Windows RT Security Model Not Strong Enough To Protect Windows Store Apps?

Everyone knows that Windows RT is more secure than Windows 8 because of its closed nature and the app model surrounding it. Even though one cannot install unverified apps on Windows RT machines, already installed apps should be protected from hackers, etc. Recently, a Windows Phone Developer posted the above picture showing how he can hack a Windows RT game code to increase the gold coin numbers in the game. This may not sound serious to you, but the same amount of gold coins costs about $100 on Android!

The above file was in IsoStore of the game and it was even encrypted. Even though signing/verifying the data should be taken care by app itself, I think Windows RT should provide more tamper-proof application storage solution for developers as individual developers themselves can’t do all these.

What do you think?

Thanks to WP Dev for the heads up.

Comments