Apple tightens iPhone App Store security, Wired prints piracy guide
Responding to piracy problems in the iTunes App Store, Apple has instituted stronger security measures to protect users' accounts.
Earlier this month, iTunes was hit by account fraud that resulted in a few hundred users--a relatively tiny proportion of iTunes accounts--discovering as much as several hundred dollars' worth of unauthorized charges on their accounts.
Apple responded by immediately deleting specific developers who appeared to be using the fraudulent purchases to inflate their sales rank, and is now adding a new layer of security that requires account holders to enter their credit card security code on each new computer or device they register with their account.
According to a report by the blog Different District, iTunes prompts users for their security code the first time they make a purchase from a new computer or device. This prevents malicious users from guessing simple passwords on users' accounts and reselling the information to fraudulent buyers.
The previous report filed by AppleInsider detailed how auction sites in China were reselling the account information for iTunes users and encouraging buyers to immediately make as many purchases as possible before the user discovered the purchases. Requiring a security code should prevent that type of fraud in the future.]
Apple's opposition to jailbreaking
While Apple hadn't sued any users over jailbreaking, it did petition the court not to allow the exemption, warning that the argument for the exemption, advanced by the EFF, was simply pushing a ideological software agenda which made poor assumptions about how much external experimentation Apple's successful business model could withstand.
Google's Android Market already lacks the security of iTunes App Store, and that has resulted in a weak commercial market where a critical mass of uses simply don't pay for anything. That has discouraged significant commercial development for Android and left it with little more than adware-based titles and hobbyist apps.
In addition to complaining that widespread jailbreaking could result in piracy levels that turn the App Store into a failed market, Apple also noted that jailbreaking has an impact on "a number of essential safety and control functions," and that modified operating system software could result in overheating or in overcharging of the battery, resulting in actual physical damage to the device.
Apple also noted that a hacked baseband could result in operational damage to the mobile network, a claim which many critics scoff at despite the fact that baseband software is highly regulated for this very reason. Apple also complained that users who jailbreak their phones generate millions of software crash reports that are sent to the company to investigate at its own expense.
Earlier this month, iTunes was hit by account fraud that resulted in a few hundred users--a relatively tiny proportion of iTunes accounts--discovering as much as several hundred dollars' worth of unauthorized charges on their accounts.
Apple responded by immediately deleting specific developers who appeared to be using the fraudulent purchases to inflate their sales rank, and is now adding a new layer of security that requires account holders to enter their credit card security code on each new computer or device they register with their account.
According to a report by the blog Different District, iTunes prompts users for their security code the first time they make a purchase from a new computer or device. This prevents malicious users from guessing simple passwords on users' accounts and reselling the information to fraudulent buyers.
The previous report filed by AppleInsider detailed how auction sites in China were reselling the account information for iTunes users and encouraging buyers to immediately make as many purchases as possible before the user discovered the purchases. Requiring a security code should prevent that type of fraud in the future.]
Apple's opposition to jailbreaking
While Apple hadn't sued any users over jailbreaking, it did petition the court not to allow the exemption, warning that the argument for the exemption, advanced by the EFF, was simply pushing a ideological software agenda which made poor assumptions about how much external experimentation Apple's successful business model could withstand.
Google's Android Market already lacks the security of iTunes App Store, and that has resulted in a weak commercial market where a critical mass of uses simply don't pay for anything. That has discouraged significant commercial development for Android and left it with little more than adware-based titles and hobbyist apps.
In addition to complaining that widespread jailbreaking could result in piracy levels that turn the App Store into a failed market, Apple also noted that jailbreaking has an impact on "a number of essential safety and control functions," and that modified operating system software could result in overheating or in overcharging of the battery, resulting in actual physical damage to the device.
Apple also noted that a hacked baseband could result in operational damage to the mobile network, a claim which many critics scoff at despite the fact that baseband software is highly regulated for this very reason. Apple also complained that users who jailbreak their phones generate millions of software crash reports that are sent to the company to investigate at its own expense.
Comments
Apple also noted that a hacked baseband could result in operational damage to the mobile network, a claim which many critics scoff at despite the fact that baseband software is highly regulated for this very reason.
No-one has any interest in hacking the baseband beyond SIM unlocking. There's simply no point. Networks drop badly behaving phones.
If it was a problem, why haven't Android, Symbian or Windows Mobile hackers brought down networks already? The full source code for the first two are available.
I'm glad they took it down. If I was a developer trying to make a living off the App Store I'd be cancelling my subscription about now.
..... I stopped reading it years ago.
...might have to try that guide on the wired App and share it with my uncle from Torrento.
Apple's opposition to jailbreaking
While Apple hadn't sued any users over jailbreaking, it did petition the court not to allow the exemption, warning that the argument for the exemption, advanced by the EFF, was simply pushing a ideological software agenda which made poor assumptions about how much external experimentation Apple's successful business model could withstand.
Google's Android Market already lacks the security of iTunes App Store, and that has resulted in a weak commercial market where a critical mass of uses simply don't pay for anything. That has discouraged significant commercial development for Android and left it with little more than adware-based titles and hobbyist apps.
In addition to complaining that widespread jailbreaking could result in piracy levels that turn the App Store into a failed market, Apple also noted that jailbreaking has an impact on "a number of essential safety and control functions," and that modified operating system software could result in overheating or in overcharging of the battery, resulting in actual physical damage to the device.
Apple also noted that a hacked baseband could result in operational damage to the mobile network, a claim which many critics scoff at despite the fact that baseband software is highly regulated for this very reason. Apple also complained that users who jailbreak their phones generate millions of software crash reports that are sent to the company to investigate at its own expense.
Absolutely. Truth in every word. Apparently, your favorite audience, Apple, needs no more, than clashing over discounted stuff in walmarts.
And we've got our popcorn and are now in the front row to see how ``market powers' ' are gonna build perfect products.
As fare as the story goes, I agree that wired showuldnt have posted the How-to on piracy.
Jailbreaking is essentially bad.. Instead ideally Apple itself should provide a section of the App store titled 'Unapproved' or something, and list all these apps there. So no need fopr complicated hacks and waiting for the hackers to develop tools for the latest version.
It's a bullshit publication for morons anyway. I stopped reading it years ago.
Yeah, wired, schmired. That said, pirating apps is amazingly, amazingly easy. However you can't jailbreak iPhone4 and iPhone3GS new bootrom running iOS4.
Why hasn't Apple tried to shut down the repositories hosting the cracked apps?
...with Kahney noting ... I’ve always liked publications that informed me about things we’re not supposed to do. I can then make my own moral decision whether to act on that information or not.
Are you kidding me? What's next month, a WIRED guide to bombmaking equipment, a WIRED guide to how to cook Crystal Meth for your friends, a WIRED guide to finding Child Porn on the net?
And it will be okay because EVERYONE who gets their grubby little hands on the information will be a good little geek and make the CORRECT moral choice so WIRED is absolved of all moral responsibility? That's not an adequate excuse.
They're abetting pirates and leaving people open to theft and abuse.
No-one has any interest in hacking the baseband beyond SIM unlocking. There's simply no point. Networks drop badly behaving phones.
If it was a problem, why haven't Android, Symbian or Windows Mobile hackers brought down networks already? The full source code for the first two are available.
Yeah, so far, it does appear that hackers only want to hack the baseband to unlock the SIM. Malicious hackers would prefer to steal personal data from hacked phones, rather than, say, DoS attack AT&T or something like that. Could there be inadvertent fiddling with the mobile network due to running a hacked baseband? Maybe, but we haven't really seen this yet, unless AT&T and other providers come out and say (and prove) it does.
Or like you say, maybe the mobile networks are robust enough that they drop bad phones, block the IMEI and so on. I think during the time (in the past decade) when there was a lot of mobile phone theft and "cloning" of phones etc. etc. mobile network providers beefed up their security.
I've said it before, the telco industry is a very, very strange beast indeed.
"Apple also complained that users who jailbreak their phones generate millions of software crash reports that are sent to the company to investigate at its own expense. "
This is probably a huge problem for Apple, telcos and all kinds of resellers. Tons of people complaining they don't know what's going on, usually because their friend/ relative/ local tech shop jailbreaked their phone the moment they got it, with the actual user not even knowing what jailbreaking is all about.
Are you kidding me? What's next month, a WIRED guide to bombmaking equipment, a WIRED guide to how to cook Crystal Meth for your friends, a WIRED guide to finding Child Porn on the net?
And it will be okay because EVERYONE who gets their grubby little hands on the information will be a good little geek and make the CORRECT moral choice so WIRED is absolved of all moral responsibility? That's not an adequate excuse.
They're abetting pirates and leaving people open to theft and abuse.
Yup, we don't need Wired, Google does that all for us. Seriously, the next question has to do with Google. You can find virtually any evil in the world thanks to Google.
Crystal Meth? No worries, tons of top search results on that:
http://www.google.com.my/search?clie...e+crystal+meth
For the record, I agree, WTF is Wired posting this stuff for? I mean, it (used to be) a reputable, respected, "cutting-edge" publication.
I stopped reading it years ago.
Yeah, it is. I find it weird how Apple somehow brings out all these journalistic rats out of the woodwork.
Wired said the guide was published "after a flood of Cult of Mac reader emails" requested it?
I bought the first iPad issue of WIRED and I must admit I was very impressed with virtually everything in it. In fact, I didn't object to the price having spent decades in the publication arena.
I was holding off getting the next issue until my wife returned with her iPad.
Now, although my comments re WIRED's iPad introduction still stand, I will express my objection to their latest move by dropping their publication from my future library.
Are you kidding me? What's next month, a WIRED guide to bombmaking equipment, a WIRED guide to how to cook Crystal Meth for your friends, a WIRED guide to finding Child Porn on the net?
And it will be okay because EVERYONE who gets their grubby little hands on the information will be a good little geek and make the CORRECT moral choice so WIRED is absolved of all moral responsibility? That's not an adequate excuse.
They're abetting pirates and leaving people open to theft and abuse.
Well said and I agree with you 100% . The only silver lining I see is Apple can use this as a guide on how to really make this a lot harder. That is the one benefit of hackers that brag, they enable fixes faster than might have otherwise been possible. Not that this is quite the same thing but I'd like to think a few brains at Apple are thinking of ways to make this all not so easy especially on the apps side. It sounds too simple but surely iOS should be made to check if the iPhone is hacked, if it is don't work. If they want to hack it and replace with another phone OS then that's fine.
I wonder if they even thought about there own magazine app being pirated and losing revenue from that. After all I would think it is the higher priced stuff (some would certainly say over priced) that would seem to be a prime target for piracy.
Well said and I agree with you 100% . The only silver lining I see is Apple can use this as a guide on how to really make this a lot harder. That is the one benefit of hackers that brag, they enable fixes faster than might have otherwise been possible. Not that this is quite the same thing but I'd like to think a few brains at Apple are thinking of ways to make this all not so easy especially on the apps side. It sounds too simple but surely iOS should be made to check if the iPhone is hacked, if it is don't work. If they want to hack it and replace with another phone OS then that's fine.
The Droid X has some kind of "efuse" that checks the OS before it boots. link It has been available for a while. I wonder why apple doesn't use this...
Google's Android Market already lacks the security of iTunes App Store, and that has resulted in a weak commercial market where a critical mass of uses simply don't pay for anything.
uses?
USERS!
Waaaaaa. Quit crying. So apple didn't get it's way... It is better for all.
BTW, don't blame the Android Market or Phone for the failings of an Apple product.
Don't touch the black line!