
Apple's Ability to Deactivate Malicious App Store Apps - nickb
http://www.macrumors.com/2008/08/06/apples-ability-to-deactivate-malicious-app-store-apps/
======
jrockway
I like their almost-but-not-quite JSON format.

I am also looking forward to the next version of OS X. No more free software,
just DRM's apps from the app store. Computing bliss!!111!

------
LogicHoleFlaw
If they really want to test this ability, just set up a DNS proxy to your own
server... it looks trivial to spoof.

~~~
stcredzero
If they're competent, then the deactivation tokens would have to be signed.
They're using SSL encryption for this?

~~~
LogicHoleFlaw
The file at the current link, which supposedly disables a test app, is just a
plaintext JSON-like file. No tokens or encryption or anything like that.

~~~
stcredzero
Yes, but you should be able to use SSL to verify the certificate.

