Apple tries to mend iOS in-app purchasing mechanism flawJuly 16, 2012 - 15:18 AMT PanARMENIAN.Net - Apple has begun taking steps to limit the impact of a flaw in its iOS in-app purchasing mechanism that allows iDevice owners to download free in-game content, but despite its initial efforts, the service remains operational, The Next Web reports. Over the weekend, Apple began blocking the IP address of the server used by Russian hacker Alexey V. Borodin to authenticate purchases. It followed this up with a takedown request on the original server, taking down third-party authentication with it, also issuing a copyright claim on the overview video Borodin used to document the circumvention method. PayPal also got involved, placing a block on the original donation account for violating its terms of service. Apple initiated its response after Borodin published a method that allowed iDevice users running iOS 3.0+ to ‘purchase’ any kind of in-app content for free. The content could be obtained without “hacking” the device and cannot be prevented by developers using Apple’s recommended receipt signing procedures. The method for stealing this content was discovered by Borodin, who created an online service called In-Appstore.com to facilitate it. Speaking with him, he explained that the service had already processed more than 30,000 individual in-app payment requests. Blocking the original ‘attack’ route, Borodin sidestepped the authentication issue by migrating the service to a new server. Apple was able to pressure the host of the original server - which was located in Russia - into dropping Borodin’s service, but according to the Russian hacker, the new server is hosted in an offshore country in an attempt to evade Apple’s legal requests. Borodin also notes that Apple has not contacted him over the issue. Top stories Yerevan will host the 2024 edition of the World Congress On Information Technology (WCIT). Rustam Badasyan said due to the lack of such regulation, the state budget is deprived of VAT revenues. Krisp’s smart noise suppression tech silences ambient sounds and isolates your voice for calls. Gurgen Khachatryan claimed that the "illegalities have been taking place in 2020." Partner news Most popular in the section | Armenia, Turkey discuss restoration of historic bridge The meeting took place on May 17 in Ashgabat on the sidelines of an international conference of ministers of culture. India wants Armenia’s proposals on use of Chabahar port India is expecting proposals from Armenia regarding the use of Chabahar port in Iran, Indian ambassador says. EU welcomes Armenia-Azerbaijan “progress” The EU has welcomed “progress” made in the framework of the Armenia-Azerbaijan border delimitation process. Belarus opposition leader slams Lukashenko for Karabakh trip Belarusian opposition politician Sviatlana Tsikhanouskaya has harshly criticized the visit of Lukashenko to Karabakh. |