Skip Links

Apple Mac App Store has piracy vulnerability

Apple Mac App Store: Shoddy receipt checking by apps may activate them for free

By , Network World
January 07, 2011 02:47 PM ET

Network World - Careless coding and a lax review process by Apple could make it pretty simple to steal certain select applications from the brand new Mac App Store that launched yesterday. 

BY THE NUMBERS: Apple: Mac App Store hit 1 million download mark in 24 hours

The problem is that if an application - so far it's just the Angry Birds puzzle video game - doesn't check whether the Mac App Store receipt data entered to activate it actually corresponds to that app, it will activate it anyway so long as it's a valid receipt for any application.

This is not a problem for applications that make the check properly. It could be avoided altogether if Apple's review process before approving applications for sale included verification that the check is done right, says blogger John Gruber in his Daring Fireball blog.

Apple actually recommends how to set up the receipt checks properly, but it is up to individual developers to follow through.

According to online instructions, in order to carry out the theft, a person has to first obtain a copy of the application somehow plus a valid Mac App Store receipt for anything. They then plug in the receipt data and if the application doesn't check that the receipt refers specifically to the application itself, the data will activate the app.

Apple hasn't issued a statement yet about the weakness.

Read more about wireless & mobile in Network World's Wireless & Mobile section.

Our Commenting Policies
Latest News
rssRss Feed
View more Latest News