The hacker who found the way to bypass the in-app purchase mechanism on iOS has now admitted that Apple has closed the bypass path!
Apple had so much trouble when it heard that its in-app purchasing system had been compromised, and was bypassed easily to enable some additional features of the apps! The company had promised to fix it in iOS 6 and the problem was believed to be on the OS front, that allows users to download in-app purchases from iOS apps for free without the need to even jailbreaking the iOS device.
Apple has come up with a temporary fix for the issue and their dev team has got some more time to work on the fix when the next version of OS releases this fall. The solution has been proposed by a Russian hacker, Alexey Borodin a week ago.
Apple has taken several steps so far to block the hack:
- The original YouTube video of the hack has been taken down and also Borodin’s PayPal account has been blocked and his site’s servers had to be moved after the original hosting provider denied service responding to Apple’s requests.
- Additionally Apple is also blocking Borodin’s server IP addresses to hinder the authentication process after the in-app purchase.
- Apple also added UDIDs for increased security to block the in-app purchase hack.
As this fix is temporary, It seems that Apple will be maintaining it “operational” until the valid iOS 6 fixes it permanently. In lieu of the discrepancy the following note has been made on iOS developers site:
“A vulnerability has been discovered in iOS 5.1 and earlier related to validating in-app purchase receipts by connecting to the App Store server directly from an iOS device. An attacker can alter the DNS table to redirect these requests to a server controlled by the attacker. Using a certificate authority controlled by the attacker and installed on the device by the user, the attacker can issue a SSL certificate that fraudulently identifies the attacker’s server as an App Store server. When this fraudulent server is asked to validate an invalid receipt, it responds as if the receipt were valid.”
I would now suggest the users of iOS to review new documentation about the In-App Purchase Receipt Validation that will ensure that will ensure that your app is no more vulnerable. I would say Apple has reacted in a positive way fixing the issue though it may be temporary. Let us hope it overcomes all such discomforts in iOS 6. As though now it has been fixed “Have a Smile”.
Source: The Verge