iOS6 is the latest version of software for Apple’s IPad, iPod touch and iPhone. It has a phone app that can send reminders and silence calls and texts when you are busy, it has a better version of Safari, works on something better than 3G- FaceTime, has more advanced photo sharing, a more efficient Siri who can ride in select cars and be carried on your iPad, has better Maps, Podcast apps, Facebook integration and a cool e-tickets app called Passbook that lets you carry all your e-tickets.
Stacked as it is with features and very cool built-in apps, the final launch of this mobile software is an eagerly anticipated event. But Russian researcher/hacker Alexey Borodin went and spoilt it all. Borodin exploited a weakness in the purchase process of the in-app system and was able to buy items in the app without paying a single dime. He did this by starting his own server at the time of purchase, thus bypassing the payment process completely. This is possible when the DNS information is manipulated in such a way that all requests for validation are routed to an external server.
Since the hacking-in, Apple has plugged the gap, with takedown notices of those servers that helped Borodin make his fraudulent purchases. Although the hackers have moved to different servers now, there is no way to circumvent the new security systems in place. Thus, Apple’s move has saved the company and developers a large amount of money.
Developers especially should feel slightly reassured seeing how they legalize their own software using the mechanism that runs in-apps. And the company’s unprecedented move to allow them access to the application programming interface, normally not available in the public domain, should bring cheer too.
The good news is that people who have legitimate receipts for purchases are not going to be affected by the changes because it does not connect to the server of the App Store. The company recommends that proper techniques be used to ensure the app and server are genuinely connected and post this, that the server is also valid.
Apple has responded to the problem with a stop-gap solution for developers registered on the iOS. The upcoming version of the iOS6 will have no issues with the in-apps. Here is how you can check issues in the App Store.
- Ensure that the authentication information and the payment information are a match.
- See that the SSL certificate is has extended validation (EV).
- There must be a authentic signature on the receipt you get.
- All new transactions should have a ‘unique transaction ID’.
With these steps, Apple is doing whatever it can to serve its customers and the company. Only time will tell, if the temporary solutions offered will work out. Till then, it will be a wait and watch for iOS6 that is set to debut sometime in the fall. So far, it looks as if the leak has been plugged. And that can only be good news.
Author Bio:- This article has been brought to you by http://www.xfinityonline.com, offers savings and current information on xfinity tv.