Mac App Store devs need careful code validation, otherwise downloads can be copied

John Gruber of Daring Fireball reports that Mac apps whose developers didn't follow Apple's advice on validating apps (link for registered Apple developers) can easily be copied by users. Gruber notes if Mac App Store developers are following Apple's advice, the technique for using a copied app won't work, but many apps aren't following that advice. He suggests Apple test for this in their review process and reject apps that are vulnerable.

Sean Christmann explains on his blog, CraftyMind, how developers can better protect themselves against copying apps. He recommends hard-coding receipt bundle identifier and version identifier strings into applications rather than depending on strings in an app's info.plist file, because that file is easy to find and duplicate. You may read that "the Mac App Store has been hacked," but the instructions floating around out there aren't how to "hack" the App Store; they're how to steal certain apps if a developer didn't follow the guidelines well.

Devs, check your code. Users, support developers. This is new for everyone. It's certainly a very interesting time for software delivery models -- putting indie developers on the same shelf space as Fortune 500 companies -- and there are bound to be hiccups along the way.