Apple tries to mend iOS in-app purchasing mechanism flawJuly 16, 2012 - 15:18 AMT PanARMENIAN.Net - Apple has begun taking steps to limit the impact of a flaw in its iOS in-app purchasing mechanism that allows iDevice owners to download free in-game content, but despite its initial efforts, the service remains operational, The Next Web reports. Over the weekend, Apple began blocking the IP address of the server used by Russian hacker Alexey V. Borodin to authenticate purchases. It followed this up with a takedown request on the original server, taking down third-party authentication with it, also issuing a copyright claim on the overview video Borodin used to document the circumvention method. PayPal also got involved, placing a block on the original donation account for violating its terms of service. Apple initiated its response after Borodin published a method that allowed iDevice users running iOS 3.0+ to ‘purchase’ any kind of in-app content for free. The content could be obtained without “hacking” the device and cannot be prevented by developers using Apple’s recommended receipt signing procedures. The method for stealing this content was discovered by Borodin, who created an online service called In-Appstore.com to facilitate it. Speaking with him, he explained that the service had already processed more than 30,000 individual in-app payment requests. Blocking the original ‘attack’ route, Borodin sidestepped the authentication issue by migrating the service to a new server. Apple was able to pressure the host of the original server - which was located in Russia - into dropping Borodin’s service, but according to the Russian hacker, the new server is hosted in an offshore country in an attempt to evade Apple’s legal requests. Borodin also notes that Apple has not contacted him over the issue. Top stories Yerevan will host the 2024 edition of the World Congress On Information Technology (WCIT). Rustam Badasyan said due to the lack of such regulation, the state budget is deprived of VAT revenues. Krisp’s smart noise suppression tech silences ambient sounds and isolates your voice for calls. Gurgen Khachatryan claimed that the "illegalities have been taking place in 2020." Partner news Most popular in the section | Scholz hopes Armenia-Azerbaijan peace treaty will be signed this year German Chancellor Olaf Scholz hopes that a peace treaty between Armenia and Azerbaijan will be signed this year. Armenia, Russia discuss life extension of Metsamor nuclear plant Issues regarding the extension of life of the 2nd power unit of the Armenian Nuclear Power Plant were discussed in Yerevan. Armenians stage more campaigns against territorial concessions to Azerbaijan Protesters blocked more roads across Armenia on Friday, April 26 in continuing attempts to scuttle territorial concessions to Azerbaijan. Czech-Armenian military cooperation discussed in Yerevan A delegation led by the Director General for the Industrial Cooperation Division of the Ministry of Defence of the Czech Republic visited Armenia. |