Mac App Store authentication glitches forcing users to reinstall apps

Mac App Store redownloading apps

As first spotted by Tweetbot developer Paul Haddad, some Mac owners are being forced to download and reinstall apps on their computer following what appears to be a security glitch in the Mac App Store.

The affected users are seeing a message saying that their app has been damaged and cannot be opened, with the prompt advising folks to download the app again from the Mac App Store.

Here’s what you can do about it.

Trouble in the Mac App Store

Many popular Mac App Store apps seem to be affected, including Acorn, Byword, Call of Duty 2, DaisyDisk, 1Password and Tweetbot.

Our own Sébastien Page has experienced this, too.

Here’s what you can do to help fix the issue:

  • Log out and then log into the Mac App Store again. Launch the Mac App Store app on your Mac, hit the Featured tab and choose Account in the Quick Links column on the right and then select Sign Out. Now sign back into the Mac App Store with your Apple ID.
  • Delete and reinstall any affected apps.
  • Rebooting your Mac might solve the issue on OS X 10.10 or later.
  • Try force-quitting the Mac App Store.

According to Tweetbot developer Paul Haddad, the security lapse might have something to do with expired receipts for authentication certification.

Outdated certificate?

As reported this morning by The Guardian, Apple has now issued a new certificate with an expiry date of April 2035, but this hasn’t helped fix the problem.

“Those who could not connect to the internet couldn’t verify the new certificate, while those who had forgotten their password or couldn’t log in to iCloud for some other reason are also unable to use the downloaded apps until they can log in to the service,” the British newspaper wrote.

These certificates are also used to protect users from the installation of malware using Apple’s developer credentials. Haddad suspects that the SHA256 encryption Apple uses for these receipts could be causing problems for Mac owners running older OS X versions.

On newer systems running OS X 10.11 El Capitan, the Mac App Store apps appear to be contacting Apple’s servers simultaneously, which could lead to a “self inflicted DDOS on Apple’s receipt generation service.”

What are receipt files?

The receipt files (commonly stored in /Library/Receipts) are just another form of a package install file. They’re created each time you install an app and are used by OS X to maintain a record of the files the installer has saved on your system.

The Mac App Store’s Software Update mechanism uses receipt files to determine if an app needs updating, whether a release is a new app or an upgrade of an existing one, to check if a given update can be installed on your system and more.

They’re also necessary for OS X’s Disk Utility to check the default permissions of files installed by updates, allowing you to repair file permissions and restore them to their default values.

Apple didn’t provide a comment at the time of this writing.

Source: Paul Haddad via The Verge