Just a small bug in some apps from the MacApp Store

Lack of receipt checking could enable Mac App Store piracy
[Via The Unofficial Apple Weblog (TUAW)]

Not long after the Mac App Store opened, several warnings via Twitter began to surface. “You did implement receipt checking so that people can’t pirate your app. Yes?” developer Nik Fletcher (also one of our former writers here at TUAW) asked his followers. Ged Maheux at the Iconfactory also pointed out that he was able to run a for-pay app purchased by another person, and run it on 10.5 and 10.6.5 Macs as well — none of which should be happening, it would seem.

Receipt checking is the process that lets developers verify that the app is installed as a valid purchase by checking the embedded purchase receipt, which is included (in encrypted form) by Apple and contains the UUID of the Mac authorized to run the app. Apple did not force developers to implement a particular way of handing these receipts and as a result, some paid apps are not properly protected against piracy.

While the number of affected apps is not known — and probably very small — it’s not clear there’s anything Apple could have done to protect developers from themselves in this situation. According to veteran Mac developer Daniel Jalkut of Red Sweater Software, the burden of preventing the app from running in an unlicensed setup is on the app itself, not Apple’s receipts.


This is not Apple’s fault but the developer’s. They are the ones who have the choice of using receipt check or not. I’m sure it is an oversight of just a few apps that, in the rush to get on the site the first day, missed something important.

It does not affect the user and will probably be fixed pretty rapidly