A Nokia engineer working on Windows Phone 8 has posted details on how Microsoft's Windows Store approach to security can be bypassed to avoid paying for games and in-app purchases. The process involves things like injecting code into the purchase process, altering a few lines for security checks, and changing files associated with games. That’s probably more than the average user is prepared to handle, but it does highlight a potential threat to developers who have submitted their creations to the Windows Store.
Justin Angel, the engineer in question, points out that there’s a fundamental problem with Microsoft storing game data locally -- including encrypted files alongside the algorithm and algorithm key/hash for decryption. “If it’s stored locally, we can find it, read it and modify it,” he says.
Angel explains the process using a handful of games as case studies. In Soulcraft, for example, he was able to decrypt and edit XML files to gain 1,000,000 of gold for his first level character (worth over a thousand dollar on Android and iOS), while in Meteor Madness he was able to modify another file to turn the trial game into the full $1.5 version. There's also an example that ditches ads in Minesweeper and a workaround to unlock levels in Cut The Rope. Basically, if there’s a way for developers to make money, there’s a way to bypass it.
Angel says his findings are meant to be educational with the hope that “both developers and Microsoft can benefit from an open exchange of knowledge,” and that Nokia had nothing to do with the research. Justin Angel’s website is currently offline for some reason but the article is available through Google Cache.