Gamasutra: The Art & Business of Making Gamesspacer
View All     RSS
October 22, 2014
arrowPress Releases
October 22, 2014
PR Newswire
View All





If you enjoy reading this site, you might also want to check out these UBM Tech sites:


Apple fixes iOS hack, but now Mac App Store targeted
Apple fixes iOS hack, but now Mac App Store targeted
July 23, 2012 | By Eric Caoili

July 23, 2012 | By Eric Caoili
Comments
    Post A Comment
More: Console/PC, Smartphone/Tablet, Business/Marketing



Apple has issued a temporary fix for the hack that allows users to download premium content in iOS games and applications for free, but the culprit behind the exploit is now turning his attention to the Mac App Store.

Detailed by Russian hacker Alexey Borodin two weeks ago, the vulnerability affects developers that validated in-app purchases by connecting to the App Store server. Apple attempted to block the service that made the hack possible, but Borodin moved it to another server, and has so far processed tens of thousands of illicit downloads.

Apple has offered a fix for affected game makers by publishing a "best practices" guide that outlines how they can patch the vulnerability in their titles using a private API -- one of the few times the company has actually encouraged developers to use a private API.

This fix, though, is a temporary measure that developers will have to implement themselves. Apple says it will not be able to patch this exploit completely until it puts out the next operating system update for its smartphones and tablets, iOS 6, which is expected to release this fall.

Borodin has conceded defeat, at least when it comes to working around security measures for iOS app purchases: "[The] game is over. Currently we have no way to bypass updated APIs. It's good news for everyone; we have updated security in iOS, developers have their air-money."

However, the hacker unveiled a similar exploit on Friday that circumvents in-app purchase fees on the Mac App Store. Apple has not yet addressed that vulnerability, and Borodin implies that he will have more workarounds ready if the company releases a fix.


Related Jobs

Nexon America, Inc.
Nexon America, Inc. — El Segundo, California, United States
[10.22.14]

Localization Coordinator
Petroglyph Games
Petroglyph Games — Las Vegas, Nevada, United States
[10.22.14]

Producer
DeNA Studios Canada
DeNA Studios Canada — Vancouver, British Columbia, Canada
[10.22.14]

Analytical Game Designer
Xsolla
Xsolla — Sherman Oaks, California, United States
[10.22.14]

Senior Business Development Manager










Comments



none
 
Comment: