Sign up for a new account or log in here:
also @ TechSpot: Microsoft Surface RT drops to $199... for schools and colleges
Microsoft says a crack which allows hackers to download paid-for Windows Store apps without spending a dime is the fault of insecure app code and not a Windows Store issue. Redmond is essentially placing the onus of protecting apps against this particular type of exploit is on developers.
In October, intrepid codesmiths discovered a way to transmogrify trial apps into their full-fledged, paid-for counterparts. The crack, which is also open source, exploits in-app purchase mechanics -- which rely on local Windows system files -- to unlock the full version of many trial apps.
Any successful software distribution channel faces the challenge of being targeted by people wishing to circumvent the system for ill-gotten gains and we're committed to ongoing protection of both customer and developer interests. Just as they have with other platforms, hackers are proposing ways to compromise the integrity of apps, which can have lots of negative consequences to the system and the customer experience.
Source: engadget.com, Microsoft spokesperson
Incidentally, other app markets have suffered from similar issues, like Apple's Mac App Store and its iOS counterpart.
Just yesterday, we mentioned a Nokia engineer who who talked about the inherent issues responsible for piracy on the Windows Store. The crux of the matter, according to Justin Angel, is that the Windows Store allows important app data to be stored locally on the device instead of securely hosted on a remote server. Any locally stored data can easily be accessed and modified, making app hacking and cracking an always-possible affair.
When Apple suffered its own similar issues, it gave this advice to developers: follow the App Store's recommended security guidelines. Unsurprisingly, this is precisely the same recommendation prescribed by Microsoft, who thoroughly details this issue on its MSDN blog. According to the software maker, developers who make use of digital receipt verification and secure otherwise sensitive content on a remote server instead of locally inside the app, shouldn't be susceptible to these kinds of hacks.
Related Products from Product Finder
Acer Aspire S7-391
The Acer Aspire S7-391 features a 13.3" 1920x1080 LED backlit multi-touch display with Intel HD Graphics 4000, it its powered by an Intel Core i7-3517U (1.9 - 3.0GHz) and 4GB of DDR3 RAM, it packs 256GB SSD and a SD/MMC card reader. Last but not least, the S7 includes 2 USB 3.0 ports and HDMI.
HTC Windows Phone 8X
Read expert reviews, pros & cons, and product information about HTC Windows Phone 8X. There are 10 reviews available so far.
9 Reviews
Price: $49.99
AT&T Lumia 900
The Nokia Lumia 900 is 11.4mm thickness and weight 159g, in the front you can find the 4.3-inch ClearBlack AMOLED display and in the back the 8 megapixel camera and its LED flash. Since there are no seams or doors there is no way to access the 1830mAh battery or increase the phone's 16GB internal storage with a microSD card.
Microsoft Surface
The Microsoft Surface features a 10.6-inch Gorilla Glass display and a vapor-deposited magnesium chassis, the Surface runs a Core i5 Ivy Bridge processor and the latter packing an ARM-based Nvidia chip. The Touch Cover measures 3mm thick and has a multitouch keyboard as well as a trackpad, with a Touch Cover, the Surface measures just shy of half an inch.
User Comments: 4
Got something to say? Post a comment-
1 person liked this |psycros said:
Yeah, store all that licensing data in the cloud. And when Joe User doesn't have a connection, his apps won't work. That should be popular while traveling. Here's a thought: verify licensing each time the app gets updated. Mobile users aren't nearly as likely to go chasing after every new crack, and if they do then guess what? It just proves that the cloud is even more overrated than we thought it was.
-
Here's a thought: verify licensing each time the app gets updated.
Sorry, but Apple has a patent on that.
-
This kind of issue is purely POOR software architecture (aka BAD design). If it's only associated with the Cloud - - hee hee hee - - you get what you pay for; another reason to not jump on the bandwagon.
When designing software, there's a concept that says
- "the scope of control must be above the scope of influence".
-
Sorry, but Apple has a patent on that.
Can't copyright a concept - - just the specific implementation
Most Popular
| Trending | Featured |
Subscribe to TechSpot
Get free exclusive content, learn about new features and breaking tech news.