A Nokia engineer has posted an explanation on how to hack Windows 8 games.
Justin Angel, who currently works on Windows Phone 7 and Windows Phone 8 implementation in Nokia Lumia devices, recently posted a step-by-step guide on his blog (server offline at the time of writing) where he explained that the "use of innate Windows 8 security attack vectors" can allow a person with admittedly advanced knowledge to "compromise Windows 8 games revenue stream".
The issue is potentially major (and worrisome) for developers who have delivered titles to Microsoft's Windows Store. As Angel points out, games account for "51 per cent of developer revenue on every mobile developer platform". Applying that same logic to the desktop, Angel believes that game developers stand to be quite popular in the Windows PC environment.
It's worth noting that Angel's hack, which can be completed in five multipart steps, does not necessarily highlight a security flaw that would leave users vulnerable. Instead, the hack shows the way in which hackers can get a paid game for free because of inherent flaws in the way in which apps are stored and handled by Windows 8.
Trial apps, which are offered for free with limited functionality until gamers pay the full amount, were especially troublesome for Angel:
Trial apps will likely be adopted by around 50 per cent of Windows 8 games. We've seen how the trial licenses are stored in the Tokens.dat file and how easy it is to edit it. The real problem here is that trial apps are downloaded to the client machine with the full unlocked logic embedded in them. One way to fix this issue would be to have developers build two app packages (one limited-functionality trial package and one full-functionality package), and have those secured by the Windows 8 store purchasing system.
This is by no means the first time we've seen issues with the handling of revenue streams in application stores. Earlier this year, in fact, an iOS hack was discovered that allowed users to sidestep paying for in-app virtual items. That issue was quickly patched by Apple.