Russian Apple Hacker No Longer Invincible

Russian Apple Hacker No Longer Invincible

image

Apple thinks it has a solution to the Borodin App Store hack, but it's not foolproof yet.

"Currently game is over," Russian hacker Alexey Borodin admitted on his blog yesterday, as he contemplated Apple's latest attempt to block his hack. Borodin hit the news a short while ago when his scheme to bypass the iOS store's microtransaction process turned free-to-play games like Angry Birds into free games. Now Apple has a counter to Borodin's scheme, though it will take an update to iOS6 to make the counter foolproof.

No doubt Borodin's feeling a little depressed, as Apple's response is fairly comprehensive. At the moment it relies on users updating their apps regularly, and once they do the fake purchases implemented via Borodin's servers will be wiped from the users' systems. In theory this can be averted if the user never updates, which is why the counter isn't entirely effective yet. However Apple intends to shut this loophole down for good in iOS6, which means that Borodin's hack is living on borrowed time.

Apple's response to concerned developers has been to push the responsibility for checking receipts on to them. Apple's "best practice" for validating receipts is to "send the receipt to your server, and have your server perform the validation with the App Store server." This is something that developers haven't all been keen to do, since it requires infrastructure investment on their part that can be more than they can afford.

Borodin isn't defeated yet. The iOS6 update isn't due until autumn, and according to him there may also be a way to spoof Apple's Newsstand app. This app - used by newspapers like the New York Times - allows users to access daily magazine and news content, usually for a fee. Though Borodin has yet to prove it, he's hinted that he's found a way around the fee part of the process; now there's a happy little nightmare for the cash-strapped New York Times to chew over.

Apple still hasn't said whether or not developers affected by Borodin's hack will be compensated for their losses.

Source: Guardian

Permalink

To bad there's NO WAY he'll be able to work around that.

Wonder how much money his "hack" costs Apple.

Your picture made my ability to see what you did there far less impressive. I am dissapoint.

The newstand thing wouldn't be such a "nightmare" if damn-near everything on there wasn't a $15 a month subscription.

For a digital newspaper/magazine.

Yeah, that makes total sense.

Clearing the Eye:
Wonder how much money his "hack" costs Apple.

Depends on how you count, amount yea might be a fair amount of $//€/whatever but if you count compared to Apples income well maybe 1-2% of their monthly winnings... ;-)

Is Alexey Borodin his real name? I thought it wasn't a good idea for hackers to use their actual names, or have blogs discussing their work.

Seems kind of like being a world-famous spy.

Inb4 always online DRM for iOS.

McMullen:
Is Alexey Borodin his real name? I thought it wasn't a good idea for hackers to use their actual names, or have blogs discussing their work.

Seems kind of like being a world-famous spy.

The Russian government won't do anything to him for screwing with an American company and they certainly won't give him up to the Americans. So he's safe and sound giving out his name and blogging about it.

I say acts like this should be considered on the same level as illegal drug sales. I am not a big fan of the UN at times, but this is the type of stuff that they could be getting involved with. Pressure Russia too take action against criminals stealing others property.

LONG LIVE THE INTERNET, DOWN WITH PIRACY!!!

Gilhelmi:
I say acts like this should be considered on the same level as illegal drug sales. I am not a big fan of the UN at times, but this is the type of stuff that they could be getting involved with. Pressure Russia too take action against criminals stealing others property.

LONG LIVE THE INTERNET, DOWN WITH PIRACY!!!

You mean you want America (not the UN) to go to Russia (someone who was for a long time the enemy) and ask nicely to stop taking its things without asking.

I will say this hacker is quite hilarious, but I think a large part of it is because the target is Apple who for the longest time ran their mouth about how secure everyone of their products was.

So his Starman powerup wore off?

Gilhelmi:
I say acts like this should be considered on the same level as illegal drug sales.

It already is. That is if by the "same level" you mean a long and pointless campaign that will have no effect whatsoever on demand.

McMullen:
Is Alexey Borodin his real name? I thought it wasn't a good idea for hackers to use their actual names, or have blogs discussing their work.

Seems kind of like being a world-famous spy.

Source: Guardian
Cant trust that.

Revnak:
Your picture made my ability to see what you did there far less impressive. I am dissapoint.

I see what they did there!

http://www.youtube.com/watch?v=Tl0LZsyi_tA

NightHawk21:

Gilhelmi:
I say acts like this should be considered on the same level as illegal drug sales. I am not a big fan of the UN at times, but this is the type of stuff that they could be getting involved with. Pressure Russia too take action against criminals stealing others property.

LONG LIVE THE INTERNET, DOWN WITH PIRACY!!!

You mean you want America (not the UN) to go to Russia (someone who was for a long time the enemy) and ask nicely to stop taking its things without asking.

I will say this hacker is quite hilarious, but I think a large part of it is because the target is Apple who for the longest time ran their mouth about how secure everyone of their products was.

No, I want the UN to do it. America gets (I believe) unfairly blamed for too many things when it comes too this type of thing. Some countries (Russia included) do not give a dame if their citizens are stealing, as long as, they are not stealing from other Russians. We need too find a way in this modern age for a the UN to prosecute criminals that commit crimes in other countries, Meaning a Russian hacker hacking a server in America, could be prosecuted by the UN courts.

I still not like the UN, Far too many of the nations are run by dictators and criminals themselves. So my plan has major FLARING, flaws. I could see the UN arresting, say Americans, who were speaking out against the UN. Violating the American Constitution but the UN does not seem that concerned with Human Rights. I see the problem with my plan, but someday we will have to figure something out.

This subject needs a great deal more thought.

 

Reply to Thread

Log in or Register to Comment
Have an account? Login below:
With Facebook:Login With Facebook
or
Username:  
Password:  
  
Not registered? To sign up for an account with The Escapist:
Register With Facebook
Register With Facebook
or
Register for a free account here