Apple Fighting Back Against In App Purchase Hack, But Service Still Operational
Late last week, we reported on the launch of a new method to allow App Store users to bypass Apple's In App Purchase mechanism and receive additional content free of charge. At the time, we noted that use of the method involved theft of content from developers and exposed iOS device users to dangers as their account and device information was being routed to servers under the control of the Russian hacker running the service, but we felt that reporting on the issue to bring it to light was the responsible thing to do in order to alert developers to the issue and perhaps spur Apple into action.
The Next Web now follows up with a report outlining some of the steps Apple has been taking to combat the issue, including issuing a copyright claim to have the original video showing the hack in action pulled from YouTube.
Over the weekend, Apple began blocking the IP address of the server used by Russian hacker Alexey V. Borodin to authenticate purchases.The hacker, Alexey Borodin, remains committed to the service and has been working to skirt around the roadblocks being thrown up by Apple, in part by moving the service to a server in another country, but it is clear that Apple is working on the issue and addressing it through multiple routes in order to improve the security of In App Purchase content. For now, however, the service remains operational.
It followed this up with a takedown request on the original server, taking down third-party authentication with it, also issuing a copyright claim on the overview video Borodin used to document the circumvention method. PayPal also got involved, placing a block on the original donation account for violating its terms of service.
Top Rated Comments
(View all)
Leave it to Apple to take away someone's fun.... :rolleyes:
Leave it to hackers to steal from people who worked hard on their products :rolleyes:
Leave it to Apple to take away someone's fun.... :rolleyes:
You realise this isn't 'someone's fun' - it's theft, that affects developers income.
Any person with a jailbreak can get this same thing, without having to send your info through a rogue server. If you're non jailbroken and attempt this, you deserve any penalty that could be handed out. I know devs have a way of checking if you have legitimately purchased their app, same thing can apply. Or do like that FPS game did for PS3, pirates get an unkillable mob that just rages until you're dead.
If you ARE jailbroken and attempt this, you still deserve punishment. Stealing from developers’ hard work is what gives jailbreaking a bad name.
You mean like how people have been stealing from the app store for the past 4 years? :rolleyes:
It's like posting "The combination to the vault at your local bank is 32-16-50, but we recommend that you don't use this information. You could get caught"
Sure it's possible to rob a bank without the combination and its possible that you could get caught, but it's only encouraging a large audience of people to go rob that bank now.
If the thought of giving someone the credentials to your iTunes account (and all the power that entails) in order to save a buck doesn't deter you from pirating (again, over chump change), then you deserve all the ID theft coming your way.
Honestly, you're using an at least $200 device (iPod touch) in order to steal relatively pennies' worth of goods. Yay.
Borodin also notes that Apple has not contacted him over the issue.
Of course Apple would not contact _him_. They would be contacting the police where he lives.
Plus I feel some of these in-app purchases are way too expensive, If I pay for the app the most expensive in-app purchase should be 10 bucks. 99$ dollars for some in app money is ridiculous for that much one should get infinite money.
This is irrelevant. Just because you think something is too expensive, it doesn't give you the right to steal it. If you went to a store and the video game you wanted was too expensive, would you steal it? It's the same thing, only since apps are digital files people seem to think they can do whatever they want to get them. People try to justify it by saying that the developers are charging too much. That argument doesn't hold up.
[ Read All Comments ]
EverySteveJobsVideo (via The Loop) today released a never-before-seen video of Steve Jobs in 1994, while he was at NeXT, pondering his legacy in the personal computer field and whether he thought he...
Apple appears to be building LinkedIn integration into iOS 7, though the feature is not active in the beta of iOS 7 that was released to developers last week. It is said to look similar to the social...
Facebook has updated its iOS app to version 6.2, adding mobile support for status update icons. The icons, which were originally introduced to the desktop edition of Facebook in April, allow users to...
Apple has updated its enterprise iOS configuration tool, Apple Configurator. The Mac app, originally released last year, allows anyone to mass configure and deploy iPhone, iPad, and iPod touch...
Mountain Sheep's Bike Baron has been chosen as the Starbucks App of the Week, making it available for free for the first time ever for customers who have downloaded the Starbucks app.
...
Apple today released updated versions of Java 6 for OS X, bringing additional improvements to security, reliability, and compatibility. This is a standard update to Java 6, which is distributed by...
FiftyThree, the company that created popular iPad sketching app Paper, today announced that it received $15 million in funding for future projects, which will focus on both collaboration and...
Apple's Messages app for OS X has received a significant amount of criticism since its introduction last year as the evolution of iChat. The app has suffered from a number of issues including...
