A new article recently hit the net entitled “Hacking Windows 8 Games”. No game developer wants to hear this kind of article make its way to the net, so it isn’t too surprising that the site now says “Server offline. Please come back later”. I have a strong feeling it is more than just server trouble that resulted in this site disappearing shortly after the dubious post.

The article detailed a way to get free in-game gold from action-RPG SoulCraft and also detailed the existing hack of how to turn free trial games into a full version of the game, without paying a dime. Other “tricks” mentioned include the removal of in-app banner ads, which will work with both games and other Windows Store apps that use advertising.

All this is interesting, but that’s not even the real kicker. This was all done by Justin Angel, a Nokia employee. Angel adds at the end of the now-offline article:

We’ve seen a myriad of issues and offered potential fixes to them all. Any mildly competent developer can productize these security attack vectors into shipping products. If Microsoft doesn’t take it upon itself to fix these security attack vectors it’s not because it couldn’t, it’s because it chooses not to.

While it sounds like Angel was more trying to make a point about security flaws than anything else, that’s what happened. Instead an employee of Microsoft’s closest Windows Phone ally released information on how to hack and steal from the Windows Store. Needless to say, Nokia is probably now short one employee.

I understand that there are security flaws in Microsoft’s Windows Store and new Start UI, but there are certainly more constructive and less stupid ways to address them then this. What do you think of Justin Angel posting this information?

[ source ]

Related Posts

Brace for impact! It looks like Microsoft may have had enough of the Edge adventure, as a...

Looks like Microsoft is aiming big! The company is said to be working on Windows Lite, an...

Say goodbye to the old classic Microsoft Office icons, which sported a big bold letter with...

  • dst

    I hope he’s not fired fired. Stuff happens.

  • http://twitter.com/andrew_a_west Andrew Allen West

    I say as long as he’s not being charged criminaly, and he did not do it on Nokia’s time then @nokia #nokia should #buttout

  • http://profiles.google.com/olavamjelde Olav Alexander Mjelde

    I think he will get punished enough on the interwebz… (This will hunt him on Google for ever). He should have contacted MS directly, I dont know if they too give out prizes like others too. (like if you tell a big vendor: hey, I know a hack for your system), some of them pay you top dollars for the hack-tip and they get to fix it. Then everyone is happy!

  • Cravon

    Well, he’s found a problem, but it has nothing to do with Microsoft. That is the developers’ choice to store information like that in an insecure location. Windows 8 provides a secure storage mechanism to put this kind of information in. If they choose not to use it, it’s not Microsoft’s fault. I’m so sick and tired of people trying to blame everything on Microsoft. Get a grip.

    • Shahab Abbaszadeh

      I agree with you Cravon.

  • http://www.skyledavis.com/ S. Kyle Davis

    I’m sorry, but he should be reprimanded. Perhaps not fired, but it wouldn’t surprise me. Nokia doesn’t need this kind of press right now, because anything that hurts Microsoft’s platform ultimately hurts them. The execs at Nokia get that and repeat that refrain often. At least it wasn’t about flaws in WP8 games! That would really have been embarrassing. And I do agree that this does seem to be a developer problem, not a Microsoft problem. However, if he wanted to release this information, there are ways to do so without it doesn’t obviously point right back to him. That’s career suicide. If he keeps his job, he’s lucky. Post on an anonymous forum if you’re so determined to post about that.

  • http://imadalin.ro/ Madalin Ignisca

    I think he should be paid big bucks for revealing the stupidity of others