or Connect
AppleInsider › Forums › Software › Mac Software › Reports of Mac App Store piracy emerge on launch day - report
New Posts  All Forums:Forum Nav:

Reports of Mac App Store piracy emerge on launch day - report

post #1 of 48
Thread Starter 
Within hours of Apple opening the Mac App Store, reports surfaced of software 'pirates' having figured out how to install and run unauthorized paid apps by copying the receipt files from a free app.

Apple has battled piracy for years on the iOS App Store, trying to stay one step ahead of hackers. With the opening of the Mac App Store on Thursday morning, Apple has yet another digital storefront to protect.

On the day of the store's launch, reports emerged that a simple cut-and-paste workaround had been discovered that illegally 'cracks' some paid apps. Crackers apparently found that replacing the receipt and signature files in some paid app packages, which can be downloaded from third-party sites, with the receipt from a free app allows the app to run in some cases.

According to John Gruber of Daring Fireball, the vulnerability exists only in apps that don't follow Apple's app validation advice. For example, some apps check only for a valid receipt, without checking whether the receipt matches the app's bundle ID.

Beyond the simple file replacement crack, some hackers claim to have cracked Apple's security for the Mac App Store, according to Gizmodo. In late December, one hacker known as Dissident announced that the crack, named KickBack, would not be released "until well after the store's been established" in an effort to 'protect' developers. "When we feel that [the Mac App Store] has a lot of crap in it, we'll probably release Kickback," said Dissident.

Though developers reported support for Mac App Store receipts in early builds of Mac OS X 10.6.6, there's no evidence that the Mac App Store was broadly or externally tested by Apple.

Some early adopters reported being unable to download and install apps Thursday shortly after the Mac App Store went live. A number of users have also complained about the quality of the apps available on the store, with one user going so far as to start a parody site that criticizes apps with awkward user interfaces.

For more details on the Mac App Store, see the AppleInsider feature:
First look: Apple's Mac App Store simplifies buying, updating software
post #2 of 48
while i don't think it has much to do with the app store (bad interfaces have been around for a while), there are some atrocious examples on the site referenced in the article:

http://readthefuckinghig.tumblr.com/
post #3 of 48
Yes following directions will help..... in this case from getting your app pirated.
post #4 of 48
"A number of users have also complained about the quality of the apps

I wonder what that number is, vs. the number who are happy with their purchases?
post #5 of 48
Quote:
Originally Posted by AppleInsider View Post

According to John Gruber of Daring Fireball, the vulnerability exists only in apps that don't follow Apple's app validation advice. For example, some apps check only for a valid receipt, without checking whether the receipt matches the app's bundle ID.

That's the developer's fault. Case closed.
post #6 of 48
That's bad karma for taking down the Wikileaks app and you can expect more from where that bad karma came from. Expect more software leaks.
post #7 of 48
I can't help but notice Gizmodo is the site really pushing this story. Their headline is clearly written to give the impression the Store is - right now - wide open to hackers.

When do you think they are gonna get over "you know what"?

MacBook Pro 15" | Intel Core2 Duo 2.66GHz | 320GB HDD | OS X v10.9
Black/Space Grey iPad Air with Wi-Fi & LTE | 128GB | On 4GEE
White iPhone 6 | 64GB | On 3UK

Reply

MacBook Pro 15" | Intel Core2 Duo 2.66GHz | 320GB HDD | OS X v10.9
Black/Space Grey iPad Air with Wi-Fi & LTE | 128GB | On 4GEE
White iPhone 6 | 64GB | On 3UK

Reply
post #8 of 48
Seems like a roaring success on Day 1 with 1000 apps. Pretty solid coverage, too, with CES in full swing.

Prediction: A competitor(s) will offer a desktop OS app store that will open with more apps and grow faster after the success of the MAS making people compare the two and claiming that Apple’s MAS surely must suck in comparison.
Dick Applebaum on whether the iPad is a personal computer: "BTW, I am posting this from my iPad pc while sitting on the throne... personal enough for you?"
Reply
Dick Applebaum on whether the iPad is a personal computer: "BTW, I am posting this from my iPad pc while sitting on the throne... personal enough for you?"
Reply
post #9 of 48
almost as many apps as windows phone 7
:-D * * * * * * * * * * * * * * * *
Reply
:-D * * * * * * * * * * * * * * * *
Reply
post #10 of 48
Quote:
Originally Posted by Tofino View Post

while i don't think it has much to do with the app store (bad interfaces have been around for a while), there are some atrocious examples on the site referenced in the article:

http://readthefuckinghig.tumblr.com/

Fail.

The owner of this site has no room to criticize others as his site is number one for the lack of grade-school spelling and grammar. He doesn't seem to know where the shift key is, where apostrophes are needed, along with childish comments unworthy of reading.
post #11 of 48
Quote:
Originally Posted by Ecphorizer View Post

Fail.

The owner of this site has no room to criticize others as his site is number one for the lack of grade-school spelling and grammar. He doesn't seem to know where the shift key is, where apostrophes are needed, along with childish comments unworthy of reading.

Are you kidding? The joke is certainly a parade of some of the worst designs on the Mac App Store. The "voice" of this site is surely intentional.
post #12 of 48
Those App UIs on the HIG site deserve to be panned. Those are awful UI layouts.
post #13 of 48
Wow, I am surprised that apps are being pirated this quickly! I didn't realize that there was a jailbreak available for the mac.
Crying? No, I am not crying. I am sweating through my eyes.
Reply
Crying? No, I am not crying. I am sweating through my eyes.
Reply
post #14 of 48
deleted
post #15 of 48
well, mac app store looks like opening illegal port. from now, hackers can easily make mac viruses more than ever. no virus on mac? time changed.
post #16 of 48
Quote:
Originally Posted by edwardryu View Post

well, mac app store looks like opening illegal port. from now, hackers can easily make mac viruses more than ever. no virus on mac? time changed.

Which illegal port?
Dick Applebaum on whether the iPad is a personal computer: "BTW, I am posting this from my iPad pc while sitting on the throne... personal enough for you?"
Reply
Dick Applebaum on whether the iPad is a personal computer: "BTW, I am posting this from my iPad pc while sitting on the throne... personal enough for you?"
Reply
post #17 of 48
Well there is lot of piracy outside the app store, and it's better that holes are being reporten now rather then when a lot more people start using it. I just hope apple does not take it too far in checking weather apps outside the store were gotten illegally, as that might put an end to the whole store concept on the Mac and hurt smaller developers.
--SHEFFmachine out
Da Bears!
Reply
--SHEFFmachine out
Da Bears!
Reply
post #18 of 48
Quote:
Originally Posted by edwardryu View Post

well, mac app store looks like opening illegal port. from now, hackers can easily make mac viruses more than ever. no virus on mac? time changed.

This hardly even qualifies as english!

Nothing has changed as far as malware on the Mac goes. All we have here is crackers doing what they do just like the usual and untested\\busted DRM software in the app store. It doesn't suddenly mean we'll have a flood of viruses.This has nothing to do with viruses.

Quote:
Originally Posted by bigdaddyp View Post

Wow, I am surprised that apps are being pirated this quickly! I didn't realize that there was a jailbreak available for the mac.

How can there be a mac jailbreak if there was no "mac jail" to begin with?

Anyway about the "bad interfaces" all I'm seeing here is the developers changing their app's interface just for changes sake so it'll be obviously new in the app store. They don't have to change the interfaces if they don't want to. Either way I don't know what people are expecting when buying an app from the app store... a huge difference from what they usually get?
post #19 of 48
so how am I to know which app used the apple validation tool?
post #20 of 48
There is another point to be made on this subject.

Apple is doing to software what it did with music downloads - making them affordable enough to make pirating a pointless risk not worth taking.

And in my opinion it succeeds. I have bought a few apps off the MacAppStore I would never have bought previously (and neither would I have pirated them!).
post #21 of 48
I don't remember last time I was casually browsing for apps for my Mac the last time.
Oh man... all this junk! And these crazy prices. Bejeweled 3 for $19?? What are they thinking?? It's like 20x the price of the iPhone version of Bejeweled 2.

If they release this hack, it'd be great if they were clear with the message, like with a slogan or something.
- Pay for quality. Hack the crap

It would be even cooler if they hacked the app store to accept the money of your choice. If you think it's worth $10, then pay $10. If you think it's worth $1 the pay $1.
post #22 of 48
Quote:
Originally Posted by eyepad View Post

so how am I to know which app used the apple validation tool?

Unless you want to pirate apps, it should not bother you how easy or difficult this is.
post #23 of 48
I understand the UI concerns, but boy does he sound pretty damn angry...

Maybe he's an Apple employee forced to approve all these apps...

Or more likely, someone that got their app rejected time and time again from the iOS and Mac App Store.

Quote:
Originally Posted by Tofino View Post

while i don't think it has much to do with the app store (bad interfaces have been around for a while), there are some atrocious examples on the site referenced in the article:

http://readthefuckinghig.tumblr.com/

Quote:
Originally Posted by Ecphorizer View Post

Fail.

The owner of this site has no room to criticize others as his site is number one for the lack of grade-school spelling and grammar. He doesn't seem to know where the shift key is, where apostrophes are needed, along with childish comments unworthy of reading.

Quote:
Originally Posted by mdriftmeyer View Post

Those App UIs on the HIG site deserve to be panned. Those are awful UI layouts.
post #24 of 48
Quote:
Originally Posted by solipsism View Post

Which illegal port?

Texas
post #25 of 48
Quote:
Originally Posted by solipsism View Post

Which illegal port?

It's next to Port 8080, just before Port 8081. You get to it by entering as such:
http://hackthismother.com:omfgicanhazillegalport
post #26 of 48
Quote:
Originally Posted by success View Post

Texas

post #27 of 48
i like the app store... and i'm sure that the developers are all too aware of illegal software practises and that they were opening a new can of worms with this. However, the potential revenue of increased sales will make up in most cases of piracy.

my theory is that most pirated media these days especially apps does not negatively impact a software company's bottom line. The truth is that most software that was cracked and pirated would not have been bought by these people in the first place.

I made 2 instant purchases yesterday - angry birds (a no brainer and less than 3 euro) and apple remote desktop - an app which i didn't buy for my home machines because it was pricey - but was available on the store for less than 80 euro... that is 80 euro apple made off me which they wouldn't have without the store... though it should be free with os x server

I think steam might take a hit with the new competition as well as productivity as all these games come to designers' desktops
post #28 of 48
How is this news? I could have downloaded half the crappy apps in the App Store from TPB, pre-cracked before the App Store even existed!

And still can.

This crack would be vaguely interesting if it actually allowed you to download these apps *from* the App Store for free. But if the first step is "Go somewhere else and obtain the App" then it's *not* a hacked App Store so much as just another pointless copy-paste crack for apps that have already been pirated and available for download for years.

The iPhone is a different kettle of fish- those apps have never been available anywhere else, so once they were cracked and distributed it was a "Big Deal." The iPhone cracked app store, which shall remain unnamed, is a shining beacon of streamlined piracy- and a real thorn in the side of good honest jailbreakers to boot.
post #29 of 48
Most users don't have the technical knowhow to pirate apps regardless of how easy it is. The path to pirate software is:

1) Competent hacker cracks copy protection
2) Hacker uploads cracked app to BitTorrent site
3) End users download cracked app from BitTorrent site

So it's irrelevant how secure the apps are, or even if they have any copy protection at all.

The same proportion of users that pirate apps normally will pirate app store apps, and the same proportion that pay for apps will pay for them.

What matters is that with the app store there is now a single simple place to go to buy legitimate apps for low prices, and that should hopefully encourage a lot of people to buy software who otherwise wouldn't have.

It's the same model as iTunes - any song you can buy on iTunes is available for free on a dozen other pirate channels, but that hasn't stopped iTunes becoming the dominant way for people to buy legitimate music.
"There's no chance that the iPhone is going to get any significant market share. No chance" - Steve Ballmer
Reply
"There's no chance that the iPhone is going to get any significant market share. No chance" - Steve Ballmer
Reply
post #30 of 48
Quote:
Originally Posted by Jon T View Post

There is another point to be made on this subject.

Apple is doing to software what it did with music downloads - making them affordable enough to make pirating a pointless risk not worth taking.

And in my opinion it succeeds. I have bought a few apps off the MacAppStore I would never have bought previously (and neither would I have pirated them!).

Excellent comments, Jon. "Free" (ie., piracy) can be trumped by "easy!" Something Apple is very successful at. As u said the examples being iTunes and the iPhone App store! And now the Mac App store. I too enjoyed browsing and found MindNode. Really like it!

Best
post #31 of 48
Quote:
Originally Posted by nagromme View Post

"A number of users have also complained about the quality of the apps

I wonder what that number is, vs. the number who are happy with their purchases?

As is the case right here on AppleInsider there is a certain segment of the population that will complain about everything. They are never satisfied, never happy, never content, always critical. I work with one of these types and he freely admits it. Not a fun person to be around as you might assume. Negativity makes the news while happiness never does.

Are there some clunkers in the new app store? Undoubtedly there are. These apps and the Debbie Downers deserve each other.
post #32 of 48
Quote:
Originally Posted by Socrates View Post

Most users don't have the technical knowhow to pirate apps regardless of how easy it is. The path to pirate software is:

1) Competent hacker cracks copy protection
2) Hacker uploads cracked app to BitTorrent site
3) End users download cracked app from BitTorrent site

So it's irrelevant how secure the apps are, or even if they have any copy protection at all.

The same proportion of users that pirate apps normally will pirate app store apps, and the same proportion that pay for apps will pay for them.

What matters is that with the app store there is now a single simple place to go to buy legitimate apps for low prices, and that should hopefully encourage a lot of people to buy software who otherwise wouldn't have.

It's the same model as iTunes - any song you can buy on iTunes is available for free on a dozen other pirate channels, but that hasn't stopped iTunes becoming the dominant way for people to buy legitimate music.

1.5) Hacker adds malware code to pirated app knowing the torrent dweebs will download anything they can get their thieving hands on.
post #33 of 48
The Apple Way= Build the app store.

The MS Way=Ballmer screaming "DEVELOPERS, DEVELOPERS, DEVELOPERS, DEVELOPERS, DEVELOPERS, DEVELOPERS, DEVELOPERS, DEVELOPERS, DEVELOPERS, DEVELOPERS, DEVELOPERS, DEVELOPERS, DEVELOPERS, DEVELOPERS, DEVELOPERS, DEVELOPERS, DEVELOPERS, DEVELOPERS, DEVELOPERS, DEVELOPERS, DEVELOPERS, DEVELOPERS, DEVELOPERS, DEVELOPERS, GIVE IT UP FOR ME!!!!!!!!!!!!!!"


It's all about increasing the developer base, which has always been an issue for the platform.
post #34 of 48
Quote:
Originally Posted by edwardryu View Post

well, mac app store looks like opening illegal port. from now, hackers can easily make mac viruses more than ever. no virus on mac? time changed.

Quote:
Originally Posted by solipsism View Post

Which illegal port?

The guy is just exercising his pie hole. He has no idea what he is talking about.
post #35 of 48
deleted
post #36 of 48
There are lessons to be learned here, though. Whilst the store itself has not been cracked, many applications are not even vulnerable, and many more applications have been available for years on pirate sites with alternate cracks, or simply leaked serial numbers- Angry Birds, specifically, is an App-Store exclusive on the Mac, as far as I know.

Interestingly, despite Angry Birds having been "cracked" with this ludicrously easy practise (this seems like a publicity stunt on their behalf if you ask me) it's still an App Store best seller.

As people in opposition of piracy love to jump to lofty, unfounded conclusions, I would now like to state for the record that this conclusively proves that Piracy = Sales.

This reeks of a PR stunt, anyway, that Angry Birds, a hugely popular top selling application developed by people who have worked with Apple's store for a number of years, should opt for the "quick, dirty and hopelessly insecure" method of reciept validation seems a little too convenient. The app simply does not correctly validate receipts, flying in the face of Apple recommendations. This is entirely the developers fault.

Angry Birds is getting more publicity in the face of this. It's got the top spot in the App Store under "New and noteworthy", and 344 ratings/4 stars already. Evidently piracy isn't even of the slightest concern to the developers, and they gain more by playing this game than they would otherwise.

Oh, one more thing. How many buyers of Angry Birds on the Mac already own it on their iPhone or iPad? Most of them, I suspect. I picked it up when it was all of 59p. They're making money hand over fist with this comparatively expensive desktop version- I shed no tears for them.

Any other developers of so easily crackable apps have just got a lesson in listening to Apple's recommendations.
post #37 of 48
Quote:
Originally Posted by noirdesir View Post

Unless you want to pirate apps, it should not bother you how easy or difficult this is.

I think my question was misunderstood.

I was asking for My safety, how am I as a customer to the app store, suposed to know if the app I purchased (free or paid) used apple validation tool?

I am worried about My acct getting hacked.

I downloaded 4 apps yesterday. Did all those use the validation tool? How would I know if they did or didn't?
post #38 of 48
I would think the AppStore will minimize the amount of pirated apps on Macs.

Lets think about it:

Hacker cracks copy protections
Upload to Bittorrent
Download from User
Mac App Store sees pirated app, tries to integrate it into the account, gets confused (, reports to Apple?), and says something like app not valid.

It might not yet work this way, but it probably will in some time.
post #39 of 48
Quote:
Originally Posted by eyepad View Post

I think my question was misunderstood.

I was asking for My safety, how am I as a customer to the app store, suposed to know if the app I purchased (free or paid) used apple validation tool?

I am worried about My acct getting hacked.

I downloaded 4 apps yesterday. Did all those use the validation tool? How would I know if they did or didn't?

I think you misunderstood the article.
.
All apps are validated and examined by Apple.
So don't worry.

Some apps didn't implement the copy protection scheme provided by Apple properly
post #40 of 48
Quote:
Originally Posted by Socrates View Post

Most users don't have the technical knowhow to pirate apps regardless of how easy it is. The path to pirate software is:

1) Competent hacker cracks copy protection
2) Hacker uploads cracked app to BitTorrent site
3) End users download cracked app from BitTorrent site

So it's irrelevant how secure the apps are, or even if they have any copy protection at all.

Not quite. The copy/paste cracks are the developers' faults but in the article, it says they have cracked Apple's security. That would mean every single app will be cracked at once but ultimately they can all be reverse-engineered from the assembly code. Up until now, most apps get security through obscurity - by implementing different authentication methods. If they all use the same one and it gets cracked, free apps for all. I suspect given that the App Store came with an OS update that the validation may be deeper into the OS and if so would require custom system files. That might be easy in the short term but keeping patching the system is not something most people want to do. Hopefully Apple has put the authentication low-level enough.
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Mac Software
AppleInsider › Forums › Software › Mac Software › Reports of Mac App Store piracy emerge on launch day - report