Nokia Engineer Shares How to Pirate Games From Windows 8 Store
December 11, 2012 12:44 PM
comment(s) - last by
Microsoft is not going to be happy about this
, an engineer working on Finnish phonemaker Nokia Oyj.'s (
) Windows Phone team, has made the curious decision of going public with details of security flaws in partner Microsoft Corp.'s (
) Windows 8, which allow users to pirate games.
Windows 8 users can grab games via
. Paid titles typically come with a "Trial" option, which allow users to play a level or two of the game, before being prompted to purchase the title if they want to keep playing. The trial process is controlled by a Microsoft API.
But Mr. Angel reveals a fatal flaw in the scheme: Microsoft stores the key/hash in plaintext and the algorithm to encrypt/decrypt the data next to the app itself. In other words, while not for the novice, power users can write small programs to decrypt the program's permissions, write new permissions to make the game look legitimately purchased, and then re-encrypt the permissions.
By exploit the flaws users cannot only get games for free, but they can rid themselves of ads, albeit in a somewhat unethical manner.
Cut The Rope
Microsoft Windows Store apps are vulnerable to piracy due to poor security implementation. [Image Source: ZDNet]
The flaws are a big deal as they could rob developers of essentially every way to monetize their content on Windows Store. Microsoft has not yet responded on these issues.
Mr. Angel's page has been overloaded with traffic (or maybe yanked after Nokia brass realized what he posted) and is
. However, a cached version is
. Just remember, readers, every time you pirate a game another kitten dies.
On his Twitter account, responding to criticism about the post he writes, "These are fundamental flaws in the app platform, not individual apps. No secure storage, no wrote protection, etc.... Offline activation & execution mandate secure local storage. That's how apps differ from fully connected web pages."
The issues echo those of Apple, Inc. (
experienced rampant piracy
in the early days of the Mac App Store, due to poor rights management implementation. The take-home message is that it's a lot harder to manage apps on a personal computer, where users have full access to the files, versus on a smartphone, where user access to the file system is limited.
Justin Angel [Google Cache]
This article is over a month old, voting and posting comments is disabled
RE: Who cares?
12/12/2012 12:48:10 PM
Umm...are you aware that this article is NOT about Windows Phone? It's mainly a flaw in Windows 8 functionality...Reading comprehension fail...
RE: Who cares?
12/12/2012 11:24:03 PM
thats apple fanboy's level, please forgive his stupidity
"We are going to continue to work with them to make sure they understand the reality of the Internet. A lot of these people don't have Ph.Ds, and they don't have a degree in computer science." -- RIM co-CEO Michael Lazaridis
Microsoft to Give Windows Store Developers More Money Than Competitors
December 7, 2011, 6:01 PM
As Apple Boasts of One Million Downloads for Mac App Store, Piracy Already a Problem
January 7, 2011, 11:00 AM
Windows 10 on Raspberry Pi, IoT Devices Sees Developer Debut
August 12, 2015, 2:41 PM
Sony Issues Bizzare "Do Not Update" Edict to VAIO PC Owners
August 11, 2015, 9:42 PM
Report: Over 25 Million Devices Upgraded to Windows 10... or Was It 67 Million?
August 7, 2015, 3:24 PM
EA Set to Milk the Star Wars Cash Cow w/ Video Games
July 31, 2015, 12:36 PM
Windows 10 to Get New Features in October Service Release 2 (SR2)
July 30, 2015, 5:50 PM
Nintendo CEO Satoru Iwata's Passing Gives the Internet the Feels
July 14, 2015, 4:48 PM
Most Popular Articles
Worth the Wait? Microsoft Teases at Windows 10 Flagship Phones to Air Oct. 6
September 15, 2015, 5:13 PM
Apple's First Fixes to iOS 9 Land w/ iOS 9.0.1 Release
September 23, 2015, 6:11 PM
Breaking Bad: How to Crash Google's Chrome Browser With Just 8 Characters
September 23, 2015, 11:08 AM
Apple Watch Commands 2 in 3 Smart Watch Sales, WatchOS 2 Sweetens the Pitch
September 20, 2015, 6:07 PM
Fakebook Pt. I: From "The Chive" to "AskMen"; How Facebook's Phonies are Born and Used
September 15, 2015, 4:00 AM
Latest Blog Posts
Sceptre Airs 27", 120 Hz. 1080p Monitor/HDTV w/ 5 ms Response Time for $220
Dec 3, 2014, 10:32 PM
Costco Gives Employees Thanksgiving Off; Wal-Mart Leads "Black Thursday" Charge
Oct 29, 2014, 9:57 PM
"Bear Selfies" Fad Could Turn Deadly, Warn Nevada Wildlife Officials
Oct 28, 2014, 12:00 PM
The Surface Mini That Was Never Released Gets "Hands On" Treatment
Sep 26, 2014, 8:22 AM
ISIS Imposes Ban on Teaching Evolution in Iraq
Sep 17, 2014, 5:22 PM
More Blog Posts
Copyright 2015 DailyTech LLC. -
Terms, Conditions & Privacy Information