Russian Hacker Sidesteps Apple iOS In-App Purchases

An anonymous reader tips news that a Russian developer has posted a video showing how in-app purchases for some iOS software can be acquired without payment. The hack does't require the device to be jailbroken, and can be accomplished even by users who aren't technically proficient. The method involves three steps: "The installation of CA certificate, the installation of in-appstore.com certificate, and the changing of DNS record in Wi-Fi settings. After the quick process, users are presented with the message pictured above when installing in-app purchases, opposed to Apple’s usual purchase confirmation dialog." 9to5mac notes that this doesn't affect all apps, since some of them make use of Apple's method for validating receipts.

Re:Thanks Slashdot!

[chinton]

I thought the first rule would have been "if you don't want to pay for something it doesn't give you the right to take it".

I've got a hack for getting free jewelry. It involves a crowbar and the brittleness of the glass they use to make those display cases.

Re:Thanks Slashdot!

[nitio]

Not true. YMMV but consider that most likely what you bought is a license to run the software (not the software itself) therefore the software in question - and the data - are still owned by the company that sold you the license. Copyright and all that shit

Capcom goes a long way to this with DLC characters in their fighting game that are bundled with the disc but you have to pay to have that data already present unlocked. As sad as it is, it's not illegal for them to do that neither is legal for you to hack and make it available just because you have the data in a device you own.

You know what the best alternative is? Pay the extra or don't pay from the beginning. Simple as that.