Apple That

About a week ago, Alexey Borodin, a Russian developer, hacked Apple’s In-App Purchase program for every device running anything from Apple iOS 3.0 to iOS 6.0. This allowed iPhone, iPad and iPod touch users to circumvent the payment process and basically steal any in-app content that they wanted to.

Apple confirmed the hack and stated that it was investigating the issue and, this week, tried to block the hack, though was unsuccessful. Now, Apple is starting to offer a proper solution, although it isn’t quite ready. Apple has started including unique identifiers in the validation receipts for in-app purchases. Developers recently started seeing the new receipts, which include a new field called “unique_identifier”.

According to a report from MacRumors, “As one developer noted to us, apps are no longer supposed to be collecting the UDID and thus it is unclear whether Apple’s use of the identifier for this purpose is simply a first step toward a broader implementation of unique receipt identifiers for increased security or if Apple is attempting to identify those users and devices who are sharing their receipts with the Russian hacker to allow the method to function.”

The worst part about this hack is that iOS developers have absolutely no way of protecting their apps. Store receipts don’t work since the only thing you need to bypass this is a single donated receipt which can then be used to authenticate anyone’s purchase requests. Borodin’s circumvention technique relies on installing certificates, changing DNS settings to allow the authentication of the purchases and then emulating the receipt verification server on the Apple App Store.

The unique identifiers have set Apple on a proper path to a decent solution, though Borodin has declared that he wants the company to fix the problem by either changing its APIs or placing new blocks on its service. It seems that Apple will have to start encrypting the connection and update iOS so that it is unaware of the changes being made. In turn, this will stop apps from being able to approve false purchases.

Source: ZD Net – Apple adds unique identifiers to fight iOS in-app purchase hack

Find out what is going on in the Tech Army World.

What are the Top 10 Money Making Missions?

What other companies have joined and what do they do?

How do I join the
Tech Army Organization ?

I don’t think I have to remind you just how many apps are available for the iPhone, iPod Touch and iPad (over 500,000). If you are an iOS user, you have undoubtedly purchased or downloaded at least one app from the App Store and, in doing so, you have probably noticed that some of them offer the option of purchasing additional content. These apps usually come in the form of apps that have multiple levels, like Angry Birds.

This type of content can be anything, like more levels, character designs in games, like that business simulation game online, or added functionality and expansions. However, not all (but a lot) of apps with additional content for purchase allow you to buy from directly inside the application itself.

Unfortunately, not every app that allows in-app purchasing is as up front about the fact that they do this and, sometimes make it extremely easy to “accidentally” purchase in-app content. One of the more controversial apps of late to pull a stunt like this was Smurfs’ Village. Children played the game on their parent’s phone and unknowingly purchased a whole lot of undesired content.

Thankfully, there is an easy solution that makes sure something like this doesn’t happen to you. Just follow these quick and easy steps and you will have in-app purchasing disabled until you say otherwise, making sure your child doesn’t accidentally rack up a huge phone bill with in-app purchases.

STEP 1: Turn on your iPhone, iPod Touch or iPad and from the home screen select the Settings application. From here, select “General”.

STEP 2: Scroll about halfway down the page and find “Restrictions”. Select it and then select “Enable Restrictions”.

STEP 3: Once enabled, you will be asked to create a password. The password locks certain functions on your iOS device. After you enter it twice, you’re on to the next step.

STEP 4: After creating your password, scroll down to the “Allowed Content” section and select it.

STEP 5: Slide the bar next to “In-App Purchases” from “ON” to “OFF” and that’s that! No more accidental in-app purchases will rack up on your phone bill.

Source: Digital Trends – How To: Turn off in-app purchases on Apple products

A Tech Travel Agent can get a laptop rentalto you within 24 business hours in over 1000 cities worldwide. Call 800-736-8772London Massage
We have 3987 Installers, Technicians and Engineers stationed in nearly 1000 locations worldwide to serve you.