The IAP hack of the past few weeks allows users of iOS apps to make in-app purchases … without actually paying. The hack is essentially a DNS exploit — it fools apps running on your iPhone or iPad into thinking they’re contacting Apple’s in-app purchase servers when they actually are not. The Next Web reported that Apple has opened up a private API to developers who want to take advantage of countermeasures to prevent IAP hacks.
Please note: This hack is essentially stealing. Developers who’ve worked hard on app content that you want to use or play with deserve to be paid for it, and gaining access to that content illegitimately is wrong.
Bad news on the horizon for hackers who choose to use this exploit: As of iOS 6, the hack won’t work at all any more. “Currently game is over,” posts a developer behind the hack. “Currently we have no way to bypass updated APIs.” So when the new version of iOS arrives this fall, this kind of hack should be over and done with.
That poster does also say, however, that the hack is reportedly still working for the current OS, and the devs have “some cards in the hand.” Hacking is always a back-and-forth battle, but hopefully Apple will keep its iOS secure, and make sure that developers releasing content on the App Store are able to get paid for what they sell.
[via The Loop]
In-app purchase hack won’t work in iOS 6, say coders originally appeared on TUAW – The Unofficial Apple Weblog on Mon, 23 Jul 2012 16:44:00 EST. Please see our terms for use of feeds.