Nokia Engineer Shares How to Pirate Games From Windows 8 Store
December 11, 2012 12:44 PM
comment(s) - last by
Microsoft is not going to be happy about this
, an engineer working on Finnish phonemaker Nokia Oyj.'s (
) Windows Phone team, has made the curious decision of going public with details of security flaws in partner Microsoft Corp.'s (
) Windows 8, which allow users to pirate games.
Windows 8 users can grab games via
. Paid titles typically come with a "Trial" option, which allow users to play a level or two of the game, before being prompted to purchase the title if they want to keep playing. The trial process is controlled by a Microsoft API.
But Mr. Angel reveals a fatal flaw in the scheme: Microsoft stores the key/hash in plaintext and the algorithm to encrypt/decrypt the data next to the app itself. In other words, while not for the novice, power users can write small programs to decrypt the program's permissions, write new permissions to make the game look legitimately purchased, and then re-encrypt the permissions.
By exploit the flaws users cannot only get games for free, but they can rid themselves of ads, albeit in a somewhat unethical manner.
Cut The Rope
Microsoft Windows Store apps are vulnerable to piracy due to poor security implementation. [Image Source: ZDNet]
The flaws are a big deal as they could rob developers of essentially every way to monetize their content on Windows Store. Microsoft has not yet responded on these issues.
Mr. Angel's page has been overloaded with traffic (or maybe yanked after Nokia brass realized what he posted) and is
. However, a cached version is
. Just remember, readers, every time you pirate a game another kitten dies.
On his Twitter account, responding to criticism about the post he writes, "These are fundamental flaws in the app platform, not individual apps. No secure storage, no wrote protection, etc.... Offline activation & execution mandate secure local storage. That's how apps differ from fully connected web pages."
The issues echo those of Apple, Inc. (
experienced rampant piracy
in the early days of the Mac App Store, due to poor rights management implementation. The take-home message is that it's a lot harder to manage apps on a personal computer, where users have full access to the files, versus on a smartphone, where user access to the file system is limited.
Justin Angel [Google Cache]
This article is over a month old, voting and posting comments is disabled
RE: Question of ethics
12/13/2012 6:54:39 AM
Stupid is as stupid does. He could have leaked it anonymously. There are dozens of hacker mailing lists where vulnerabilities can be quickly distributed and publicised to programmers. Note: I didn't say he "should have". His employment contract probably stipulates what happens in scenarios like this where an employee acts contrary to Nokia's interests. This likely applies whether or not the vulnerabilities were already public knowledge.
"Nowadays you can buy a CPU cheaper than the CPU fan." -- Unnamed AMD executive
Microsoft to Give Windows Store Developers More Money Than Competitors
December 7, 2011, 6:01 PM
As Apple Boasts of One Million Downloads for Mac App Store, Piracy Already a Problem
January 7, 2011, 11:00 AM
Amazon to Launch "Kindle Worlds" for Fan Fiction Writers
May 22, 2013, 12:00 PM
EA Dev: Nintendo is "the Walking Dead"; Wii U is "Crap"
May 20, 2013, 11:27 AM
Sony Officially Announces Gran Turismo 6
May 16, 2013, 10:24 AM
Windows 8.1 Will Be Free; Microsoft Holds Onto Struggling ARM Variant
May 14, 2013, 2:57 PM
Report: 59 Million Windows 8 Devices Have Been Activated Since Launch
May 13, 2013, 3:33 PM
Quick Note: Windows 8.1 Public Preview Coming in June
May 7, 2013, 6:32 PM
Most Popular Articles
High School Student Creates Storage Device that Can Charge in 20 Seconds
May 20, 2013, 6:51 AM
Apples Tries to Use Decade-Old Patents to Ban Samsung Galaxy S IV
May 22, 2013, 3:00 PM
NASA Awards $125,000 Grant for 3D Printed Food on Long-Term Space Travels
May 21, 2013, 1:32 PM
Microsoft Announces Voice-Controlled "Xbox One"
May 21, 2013, 12:55 AM
Cure For Baldness Could Be on Store Shelves within Two Years
May 22, 2013, 8:29 AM
Latest Blog Posts
Lumosity: Does it Work?
May 22, 2013, 8:20 PM
Quick Note: Sony "Teases" PS4 Ahead of Xbox Reveal in New Video
May 20, 2013, 12:33 PM
Nokia Introduces Instagram-Like App of Its Own to Help Lumia Sales
May 20, 2013, 7:10 AM
Parents of Pre-Teen Drivers Commonly Practice Distracted Driving Says Study
May 9, 2013, 7:16 AM
Apple's iOS 7 Running Into Internal Delays Due to Massive Overhaul
May 1, 2013, 4:26 PM
More Blog Posts
Copyright 2013 DailyTech LLC. -
Terms, Conditions & Privacy Information