Nokia engineer speaks up about Windows 8 security flaws and how to exploit them

Aw, Nokia! The company recently known for its close embrace with Microsoft probably did not know about Justin Angel, one of its engineers, posting a full on explanation (it’s almost a tutorial) on how to pirate Windows 8 games, but it’s a funny incident. The Nokia engineer is likely to add ‘former’ to his job title as publicly explaining all the holes in the Windows 8 system and the ways one could exploit them is probably not what the company hired him for.

Still, it’s an eye-opener. Angel took the Soulcraft Windows 8 as an example for how one could easily edit the game to avoid paying for in-app purchases.

The engineer stresses that “storing encrypted data locally, alongside with the algorithm and the algorithm key/hash is a recipe for security incidents.”

Not just that, Angel also shows how easy it is to mod trial apps for full-time use and to get rid of ads in apps.

Security has historically been one of Microsoft’s weakest sides, but the company has invested huge effort to make the Windows operating system safer. Still, looking back at it starting its #droidrage hatemongering campaign against Android for its alleged (often mythical) ‘security’ problem, now seems more than ironic.

Update: And just like that, while we were writing this article, Justin Angel’s blog post and actually entire blog went down.

source: Justin Angel via TheVerge

Nokia engineer speaks up about Windows 8 security flaws and how to exploit them