Published: Fri, February 15, 2019
Electronics | By Kelly Massey

Pirates make light work of Apple security

Pirates make light work of Apple security

Some of the pirate developers were banned by Apple last week, but were reportedly back up again within days using different certificates. Since the App Store debuted in 2008, Apple has sought to portray the iPhone as safer than rival Android devices because Apple reviews and approves all apps distributed to the devices.

However, the recent revelations also highlight a clear failure on the part of Apple to police its Developer Enterprise program.

Apple confirmed a media report on Wednesday that it would require two-factor authentication - using a code sent to a phone as well as a password - to log into all developer accounts by the end of this month, which could help prevent certificate misuse.

Users who get hold of modified versions of the apps, which enables them to bypass Apple Store and having to pay for the products.

According to Reuters, Apple is not able to track the fraudulent spread of certificates or hacked apps but can cancel a certificate if they find it has been misused.

Techcrunch has discovered that hundreds of companies are distributing pornography and gambling apps to members of the public using the certificate system designed for only internal use.

End of the road for Airbus's iconic A380
The European company said it would enter into talks with unions in coming weeks over the 3,000-3,500 jobs potentially affected. But cracks in the future of the huge superjumbo jet began to form in 2016 when Airbus reduced its production rate by half.

Dozens of porn apps and illegal gambling apps sneaked into Apple's App Store by gaming its Enterprise Certificate program created to let large companies build in-house employee apps. All of them are siphoning off money from Apple and independent developers, though. Although Apple doesn't provide any specific explanation for this requirement, the timing strongly suggests that the move is directly related to the recent spate of abuses.

Apple obviously needs to address the issue as it appears that it is widespread and their program is being used to distribute adult content, pirated appsm gambling apps and more. Microsoft, which owns the hit game Minecraft, also declined to comment.

The pirated apps being circulated include Spotify, Angry Birds, Pokémon GO, and Minecraft. These distributors have found a way to access digital developer certificates meant for legitimate businesses to distribute apps to their employees en masse.

Of course, part of what makes it so hard for Google and Apple to police their own stores is the sheer scale: At the end of a year ago, Google's Play Store featured more than 2.1m apps and Apple's App Store had more than 2m.

When using an iOS device, you can usually only download apps from the App Store. Sadly, it seems like this will ultimately make life more complicated for legitimate members of the Developer Enterprise program.

Like this: