in an effort to 'protect' developers. "When we feel that [the Mac App Store] has a lot of crap in it, we'll probably release Kickback," said Dissident.
Though developers reported support for Mac App Store receipts in early builds of Mac OS X 10.6.6, there's no evidence that the Mac App Store was broadly or externally tested by Apple.
Some early adopters reported being unable to download and install apps Thursday shortly after the Mac App Store went live. A number of users have also complained about the quality of the apps available on the store, with one user going so far as to start a parody site that criticizes apps with awkward user interfaces.
For more details on the Mac App Store, see the AppleInsider feature:
First look: Apple's Mac App Store simplifies buying, updating software
-m.jpg)
Charles Martin
Malcolm Owen
William Gallagher
48 Comments
while i don't think it has much to do with the app store (bad interfaces have been around for a while), there are some atrocious examples on the site referenced in the article:
http://readthefuckinghig.tumblr.com/
Yes following directions will help..... in this case from getting your app pirated.
"A number of users have also complained about the quality of the apps?
I wonder what that number is, vs. the number who are happy with their purchases?
According to John Gruber of Daring Fireball, the vulnerability exists only in apps that don't follow Apple's app validation advice. For example, some apps check only for a valid receipt, without checking whether the receipt matches the app's bundle ID.
That's the developer's fault. Case closed.
That's bad karma for taking down the Wikileaks app and you can expect more from where that bad karma came from. Expect more software leaks.