Mac App Store Apps Already Hacked

Stoobalou writes "The Mac App Store has only been open for 24 hours but methods for circumventing Apple's DRM are already hitting the Web."

slightly better article

Hate to link to the reg but their article is actually a bit more detailed:
http://www.theregister.co.uk/2011/01/07/app_store_receipt_fail/
Note that this only works if developers ignored Apple's recommendations on validating receipts.

Re:Sweet

Not PC guys, windows users. Linux and BSD users are quite happy with their PCs.

This Is Completely Misleading

[pyite]

The Mac App Store wasn't hacked. Developers aren't properly checking licenses when the app is run, so of course using any arbitrary license file will work. Complete FUD.

Re:This Is Completely Misleading

[Stoobalou]

It doesn't say 'Mac App Store Hacked'... it says 'Mac App Store *APPS* Hacked', which is quite clear in my book.

Re:This Is Completely Misleading

[getNewNickName]

But it implies that all apps can be hacked, which is clearly misleading. Saying "Some Mac App Store Apps Already Hacked" would be more accurate, but much less sensational.

Re:This Is Completely Misleading

[stewbacca]

But the summary says Apple's DRM has been circumvented.

DRM isn't mentioned in the article, and it is clear from reading TFA that this has nothing to do with Apple's DRM scheme (that is not mentioned in the article), but a way to trick the Rovio app.

Complete waste-of-time non-issue FUD.

Details on how app devs can update their binaries

[seanalltogether]

Developers need to change their validation routine to better check that the receipt really belongs to them. http://www.craftymind.com/2011/01/06/mac-app-store-hacked-how-developers-can-better-protect-themselves/

Re:horrible title

[jo_ham]

If that is what's passing for hacking these days, oh how far we have fallen.

More accurate, but less sensational, would be "developers ignore security suggestion from Apple and are bitten by weak receipt checking". It's less catchy too, as a title.

Who is surprised?

[mitchell_pgh]

I don't think the goal of the App Store was to provide an impervious DRM store solution. We have known for years (and many vendors will tell you) that is an unrealistic expectation. Apple simply wants a revenue stream where people can easily purchase and install licensed versions of software. As a store, they should try to disrupt all illegal sharing to the best of their ability. Don't be surprised if the 1.1 version of all the software requires a license check. I'm of the opinion that they are going to use the same "we'll annoy them to death" method they have used for the iTunes store which has proven to be a good business model. Sure, you can usually find cracked free stuff, but you must be willing to hack your system or jump through hoops to make it work normally... but it's always one update away from not working.

The older I get, the less I like to jump.

Re:Sweet

[beelsebob]

Don't worry, the article just has an inflamatory headline. It's not not apple's security that's been broken, it's the security of apps that haven't followed apple's documented method of verifying that they're installed in a valid way.

It's all relative

[jwietelmann]

This headline is stellar by Slashdot standards. Count your blessings.

Re:Sweet

[steve_bryan]

Troll? Nah, uninformed and bombastic. If you knew what you were talking about you would know that this kerfuffle is about developers who did not bother to use the security measures provided by Apple. In the widely noted case Angry Birds just checked for a valid receipt without checking to see if it was a receipt for their app. It isn't just a matter of having an opinion, it helps to actually know something when you decide to comment.