Mac Developer: In-app purchasing exploit discovered for OS X apps
In-app purchasing exploit discovered for OS X apps: "Coming on the heels of Apple's attempts to plug an iOS in-app purchasing exploit, the latest being a developer support document released on Friday, a similar workaround has reportedly been found for desktop programs running on OS X."
Not if you checked the fingerprints of the certificates used to sign the receipt. You know, like code generated by Tighten Pro.
Labels: mac app store, receipt, validation