Apple’s new Mac download store 'has serious security flaws'

Apple blogger John Gruber said that without proper code validation, Mac App Store downloads were easily bootlegged.

"This isn't true for apps that follow Apple's advice on validating App Store receipts. But, alas, it appears that many apps don't perform any validation whatsoever, or do so incorrectly, like Angry Birds. Angry Birds checks for a valid receipt, but doesn't check to see that the bundle ID for the receipt matches its own bundle ID," he said.

Piracy group Hackulous also claimed it had developed a program to hack the Mac store's applications.

The news follows a statement from the company claiming more than one million downloads were made in the first day of the Mac download store's launch.

"We're amazed at the incredible response the Mac App Store is getting," said Steve Jobs. "Developers have done a great job bringing apps to the store and users are loving how easy and fun the Mac App Store is."

The Mac App Store is available for Snow Leopard users through Software Update as part of Mac OS X v10.6.6.

Developers set the price for their apps and keep 70% of the sales revenue.

But Computer Weekly blogger Adrian Bridewater said it is not easy for developers to get an app on to the store. "At this stage one imagines that there will be as many tight monitoring controls in place here as there are on Apple's mobile app portal," he added.

This article was first published by Computer Weekly

What’s Hot on Infosecurity Magazine?