x PhoneArena is looking for new authors in New York! To view all available positions, click here.
  • Home
  • News
  • Apple patching in-app purchase bug that allowed buying for free

Apple patching in-app purchase bug that allowed buying for free

Posted: , by Victor H.

Tags:

Apple patching in-app purchase bug that allowed buying for free
Just recently, news broke that Apple’s implementation of in-app purchases is flawed, allowing hackers like Russian Alexey Borodin to circumvent Apple’s servers and trick apps into thinking you’ve paid for things inside it while you actually haven’t. This was all possible because of two things - first Apple didn’t use a unique identifier for each of the purchases, and secondly because developers often neglected to validate their in-app purchase receipts.

And now Apple is introducing a unique identifier for each of the purchases - a likely step towards patching that bug. It’s actually not completely clear whether the newly implemented unique identifier for in-app purchases is indeed aimed at patching that hole in the system, but at least that’s the most likely reason, especially as Apple adds it mere days after the hack was made public.

For the time being, though, you can still circumvent the system and use a third-party server to fool apps into thinking you are buying items while not actually paying.

source: MacRumors

5 Comments
  • Options
    Close




posted on 19 Jul 2012, 02:43

1. quakan (Posts: 1160; Member since: 02 Mar 2011)


Hmm should I pay for in-app purchases or try to get it free by going through some Russian hacker's servers and giving him access to my information? Tough decision.

posted on 19 Jul 2012, 12:09

5. bayusuputra (Posts: 941; Member since: 12 Feb 2012)


easy solution, throw your iDevice, get android, side load the app, BAM!

posted on 19 Jul 2012, 02:51 4

2. darktranquillity (Posts: 284; Member since: 28 Feb 2012)


Why pay?, download and let apple pay for you from its cash pile.

posted on 19 Jul 2012, 11:01

3. JunkCreek (Posts: 402; Member since: 13 Jul 2012)


No malware anyone? Just because they "crackers/hackers" didn't give a d*mn to apple device. When it is d*mned, you can now see.
So, please WAKE UP!

posted on 19 Jul 2012, 11:02

4. JunkCreek (Posts: 402; Member since: 13 Jul 2012)


No malware anyone? Just because they "crackers/hackers" didn't give a d*mn to apple device. When it is d*mned, you can now see.
So, please WAKE UP!

Want to comment? Please login or register.

Latest stories