By: Arthur Cooper
Submitted: 2011-01-12 00:21:34 | Word Count: 664
Apple is facing what could be one of the first virtual store robberies only a day after the Mac App Store opened its doors.
The hackers, who call themselves “Hackulous” as a group, have discovered that if you copy and paste the receipt information from a free app to a paid app, you can get an app like the full version of Angry Birds for free.
[ advertisement ]
An Apple Insider report says there was receipt support for the update, but the App Store itself remained vulnerable to attacks when it was released.
Another report on a technology blog called Daring Fireball explained that the only apps that were vulnerable to this were the ones that didn’t follow Apple’s receipt validation advice, which – if true – would essentially take the blame away from Apple.
Additionally, “Hackulous” claims to have come up with a software called Kickback that will break the copy protection of all applications within the App Store. However, they are holding on to Kickback until more Apps are available to the public.
“We’re not going to release Kickback until well after the store’s been established. We don’t want to devalue applications and frustrate developers,” the group’s spokesman – calling himself “Dissident” – told the BBC.
Apple has yet to respond to this threat officially. Personally, I think developers would already be discouraged about such a threat. If the threat is valid, programmers will have to seriously think about whether it’s worth investing their efforts and finances into partnering with the Mac App Store.
Apple isn’t used to being threatened this way, and in fact is mostly immune to viruses and things of that nature. Mac users are fairly worry-free when it comes to being hacked or having their machines infected by some attacker’s bug. This attack on the App Store is a virtual first for the electronics giant – at least it’s the first time it’s been widely publicized.
Apple will need to respond quickly and firmly to keep its spotless reputation for zero tolerance when it comes to hackers and viruses. Ignoring the problem publicly isn’t the way to give users and potential merchandisers peace of mind.
My question is why didn’t “Hackulous” attack iTunes? iTunes already has a huge amount of apps, movies, TV shows, music and games available. Why announce that you have the ability to essentially invalidate Apple’s most recent creation, then wait to release it until “after the store’s been established?” That’s ridiculous. That’s like telling a bank you’re going to rob it, but not until it has more money in it. Any number of things could happen in a scenario like that, all of which don’t end in you getting money from the bank. By relinquishing the element of surprise, you’ve lost control of the situation. The bank, in this case Apple, would be smart to refortify their security, or transfer the information to another location. The hackers have pointed out a weakness without doing too much damage to Apple itself. If nothing else, they’ve done Apple a favor, and armed them with the ability to fight back before they incur too many losses. The question is how will Apple respond?
