Nokia Engineer Shows How To Pirate Windows 8 Metro Apps, Bypass In-app Purchases

"The principal engineer for Nokia's WP7 and WP8 devices, Justin Angel, has demonstrated, in rather frank detail, how to pirate Windows 8 Metro apps, how to bypass in-app purchases, and how to remove in-game ads. These hacks aren't exactly easy, but more worryingly they're not exactly hard either. Angel shows that turning a trial version of a Metro app into the full version — i.e. pirating an app — is scarily simple.It's just a matter of downloading an open-source app and changing an XML attribute from 'Trial' to 'Full.' Likewise, a quick change to a XAML file can remove an app's ads. Bypassing in-app purchases is a little trickier, involving some reverse engineering of some DLLs and and decryption of database files, but Angel still makes it look fairly easy. Angel gives himself one million credits in Soulcraft, an RPG game — something that would cost you over a thousand dollars, if you performed a legitimate in-app purchase. Angel also demonstrates a way to bypass in-app purchases in WinJS (Metro/JavaScript) apps, by injecting scripts into IE10 (the rendering engine for WinJS apps). It's easy to blame Microsoft for this, but isn't this really an issue that is intrinsic to all installed applications? The fact is, Windows 8 Metro apps are stored on your hard drive — and this means that you have access to the code and data. Hex editors, save game editors, bypassing Adobe's 30-day trials by replacing DLL files, pirating Windows 8 apps — these are all just different incarnations of the same attack vectors."