As a developer, I'd like to address Alexey with this... I'm an app developer who is neither lazy nor greedy. I'm trying to make a paycheck and it takes time and energy to create value in apps. We want to keep the cost of our app low, so we use in-app purchases when we add new features that not everyone wants to pay for. We already deal with the app being pirated and now we have the prospect of in-app purchases being stolen as well.
Why don't you get a life and actually try to improve upon your world instead of stealing from hard working developers who are trying to make a living?
I agree with you. However, I have a request:
Many of those games work fine without spending money for a few levels. Then, you get more and more things that require far more coins / jewels / rubies / stars / whatever than a person can reasonably obtain without spending money. After a while, the game is essentially unplayable without spending money.
As a good game which doesn't do that, look at Dragonvale. My daughter is at level 27 and hasn't spent a cent. Every thing in the game is obtainable without spending real money. It might take a while, but it can be done. That's a great feature. OTOH, look at the Tap games or Paradise Cove. It doesn't take too long before all of the challenges involve things that require far more jewels / stars / whatever then you could reasonably expect to achieve normally.
AI is literally 2 weeks late on any hacks used is CSR. A YouTube video had been posted of another method was pulled and I think it's posted else where now.
Short of catching them and putting them and the torrent etc site owners in jail for life, nothing
Really? Put someone in jail for life for stealing a song? Wow. Michael Jackson's killer only got 5 years but the person who down loads his music should get life???
In the current climate I don't know how you can. If the society can't agree whether truth is relative or not how can you say what is right or wrong? When elected officials are consistently getting away with obvious corruption why should a teenager feel guilty about downloading a few movies? In my opinion piracy won't diminish until either A) Laws are put into place with real teeth (they've tried and there's been huge backlash across Europe in the last year) or There's a significant spiritual change in the region.
MPAA is making money hand over fist regardless of piracy. People who want to steal will steal, those who want to buy will buy and that is evident by the continued growth for the MPAA and RIAA. To put draconian laws into place for something that amounts to little more than petty theft is plain ignorant.
You say that as though anyone who pirates movies is the scum of the earth. And to be honest, it's one of the lesser problems on the internet. Focus needs to be on serious offences, like paedophilia. Not downloading a movie that's already grossing hundreds of millions of dollars (or software from a multibillion company, like Apple, Microsoft or Adobe).
Impossible. Many services use P2P that aren't torrent sites.
Theft is a crime. Period. I'm sure you were saying pedophilia, but as moral values continue to degrade, our society will return to the days of pedophilia being legal like it was is Greece. It was not until Christianity became the official religion there that the practice was stopped.
"I can see the Apple ID and password [of users who use the hack],"Borodin said. "But not the credit card information." It appears that Apple's system passes both bits of sensitive information to the Apple Store server in unencrypted plain text.
Even though this guy is publishing this data whether right or wrong, or whether his intentions are honorable or dishonorable; this shows that Apple isn't as cautious as it should be with peoples passwords or Apple IDs.
As a developer, I'd like to address Alexey with this... I'm an app developer who is neither lazy nor greedy. I'm trying to make a paycheck and it takes time and energy to create value in apps. We want to keep the cost of our app low, so we use in-app purchases when we add new features that not everyone wants to pay for. We already deal with the app being pirated and now we have the prospect of in-app purchases being stolen as well.
Why don't you get a life and actually try to improve upon your world instead of stealing from hard working developers who are trying to make a living?
I very much understand you, but come on man the example that lad used in the video are pretty fucked up ones. 19.99 for some kind of points? That’s extortion.
Post count 36, and still no one is blaming Apple for allowing this loophole in their in-app purchase process.
I know I am, you can blame the hacker for actually showing and using this loophole, but all this does is show that the in-app purchase process is fundamentally flawed in the Apple implementation.
I know an app developer should use the additional verification of in-app purchases, but I don't understand why Apple allows user installed certificates to be used for the first validation.
Theft is a crime. Period. I'm sure you were saying pedophilia, but as moral values continue to degrade, our society will return to the days of pedophilia being legal like it was is Greece. It was not until Christianity became the official religion there that the practice was stopped.
Apparently it didn't stop, it moved into the churches instead...
Post count 36, and still no one is blaming Apple for allowing this loophole in their in-app purchase process.
No, I think most of us realize it's ultimately Apple responsibility to plug this hole. But we can't have it both ways; we can't then turn around and cry foul on Apple for plugging a hole that lead to a jailbreak even if the jailbreak itself isn't an illegal action or used for nefarious purposes.
I know I am, you can blame the hacker for actually showing and using this loophole, but all this does is show that the in-app purchase process is fundamentally flawed in the Apple implementation.
It shows a hole in in-app purchases, an issue with the process, but to say that in-app purchases are flawed in it's essential nature and being is just hyperbole. Do you say that Java or JavaScript or any other piece of software must be fundamentally flawed everytime a bug fix is issued thus proving there were bugs? Of course not.
I know an app developer should use the additional verification of in-app purchases, but I don't understand why Apple allows user installed certificates to be used for the first validation.
Apple allows a lot of things I dislike when it comes to security and authentication. It's unfortunate, too, because people do tend to trust Apple more because Apple has been trustworthy with their customer base, but they really need to continue to put more effort into security. With 400+ million credit cards on file I hope we never hear about a hacker getting access to so much detail about users in plain text.
Could get all ISPs and government to decide what you can access, download, read on the internet. And if you think that all P2P are used only for illegal activity - you are wrong again.
It shows a hole in in-app purchases, an issue with the process, but to say that in-app purchases are flawed in it's essential nature and being is just hyperbole. Do you say that Java or JavaScript or any other piece of software must be fundamentally flawed everytime a bug fix is issued thus proving there were bugs? Of course not.
.
I agree, that's why I said the Apple implementation is fundamentally flawed, not the concept of in-app purchases. I've written a lot of 'transaction-based' software with remote servers, and if you're only mean of verification is based on certificates, you should always use a white-list of certificates. I have not analysed this issue in detail, but it seems the process accepts certificates based an common names instead of thumbprints etc.
Comments
I agree with you. However, I have a request:
Many of those games work fine without spending money for a few levels. Then, you get more and more things that require far more coins / jewels / rubies / stars / whatever than a person can reasonably obtain without spending money. After a while, the game is essentially unplayable without spending money.
As a good game which doesn't do that, look at Dragonvale. My daughter is at level 27 and hasn't spent a cent. Every thing in the game is obtainable without spending real money. It might take a while, but it can be done. That's a great feature. OTOH, look at the Tap games or Paradise Cove. It doesn't take too long before all of the challenges involve things that require far more jewels / stars / whatever then you could reasonably expect to achieve normally.
"I can't afford it, so I'm entitled to download it for free. This can't be illegal."[/quote]
That's the Fandriod mindset.
Quote:
Originally Posted by Radjin
That's the Fandriod mindset.
Troll much?
The slime from Windows seems to be moving over to Apple. Sad world.
Or slime to begin with. Internet allows you to be anyone you want to be with any morale spouting dung throwing buffoon
If you play the game you'll notice it too.
AI is literally 2 weeks late on any hacks used is CSR. A YouTube video had been posted of another method was pulled and I think it's posted else where now.
Quote:
Originally Posted by charlituna
Short of catching them and putting them and the torrent etc site owners in jail for life, nothing
Really? Put someone in jail for life for stealing a song? Wow. Michael Jackson's killer only got 5 years but the person who down loads his music should get life???
Quote:
Originally Posted by GregInPrague
In the current climate I don't know how you can. If the society can't agree whether truth is relative or not how can you say what is right or wrong? When elected officials are consistently getting away with obvious corruption why should a teenager feel guilty about downloading a few movies? In my opinion piracy won't diminish until either A) Laws are put into place with real teeth (they've tried and there's been huge backlash across Europe in the last year) or
or C, nothing.
http://www.zeropaid.com/wp-content/uploads/2011/02/mpaa.png
MPAA is making money hand over fist regardless of piracy. People who want to steal will steal, those who want to buy will buy and that is evident by the continued growth for the MPAA and RIAA. To put draconian laws into place for something that amounts to little more than petty theft is plain ignorant.
Quote:
Originally Posted by TheShepherd
The slime from Windows seems to be moving over to Apple. Sad world.
Remember, thats 90% of the world. Here is a stool, help you climb down off your high horse.
Quote:
Originally Posted by Tallest Skil
Could get all ISPs to block all P2P.
Waste of time. One gets blocked, 10 more pop up.
Quote:
Originally Posted by CGJ
You say that as though anyone who pirates movies is the scum of the earth. And to be honest, it's one of the lesser problems on the internet. Focus needs to be on serious offences, like paedophilia. Not downloading a movie that's already grossing hundreds of millions of dollars (or software from a multibillion company, like Apple, Microsoft or Adobe).
Impossible. Many services use P2P that aren't torrent sites.
Theft is a crime. Period. I'm sure you were saying pedophilia, but as moral values continue to degrade, our society will return to the days of pedophilia being legal like it was is Greece. It was not until Christianity became the official religion there that the practice was stopped.
Quote:
Originally Posted by AppleInsider
"I can see the Apple ID and password [of users who use the hack],"Borodin said. "But not the credit card information." It appears that Apple's system passes both bits of sensitive information to the Apple Store server in unencrypted plain text.
Even though this guy is publishing this data whether right or wrong, or whether his intentions are honorable or dishonorable; this shows that Apple isn't as cautious as it should be with peoples passwords or Apple IDs.
Quote:
Originally Posted by Hellacool
Remember, thats 90% of the world. Here is a stool, help you climb down off your high horse.
I wasn't inferring the users, I was noting that the hackers that have attacked Windows are now also trying to disrupt Apple.
I very much understand you, but come on man the example that lad used in the video are pretty fucked up ones. 19.99 for some kind of points? That’s extortion.
Post count 36, and still no one is blaming Apple for allowing this loophole in their in-app purchase process.
I know I am, you can blame the hacker for actually showing and using this loophole, but all this does is show that the in-app purchase process is fundamentally flawed in the Apple implementation.
I know an app developer should use the additional verification of in-app purchases, but I don't understand why Apple allows user installed certificates to be used for the first validation.
Apparently it didn't stop, it moved into the churches instead...
No, I think most of us realize it's ultimately Apple responsibility to plug this hole. But we can't have it both ways; we can't then turn around and cry foul on Apple for plugging a hole that lead to a jailbreak even if the jailbreak itself isn't an illegal action or used for nefarious purposes.
It shows a hole in in-app purchases, an issue with the process, but to say that in-app purchases are flawed in it's essential nature and being is just hyperbole. Do you say that Java or JavaScript or any other piece of software must be fundamentally flawed everytime a bug fix is issued thus proving there were bugs? Of course not.
Apple allows a lot of things I dislike when it comes to security and authentication. It's unfortunate, too, because people do tend to trust Apple more because Apple has been trustworthy with their customer base, but they really need to continue to put more effort into security. With 400+ million credit cards on file I hope we never hear about a hacker getting access to so much detail about users in plain text.
Quote:
Originally Posted by Tallest Skil
Could get all ISPs to block all P2P.
Could get all ISPs and government to decide what you can access, download, read on the internet. And if you think that all P2P are used only for illegal activity - you are wrong again.
Quote:
Originally Posted by SolipsismX
It shows a hole in in-app purchases, an issue with the process, but to say that in-app purchases are flawed in it's essential nature and being is just hyperbole. Do you say that Java or JavaScript or any other piece of software must be fundamentally flawed everytime a bug fix is issued thus proving there were bugs? Of course not.
.
I agree, that's why I said the Apple implementation is fundamentally flawed, not the concept of in-app purchases. I've written a lot of 'transaction-based' software with remote servers, and if you're only mean of verification is based on certificates, you should always use a white-list of certificates. I have not analysed this issue in detail, but it seems the process accepts certificates based an common names instead of thumbprints etc.