Nokia Engineer Shares How to Pirate Games From Windows 8 Store
December 11, 2012 12:44 PM
comment(s) - last by
Microsoft is not going to be happy about this
, an engineer working on Finnish phonemaker Nokia Oyj.'s (
) Windows Phone team, has made the curious decision of going public with details of security flaws in partner Microsoft Corp.'s (
) Windows 8, which allow users to pirate games.
Windows 8 users can grab games via
. Paid titles typically come with a "Trial" option, which allow users to play a level or two of the game, before being prompted to purchase the title if they want to keep playing. The trial process is controlled by a Microsoft API.
But Mr. Angel reveals a fatal flaw in the scheme: Microsoft stores the key/hash in plaintext and the algorithm to encrypt/decrypt the data next to the app itself. In other words, while not for the novice, power users can write small programs to decrypt the program's permissions, write new permissions to make the game look legitimately purchased, and then re-encrypt the permissions.
By exploit the flaws users cannot only get games for free, but they can rid themselves of ads, albeit in a somewhat unethical manner.
Cut The Rope
Microsoft Windows Store apps are vulnerable to piracy due to poor security implementation. [Image Source: ZDNet]
The flaws are a big deal as they could rob developers of essentially every way to monetize their content on Windows Store. Microsoft has not yet responded on these issues.
Mr. Angel's page has been overloaded with traffic (or maybe yanked after Nokia brass realized what he posted) and is
. However, a cached version is
. Just remember, readers, every time you pirate a game another kitten dies.
On his Twitter account, responding to criticism about the post he writes, "These are fundamental flaws in the app platform, not individual apps. No secure storage, no wrote protection, etc.... Offline activation & execution mandate secure local storage. That's how apps differ from fully connected web pages."
The issues echo those of Apple, Inc. (
experienced rampant piracy
in the early days of the Mac App Store, due to poor rights management implementation. The take-home message is that it's a lot harder to manage apps on a personal computer, where users have full access to the files, versus on a smartphone, where user access to the file system is limited.
Justin Angel [Google Cache]
This article is over a month old, voting and posting comments is disabled
RE: Question of ethics
12/12/2012 5:52:11 AM
I think the problem is that Microsoft is now executing so poorly that one hand does not know what the other is doing. Some departments at Microsoft probably know about the issue, but there's no way to get the information through to the other side and get this actioned. Most likely a result of corporate red tape and cover-my-ass tactics.
One more reason for Mr. Ballmer to go. He's such a liability, having all the resources in the world and failing almost every time. He'll drive what once was the biggest and most innovative company in the world into the ground.
You would agree with me if you ever tried developing on Windows Phone 7. What a sorry excuse for a developer portal their app hub was. It was so slow I suspect it was hosted on the Ballmer's grandma old laptop in the garden shed. Constant crashes and data losses. Confusing interface that would give you alarming messages after you clicked anything, and give you no way to undo. People were screaming and moaning at them to fix it for months. Nothing changed. Total silence. If I was Ballmer I would fire the guy responsible for that failure on the spot. Yet they needed 1.5 years to realize that it's broken and improve it (slightly) to its current state.
Billions of dollars and hundreds of software engineers not enough to create and host a webpage with a few forms? Only at Microsoft.
"So if you want to save the planet, feel free to drive your Hummer. Just avoid the drive thru line at McDonalds." -- Michael Asher
Microsoft to Give Windows Store Developers More Money Than Competitors
December 7, 2011, 6:01 PM
As Apple Boasts of One Million Downloads for Mac App Store, Piracy Already a Problem
January 7, 2011, 11:00 AM
Apple Replaces “FREE” Label with “GET” on App Downloads in iTunes App Store
November 19, 2014, 5:38 PM
Apple Releases OS X 10.10.1 Yosemite, iOS 8.1.1 Updates
November 17, 2014, 1:43 PM
Microsoft Rolls Out $199 “Work & Play Bundle” for Its Subscription Services
November 11, 2014, 11:18 AM
LG to Initiate Lollipop Upgrades for G3 Users in Poland This Week
November 10, 2014, 8:20 AM
Office for iPad Now Free to Use for All, Microsoft Readies Android Tablet Version
November 6, 2014, 10:06 AM
Quick Note: Lollipop Coming to HTC One M7, M8 Within Three Months
November 5, 2014, 10:32 AM
Most Popular Articles
Austrian Pilots Call Surface 3 Pro Flight Bag a "Dream Come True"
November 14, 2014, 2:00 PM
U.S. Marshals Using Fake, Airplane-based Cell Towers to Scan Cell Phones of Americans
November 14, 2014, 9:05 AM
Wal-Mart: Miss Thanksgiving, Get Xbox One + Master Chief Collection for $299
November 17, 2014, 9:40 PM
Nokia Explores Two Paths Back to the Smartphone Market
November 14, 2014, 9:05 PM
Microsoft: All* Lumias Will Get Windows 10; Adds Real-Time Battery Live Tile
November 13, 2014, 6:32 PM
Latest Blog Posts
Costco Gives Employees Thanksgiving Off; Wal-Mart Leads "Black Thursday" Charge
Oct 29, 2014, 9:57 PM
"Bear Selfies" Fad Could Turn Deadly, Warn Nevada Wildlife Officials
Oct 28, 2014, 12:00 PM
The Surface Mini That Was Never Released Gets "Hands On" Treatment
Sep 26, 2014, 8:22 AM
ISIS Imposes Ban on Teaching Evolution in Iraq
Sep 17, 2014, 5:22 PM
Space Terrorism is a Looming Threat For the United States
Apr 23, 2014, 7:47 PM
More Blog Posts
Copyright 2014 DailyTech LLC. -
Terms, Conditions & Privacy Information