updated 06:20 am EST, Sat January 1, 2011
Tobias posts code to assist developers secure apps
Tobias, the white hat hacker who recently revealed a proof-of-concept crack for the copy protection on Windows Phone 7 apps has taken steps to develop a solution for his own hack. His FreeMarketplace code (only 65.5kb in size) took only about 6 hours to develop, but in the process demonstrated how easily the Microsoft's app DRM copy-protection for WP7 could be stripped. The crack was not intended to harm the WP7 Marketplace, but was intended as a critique of Microsoft's seemingly lax security. To help protect developers in the interim, while Microsoft develops its own solution, Tobias has posted code that developers can deploy in their apps to help protect them from piracy.
In his most recent post, Tobias states that, "The code and the guides [posted] here will not stop [WP7] piracy...there might be one or two who can still break [developers] security measures by hand but the masses won't be able as there is no generic tool available." The danger of the unpublished FreeMarketplace crack is that it uses automation, making it easy to defeat the DRM in all of the 5,000 or so apps that populate the WP7 Marketplace. The code that Tobias has posted as a partial solution removes the automation from his FreeMarketplace crack. Thus, the threat of large-scale piracy has been averted for developers who integrate Tobias' code into their apps.
While the new countermeasure is not a true fix for the security vulnerability in the WP7 Marketplace, it does offer a measure of security until Microsoft is able to develop and more complete and secure solution to prevent its app DRM from being so easily circumvented. [via WPCentral]