Apple is getting good news and bad news about its new Mac App Store. The good news is that more than one million apps -- free and paid -- were downloaded on opening day. The bad news is hackers are invading.
Apple announced the Mac App Store's opening on Thursday. It launched with more than 1,000 apps for Mac OS X Snow Leopard users. The store offers apps in categories such as education, games, graphics and design, lifestyle, productivity and utilities.
"We're amazed at the incredible response the Mac App Store is getting," said Apple CEO Steve Jobs. "Developers have done a great job bringing apps to the store, and users are loving how easy and fun the Mac App Store is."
It's not clear if Jobs is equally amazed at the hack attacks -- and so quickly after the store launched. News reports tell the story of a group known as Hackulous that has developed a program to break the protection in the applications hosted on the new Apple store. Dubbed Kickback, Hackulous plans to release the code to the masses at some point.
"We're not going to release Kickback until well after the store's been established. We don't want to devalue applications and frustrate developers," Dissident, a spokesperson for Hackulous, told the BBC.
Other reports cite the ability to run paid apps downloaded from the Mac App Store for free in some cases by copying and pasting in a receipt number from a free app. Chester Wisniewski, a senior security adviser at Sophos, said application developers like Angry Birds, one of the most popular apps, appear to have ignored Apple's advice on validating App Store receipts before launching.
Focus on Mac Security
"While this clearly should be a concern for Mac App Store developers who don't want their software stolen, and of course Apple, who does not want to lose out on App Store revenue, it also raises some security concerns around how applications are validated as coming from the App Store," Wisniewski said.
"In the past, we saw that the primary reason many people chose to jailbreak their iPhones was to acquire pirated applications that they would otherwise have purchased from the App Store. With no validation mechanism in place, this left their iPhones vulnerable to malware and Trojanized versions of these off-market downloads."
Will the Mac App Store lead to the same problem? Wisniewski says there's no doubt that some Mac users will succumb to the temptation of Googling to acquire these apps, games and utilities at no cost. The problem is, some apps downloaded from the App Store can easily be modified to include any sort of executable code.
"Mac OS X users should be as cautious as ever about programs they download from the Internet. The Mac App Store may introduce you to interesting new programs you would like to run on OS X without paying, but you should always be cautious of getting something for nothing," Wisniewski said. "Someone who claims to provide you with paid applications for free may not simply give you a free program -- they may give you an unwanted infection."