After the problems, still no resolution in sight, facing the Apple option to purchase of integrated applications for iOS, there is now another problem.
The same hacker who arquitectou bipass the certificates to purchase integrated into applications for iOS, Alexey Borodin managed to change its method for performing in-app purchases, or purchases included free of charge but now the Mac App Store.
The method is practically the same. Installs a false certificate, change the DNS intercepts the request and the payment made. The only difference is the use of an additional application called Grim Receiper.
This is definitely a security problem for Apple is getting worse and that is becoming unsustainable. Also let the programmers are in a delicate situation.
Apple has already begun to address this and resolve this hack in applications for iOS, although not as efficiently. They began to block the IP of the server as well as hacher tried to cancel the account that received grants this criminal act. The problem is that the Russian programmer moved the server to another country and changed the account to which many are making donations. [via]
For now the solution is to wait until Apple comes up with a definitive action, which has a solution that solves the problem by updating these applications that use this option. Still, a Russian hacker to give our ID, even if you have access to a "bounty" ... free is always the big question, is it worth it to spend a few euros per our information? Trust this kind of people?
Published By: Pplware
No comments:
Post a Comment