Since being caught in the crossfire between the US and China, Huawei has had to develop its own software solutions, as it has been banned from using Google. One of them is AppGallery, and it’s basically the Huawei version of the Google Play Store or Apple App Store.
AppGallery apparently has a pretty big problem, one that, according to one developer, hasn’t been fixed for months even though he reported it to Huawei in February.
This flaw allows anyone with some technical know-how and some time and willingness to put in a little effort to download and install just about any paid app from AppGallery without actually paying for it. It goes without saying that it sounds pretty bad for developers who have held out with Huawei so far.
Dylan Roussel, the developer who encountered the problem, points out that the problem is not with app developers themselves not enabling license verification on their apps, but is instead a flaw on Huawei’s part, which has remained unsolved so far. The gist is that the AppGallery API doesn’t offer any protection for paid apps.
Roussel himself was able to download and use multiple paid apps by exploiting this vulnerability. Clearly this is problematic because pirates could use the API to download large numbers of paid apps at a time, thus preventing app developers from earning what they otherwise would. We hope that Huawei will intervene soon.
Start a new Thread