Slashdot Mirror

← Back to Stories (view on slashdot.org)

Mac App Store Apps Already Hacked

Posted by CmdrTaco on from the that-didn't-take-long dept.

Stoobalou writes "The Mac App Store has only been open for 24 hours but methods for circumventing Apple's DRM are already hitting the Web."

27 of 148 comments (clear)

  1. slightly better article by Anonymous Coward · · Score: 5, Interesting

    Hate to link to the reg but their article is actually a bit more detailed:
    http://www.theregister.co.uk/2011/01/07/app_store_receipt_fail/
    Note that this only works if developers ignored Apple's recommendations on validating receipts.

  2. Re:Sweet by Anonymous Coward · · Score: 5, Insightful

    Not PC guys, windows users. Linux and BSD users are quite happy with their PCs.

  3. This Is Completely Misleading by pyite · · Score: 4, Informative

    The Mac App Store wasn't hacked. Developers aren't properly checking licenses when the app is run, so of course using any arbitrary license file will work. Complete FUD.

    --

    "Nature doesn't care how smart you are. You can still be wrong." - Richard Feynman

    1. Re:This Is Completely Misleading by Stoobalou · · Score: 4, Informative

      It doesn't say 'Mac App Store Hacked'... it says 'Mac App Store *APPS* Hacked', which is quite clear in my book.

    2. Re:This Is Completely Misleading by getNewNickName · · Score: 4, Interesting

      But it implies that all apps can be hacked, which is clearly misleading. Saying "Some Mac App Store Apps Already Hacked" would be more accurate, but much less sensational.

    3. Re:This Is Completely Misleading by pyite · · Score: 2

      It doesn't say 'Mac App Store Hacked'... it says 'Mac App Store *APPS* Hacked', which is quite clear in my book.

      They're not even hacked! Since when does not implementing something count as being hacked?

      --

      "Nature doesn't care how smart you are. You can still be wrong." - Richard Feynman

    4. Re:This Is Completely Misleading by stewbacca · · Score: 4, Informative

      But the summary says Apple's DRM has been circumvented.

      DRM isn't mentioned in the article, and it is clear from reading TFA that this has nothing to do with Apple's DRM scheme (that is not mentioned in the article), but a way to trick the Rovio app.

      Complete waste-of-time non-issue FUD.

  4. Details on how app devs can update their binaries by seanalltogether · · Score: 4, Informative

    Developers need to change their validation routine to better check that the receipt really belongs to them. http://www.craftymind.com/2011/01/06/mac-app-store-hacked-how-developers-can-better-protect-themselves/

  5. Fix for mac developers by Rikiji7 · · Score: 2

    This article is more suited to the slashdot crowd: http://www.craftymind.com/2011/01/06/mac-app-store-hacked-how-developers-can-better-protect-themselves/

    --
    slashwhat?
  6. BSD? PC? by mschaffer · · Score: 3, Informative

    Well, The Mac is just an expensive PCs and OS X is based on BSD. So, what's your point?

  7. horrible title by I8TheWorm · · Score: 3, Informative

    Did the poster read the article? Angry Birds can be copied freely by switching out a file used for Twitter because Angry Birds didn't use Apple's recommended security.

    I love to take jabs at Apple and the Cult of Steve, but this is a completely inappropriately titled article.

    --
    Saying Android is a family of phones is akin to saying Linux is a family of PCs.
    1. Re:horrible title by jo_ham · · Score: 4, Insightful

      If that is what's passing for hacking these days, oh how far we have fallen.

      More accurate, but less sensational, would be "developers ignore security suggestion from Apple and are bitten by weak receipt checking". It's less catchy too, as a title.

    2. Re:horrible title by jedidiah · · Score: 2

      It's entirely possible that the revelant developers simply don't care that much.

      DRM is an end user annoyance that ultimately doesn't stop piracy. Perhaps someone decided it would be good to be less annoying.

      Or perhaps they just aren't that fixated.

      --
      A Pirate and a Puritan look the same on a balance sheet.
    3. Re:horrible title by larry+bagina · · Score: 2

      The Mac App Store provides recipts/DRM, but there is no automatic checking. The developer needs to add a couple lines of code to check that 1. the receipt exists and 2. it's my receipt. Both steps are optional (yes, you can distribute DRM-free apps) so if they didn't care, they wouldn't do either. They did step 1 which looks a lot more like a bug or misreading of the DRM validation guidelines.

      --
      Do you even lift?

      These aren't the 'roids you're looking for.

    4. Re:horrible title by jo_ham · · Score: 3, Interesting

      Steam works this way too. Any store with a centralised system that handles the user accounts and requires third parties to access them if they want to have a serial number. The store happens to work that way, and selling an app through it doesn't necessarily require a licence check (eg, free apps) but if you want to sell your app, the method for linking a licence key to an iTunes account is documented.

  8. Who is surprised? by mitchell_pgh · · Score: 4, Interesting

    I don't think the goal of the App Store was to provide an impervious DRM store solution. We have known for years (and many vendors will tell you) that is an unrealistic expectation. Apple simply wants a revenue stream where people can easily purchase and install licensed versions of software. As a store, they should try to disrupt all illegal sharing to the best of their ability. Don't be surprised if the 1.1 version of all the software requires a license check. I'm of the opinion that they are going to use the same "we'll annoy them to death" method they have used for the iTunes store which has proven to be a good business model. Sure, you can usually find cracked free stuff, but you must be willing to hack your system or jump through hoops to make it work normally... but it's always one update away from not working.

    The older I get, the less I like to jump.

  9. Re:Sweet by beelsebob · · Score: 4, Informative

    Don't worry, the article just has an inflamatory headline. It's not not apple's security that's been broken, it's the security of apps that haven't followed apple's documented method of verifying that they're installed in a valid way.

  10. Re:Movies by E+IS+mC(Square) · · Score: 2

    Only clueless moron would buy ANYTHING from itunes. The fresh fruit is free (of the hardware and software), the rotten fruit is to bind yourself to one manufacturer.

  11. It's all relative by jwietelmann · · Score: 4, Funny

    This headline is stellar by Slashdot standards. Count your blessings.

    1. Re:It's all relative by getNewNickName · · Score: 2

      I come to Slashdot to debunk sensational headlines. I value any comments that bring clarity to the issue, not those that just parrot the sensationalism.

  12. Re:Sweet by Goaway · · Score: 2

    Providing a service to sell applications and games in a convenient way?

  13. Re:Sweet by Anonymous Coward · · Score: 2, Funny

    Exactly, Apple does not make 'personal' computers. The machines are actually owned by Steve Jobs for all eternity, along with your soul if you ever decide to buy one. :P

  14. Re:Sweet by MightyYar · · Score: 2

    ...because Apple doesn't make personal computers?

    Blame Apple marketing... "I'm a PC"

    --
    W..w..W - Willy Waterloo washes Warren Wiggins who is washing Waldo Woo.
  15. Re:Sweet by Anonymous Coward · · Score: 2, Funny

    I thought we called them boxen to prevent the spread of virii

  16. Re:Sweet by N0Man74 · · Score: 2

    Pfft, you use Personal Computers?

    I prefer impersonal computers. My computer won't allow me to even use my name as a logon. I have to use user names like "Guy" or "Bloke", and themes are disabled.

  17. Re:Sweet by steve_bryan · · Score: 4, Informative

    Troll? Nah, uninformed and bombastic. If you knew what you were talking about you would know that this kerfuffle is about developers who did not bother to use the security measures provided by Apple. In the widely noted case Angry Birds just checked for a valid receipt without checking to see if it was a receipt for their app. It isn't just a matter of having an opinion, it helps to actually know something when you decide to comment.

  18. Re:Apps Don't Use DRM - Everyone Panic! by Swift2001 · · Score: 2

    The became pro-DRM when Apple dropped it, of course.