A new article recently hit the net entitled “Hacking Windows 8 Games”. No game developer wants to hear this kind of article make its way to the net, so it isn’t too surprising that the site now says “Server offline. Please come back later”. I have a strong feeling it is more than just server trouble that resulted in this site disappearing shortly after the dubious post.
The article detailed a way to get free in-game gold from action-RPG SoulCraft and also detailed the existing hack of how to turn free trial games into a full version of the game, without paying a dime. Other “tricks” mentioned include the removal of in-app banner ads, which will work with both games and other Windows Store apps that use advertising.
All this is interesting, but that’s not even the real kicker. This was all done by Justin Angel, a Nokia employee. Angel adds at the end of the now-offline article:
We’ve seen a myriad of issues and offered potential fixes to them all. Any mildly competent developer can productize these security attack vectors into shipping products. If Microsoft doesn’t take it upon itself to fix these security attack vectors it’s not because it couldn’t, it’s because it chooses not to.
While it sounds like Angel was more trying to make a point about security flaws than anything else, that’s what happened. Instead an employee of Microsoft’s closest Windows Phone ally released information on how to hack and steal from the Windows Store. Needless to say, Nokia is probably now short one employee.
I understand that there are security flaws in Microsoft’s Windows Store and new Start UI, but there are certainly more constructive and less stupid ways to address them then this. What do you think of Justin Angel posting this information?