New services take the lead from hackalous, allow pirated iOS app installs

[javagreen]

Late last year, the closure of the uber-popular Installous marked the end of a promiscuous era in iOS app piracy. Now, several new services are on the rise that are filling the gap and offering easy installation of pirated apps, even on devices that have not been jailbroken.

The two that have risen to the forefront are Zeusmos and Kuaiyong. While the former has been around for a few months, it has gained significant steam since the exit of Installous. The latter has appeared seemingly from nowhere over the past couple of weeks.

Both of these services are dangerous for app developers because they offer simple, one-tap installs of pirated apps and do not require that devices have been jailbroken in order to do so. This is an enormous problem, as it opens up the arena for their use from the relatively small fraction of users with jailbroken devices ? as was the case with Installous ? to any unscrupulous users of iPhones and iPads.

If you?re looking to steal apps from developers ? lets not kid ourselves about what?s happening here ? it is now easier than ever to do so.

Source : TheNextWeb

[CPressland]

Thats a shame :(

[n_K]

I just looked them up and the latter one works on non-jailbroken devices...

How the hell does that work :s

[javagreen]

The source says these are just two of the most used, there are more coming up faster than ever :pinch:

[n_K]

Just watched a video of some guy using it on a non-jailbroken device on iOS 6... Starting to make me think iOS really isn't anywhere near as secure as I thought it was :/

[Guth]

Just watched a video of some guy using it on a non-jailbroken device on iOS 6... Starting to make me think iOS really isn't anywhere near as secure as I thought it was :/

me too! I never realised this could be done on non-jailbroken devices! Although I don't agree with what they are doing, you gotta hand it to them that the guys who work these out are really clever and good at what they do.

shame they can't put their talents to better use

[Glassed Silver]

This has less to do with security than with app certification.

These guys abuse the profile certification process, which enables developers to hand out profiles to install beta version of apps that haven't been released to the App Store due to the nature of wanting to only release tested versions to a store and the faster process of delivery.

It's also a method for devs themselves to try their apps.

The fee is due to the need to issue these certificates of which there isn't infinite number I guess (never really looked into that too much).

So they are basically cracking the apps and issuing them like beta versions of their own software to iOS.

It's not really stoppable without cutting deeply into developer's interests to deliver beta versions in a straightforward way.

Some Cydia tweaks can be installed in such a way from alternative stores to unjailbroken devices, although not everything is possible due to the lack of superuser access (so some tweaks won't be able to access APIs and system functions that are locked away from the user mobile as opposed to root), which isn't needed for cracked App Store apps to work btw.

(that would be insane)

Now, jailbroken devices obviously don't need the certificates due to the nature of enabling bypassing the anti-piracy mechanisms directly.

Glassed Silver:win

[migo]

Thanks for the explanation. I was wondering how that worked.

Hypothetically, devs could choose to release their software directly then, and presumably would pay Apple less for the beta certs than the 30% cut?

[SMELTN]

This has been going on for quite a while now, but now I see it as becoming a serious problem because its being pushed in the spot light. Which means a ton of other people are going to create the same thing and continue until Apple locks things down even more

[Draconian Guppy]

vpass appcake etc.. are better alternatives for hacklous.

[Glassed Silver]

Thanks for the explanation. I was wondering how that worked.

Hypothetically, devs could choose to release their software directly then, and presumably would pay Apple less for the beta certs than the 30% cut?

As I said, it's limited and if I'm not mistaken to create such certificates you need some money.

So no, also devs know that people don't look beyond the App Store for apps.

So if the 30% annoys you, you should be annoyed a lot more by the way lower amount of sales, server costs, more marketing costs, taking a big hit in customer trust (does he/she not release to the App Store for a particular reason?!)

If you're keen on the money, go for the App Store. :)

Glassed Silver:ios