Slashdot Mirror

← Back to Stories (view on slashdot.org)

More Trouble In Apple's App Store

Posted by kdawson on from the phish-travel-in-squools dept.

quickOnTheUptake writes in to update the story of foul play in Apple's App Store, which we talked over on Sunday. The Next Web, which broke the story, now provides evidence of rampant App Farms used for theft in the store. Here is a summary of the problems TNW has seen, which includes large-scale break-ins of the App Store accounts of users worldwide. Apple has responded to the initial reports, has disabled the account of the initially fingered rogue developer, and has called on those whose accounts were misused to change their password and credit card. Both TNW and Engadget, at least, believe the problems go far deeper than Apple is admitting.

13 of 186 comments (clear)

  1. But they were approved! by Kohenkatz · · Score: 5, Insightful

    Wait, wasn't this the whole reason Apple wanted to approve apps - so they could keep the garbage out?!

    1. Re:But they were approved! by ergo98 · · Score: 5, Informative

      The important point is not that a rogue developer was able to get it, but that Apple was able to catch him, stop him, and let their users know about it quickly.

      Apple didn't catch him. The "apps" in question were absolute trash (along with the 300+ iFart apps), making a mockery of any illusions that it's a curated garden.

      However just to be clear, we already know that the Android market can do precisely the same thing, forcefully reaching out and removing rogue content. Instead of any ridiculous notions of curation, however, Android relies upon a permissions system that makes a user aware of the potential reach of any given application. It is far from perfect, yet despite some ignorant criticism directed at it recently it beats the hell out of anything on the iPhone.

      Not really sure why we're talking about the phones though. The exploit in this case didn't necessarily have much to do with the actual handsets themselves.

    2. Re:But they were approved! by ergo98 · · Score: 5, Insightful

      So a total of 48 apps out of 200,000+ were bad 'Apples', and suddenly the entire App store is a 'dismal failure'

      Still trying to figure out who you are quoting with the dismal failure bit. Or are you setting up a strawman, ready for the heroic striking down?

      However there are countless terrible, terrible apps in the App Store. There are countless terrible, terrible apps in the Android market. The difference is that one of these claims that they curate their market (comparing themselves to a fine museum) -- their founder openly saying that user privacy is why they curate their market -- and the other makes no such notion (but instead protects privacy by forcing apps to declare rights requests that users need to allow). I'll let you guess which is which.

  2. So much for app review by Mark19960 · · Score: 5, Insightful

    What happened there?
    They won't allow flash or 'widgety' apps yet allow apps that do noting but get the developer points.
    A developer with almost 5,000 apps?
    So much for that 200,000 apps in the apple store.... perhaps half are fake?

  3. Quick anecdote by Anonymous Coward · · Score: 5, Interesting

    I know someone who works in the fraud prevention business and they allege that iTunes purchases and credit card fraud are strongly correlated. Their story goes like this: an iTunes purchase is made for an unknown app, and within minutes a very high value (basically max-out) charge is placed on the same card. The catch is that the max-out charge is placed with an *actual* card (presumably a cloned card) and since it is incredibly unlikely that every case is fraud abuse (a made up 'theft' story by the cardholder) there is something that iTunes is either doing directly or indirectly that is enabling this activity.

    Now the question for the armchair detectives is: is the iTunes purchase the moment of the leak of the card info (through some sort of hacked app), or is the iTunes purchase a test mechanism for the already stolen card info? Not being a big Apple person I haven't spent much time buying from the App store; is it possible to buy an app for someone elses' device, or for a device that doesn't exist yet?

  4. Re:Steve Jobs = Emmanuel Goldstein? by Anonymous Coward · · Score: 5, Insightful

    Apple gets tons of coverage when they do something good, so they will likewise get tons of coverage when they do something bad.

    You can't have your cake (pervasive marketing and mindshare) and eat it too (bad stories swept under the rug).

  5. Re:"problems go far deeper than Apple is admitting by phonewebcam · · Score: 5, Funny

    Speaking of which, there's a demotivational poster for that.

  6. New Credit Cards? by fluch · · Score: 5, Interesting

    Wait, so they suggest customers to get new credit cards? Well, one thing I do not understand is this: the credit card information is with Apple, but I thought only Apple has access to this stored information. There should be no way for the bad guys to obtain my credit card information from there. If they have the credentials to my apple account they can make Apple charge my credit card without my authorisation. But in this case Apple would have to give me back this money as I did not authorise it etc. And as soon as I have changed my password ... the problem should stop (as long as they don't get my new password somehow)...

    Or what am I missing here?

  7. Re:Steve Jobs = Emmanuel Goldstein? by WankersRevenge · · Score: 5, Insightful

    I'm not complaining about slashdot reporting stories ... I'm saying that any Apple story - whether it be positive or negative - turns into people screaming their hatred for the company like it were a picture of Emmanuel Goldstein. In the ten years I've been visiting the site, I've seen this only happen to two companies: Microsoft and SCO.

    My point: Fuck apple ... I don't care about their rep ... it's this blind parroting that makes for a shitty discussion. If I wanted that ... I'd head over to Digg.

  8. Identity Theft by ShopMgr · · Score: 5, Funny

    Yeah, there is an app for that...

  9. Re:Approved apps? by billy8988 · · Score: 5, Insightful

    Nah...that's MS yardstick. If a rogue developer hijacks IE then it's a MS problem. If a rogue developer does something to Appstore then it is that damn rogue developer.

  10. Re:4568 apps? by Bing+Tsher+E · · Score: 5, Informative

    The apps from that 'developer' are things like 'xxx Quotes' where there are quotes collections for many many different people. And slider puzzles where there are many different pictures. And recipie books.

    Basically the kind of 'stuff' where the actual codebase is a small container re-released over and over and over with different content.

    That's part of the problem in general with the 'little Apps' model Apple has developed. There are separate 'Web Radio Players' for each radio station, leading to thousands of different radio 'apps.'

  11. Apple isn't arrogant? by copponex · · Score: 5, Informative

    Listen, when your marketing literally states that you are "changing the world" with your phone, and apparently you didn't properly engineer the antenna, your customers are going to complain bitterly. And then everyone who realizes that Apple is just Microsoft with better industrial designers and better marketing are going to laugh at the brand loyalists who got bitten again because Apple favors form over function.

    It's really not more complicated than that.