Windows Phone vs BlackBerry

UK Windows Phone users may go above BlackBerry's

Developer news!

Respond to customer reviews

all of the apps

Windows Phone Store passes 300,000 app milestone

GDR1 Coverage

The new Live Tile for the Windows Phone Store

Windows Phone News

5.8 million Lumia smartphones sold this last quarter

From the Forums

What made you buy Windows Phone in the first place?

WPCentral News

Are you buying a new Windows Phone soon or waiting for new hardware?


iOS App Store vs Windows Phone Store in 2014 – How do they compare?


Hotel Tonight app debuts on Windows Phone, special promo code available


Nokia Windows Phone apps are now published under 'Microsoft Mobile Oy'

Windows Phones

The journey of the Windows Phone platform and state of the ecosystem


Microsoft launches official #wpdev Windows Phone 8 app for developers


Low memory devices lead Windows Phone downloads, games are most popular category

From the Forums

What are your top five most wanted Windows Phone 8.1 apps?

Windows Phone News

Lumia 630 now available in Russia, Lumia 930 up for pre-order

Windows Phone News

Danal opens up mobile operator billing for Windows Phone Store

Windows Phone News

Do you automatically update your apps on Windows Phone 8.1?


Windows Phone 8.1 reportedly closes ‘Fiddler loophole’ for installed OEM exclusive apps


Dear developers: Please start using changelogs for Windows Phone 8.1 apps

How To

Re-installing apps and games with Windows Phone 8.1 is now easier, here's how

< >

Windows Phone Store weakness makes exclusive apps accessible to all, we explain how

Earlier today, we reported on a Windows Phone Store weakness allowing savvy users to download Nokia-exclusive applications onto non-Nokia hardware (well, try to at least, as often those apps are API dependent). But we did a little more digging and discovered the weakness doesn't just cover Nokia apps. You can manipulate the Store into providing any device or operator-exclusive app for your device.

The root cause appears to lie in the fact that the Store makes app metadata and availability decisions based on URL query parameters that are sent via HTTP and can easily be tampered with. For example, when viewing Samsung’s exclusive RSS Times app a Nokia device, your Windows Phone makes a request similar to the one below:

GET /v8/catalog/apps/e7fd6b61-a095-4b06-9fba-005cc9b09267?os=8.0.10211.0&cc=US&oc=&lang=en-US&hw=234879123&dm=RM-820_nam_canada_246&oemId=NOKIA&moId=TRF-US&cf=99-1 HTTP/1.1

Upon receipt of this request, the Store responds with a bunch of XML-formatted data describing the requested app. One of the elements in the reply – isAvailableInStore – controls the visibility of the Install button in the Store app. In this case, because we told the Store we’re using a Nokia-branded device (see the oemId parameter?), a Boolean false is returned. The Install button is disabled; we can’t install the app.

But what if we replaced that oemId value with say, SAMSUNG?

Using the Fiddler Web Debugger and a simple AutoResponder rule, we successfully spoofed a Samsung Windows Phone and installed RSS Times with no problems.

It’s not immediately clear how Microsoft will respond to this issue. We suspect Microsoft can remotely reconfigure Store app behavior, forcing communication through more secure means (e.g. HTTPS). But an increasingly chatty Store app on Windows Phone could impact Store performance and/or incur additional bandwidth costs on both ends of the pipe. We'll see.

Stay tuned and we’ll let you know what we hear from Microsoft.



There are 95 comments. Sign in to comment

rodneyej says:


Rick Smits says:

Nice question marks.

rodneyej says:

Are you coming on to me??.. Lol

Nice punctuation

rodneyej says:

You too❔❔

Micah Dawson says:

I've notice these types of "posting" aren't coming from the usual crew. Interesting....

No conspiracy, just providing some technical details for savvy folks to repro in a safer environment. (No one should use a proxy they don't have control over, that's just dangerous.)

juan6996 says:

So, how would you get the HTC clock tile on a Lumia 920?

iknowsingh says:

You simply can't... its not a downloadable app, its built in to HTC Windows Phones. Even if you were to get the app to enable the tile, it requires drivers unique to HTC phones to even function.
TL;DR Without a LOT of work, it won't happen.

Kellzea says:

Dagnamit. Had my hopes up for that lol. Nevermind.

schlubadub says:

It is downloadable... It's called "HTC Hub". I can uninstall it and get it from the HTC section of the store again. Well it doesn't show the time, just a double-wide weather tile. So what is this clock tile? Haha on WP7 it shows the weather, maybe different on WP8?

iknowsingh says:

The clock/weather tile is unique to WP8 HTC phones. The downloadable HTC Hub is just a news/weather/HTC app highlight hub. Its available on both WP7/8 but the weather/clock tile that everyone here is asking about is exclusive to HTC Windows Phones for the reason I mentioned above.

discohaze says:

That's exactly what I was wanting too!!! Rats

rodneyej says:

That's what I was wondering!! I want it NOW❕❕❕❕❕❕❕❕❕

Skittledude says:

Oh god yes, I missed that when I switched from a Surround to a Lumia 800.

Micah Dawson says:

Okay my apologies :) I had no idea you were as involved with the WP community as you were.
(Still have no clue who the other dude is though).

iknowsingh says:

You and me both, pal! lol

Kane Gao says:

WPCentral's snitch in China who has brought you guys a fair share of leaks and interesting rumors. And this dude is not even recognized. This dude is sad...

rodneyej says:

You're not related to Geraldo Rivera are you❔

ChrisLynch says:

No, Raf is WAY more intelligent that stupid friggin Geraldo Rivera.  Raf should be insulted...  ;-)

rodneyej says:

First its a joke.. Second, why should he be insulted if he is related? It's not him..

No, he's related to Jamie Rivera from They are brothers. :)

iknowsingh says:

Well it's nice to meet you... sorry for everyone else exploding over the article you posted earlier. I didn't see an issue with the post and its always nice to see new posts from different writers.

JerseySal says:

The only post I want to see is an obit for a certan internet radio station.

Fndlumia says:

Exactly, words of wisdom and experience here ppl.... Listen... You have been warned

sepatown says:

Don't worry, Rafael is legit.

ZX9 says:

Rafael Rivera has been affiliated with WPCentral for a long time and is an incredibly qualified WP dev. (As I remember, he did a lot of the developer-related postings before Rogue Code came around.) Also, this is very legitimate reporting, even if it's not appealing to all audiences.

rhodri22 says:

Rafael was a regular on the podcast last year... He's also a well known Windows hacker and author.

rodneyej says:

Snitch!.. Lol!

The regular guys are now using aliases because the NSA is watching.

iknowsingh says:

Rafael is a well-known and trusted Windows blogger. He has very strong technical skills and know-how and was one of (maybe the first?) people to create custom UXstyle patches for Windows XP, Vista, etc. I read his personal blog every so often as well. He's a trusted source for information and is a good asset for WPCentral to have. Check his blog at

purevibz says:

Rafael Rivera is a regular he comes around when we have really technical stuff.

They'll probably fix this right away, but nothing about that Other storage fix. I mean it's not too bad for me, but I feel bad for some who have like 10GB. Even the Nokia Storage Check app doesn't work all the time.

My phone got to 13GB other storage before I reset it.

AngryNil says:

Hah, I gave in at around 11GB last week. The storage hasn't grown much since then though, so maybe I got lucky.

I have 1.4GB in my other. I don't think that's a lot, but I'm wondering if that should be 0.

AngryNil says:

I think other serves a purpose for one thing or another, but it definitely shouldn't be more than a couple of gigs.

Tell me how to steal the hardware too please. Need a how-to article

Kellzea says:

Yeah, because using an auto response trick to make a digital gate open and allow you to obtain a few kb of data that's free is definitely theft, and not, you know, just good computing skills.

I suppose you are right. The NSA just has good computing skills, they should take what they want too.

xyhchina says:

Please.... Tell me how!??? Thanks in advance!

KFBradley says:

What about something like Data Sense? Can we grab it from a different carrier?

Kane Gao says:

No. Data Sense is a WP8 system component, not a Store app. Just wait for GDR2, which supposedly brings it to everyone, regardless which carrier. It's not very far away.


Or flash the ROM from a Data-Sense-enabled carrier onto your device. Technically doable, very troublesome, could lead to disastrous concequence. Bricks a phone faster than you can say "brick" should any tiny step goes wrong.

Kane Gao says:

A few quick thoughts on how Microsoft can patch this: 1. Encrypted communication to prevent parameter changing by manual means; 2. Do a fact check on both device model and OEM ID, making it harder to come up with a correct combination; 3. Check OEM and device model again when the actual downloading session is about to start. Too much of carelessness is going on, people assuming HTTP requests "of course" can't be modified by average users, a device with a downlowd button served "of course" is from the intended OEM.

Or OEMs could take matters intotheir own hands, adding model check functions into all their exclusive apps, performed upon every single launch. That would be very effective, I reckon. It's impossible to fake device model and OEM name of a Windows Phone witnout jailbreaking it. And if the phone is jailbroken indeed... well there's no way stopping it doing anything its owner wants...

Kane Gao says:

Was about to ask how Apple and Google are dealing with similar problem when realized Apple does NOT have any OEM but itself and Google doesn't care shit about app ecosystem...


Got a feeling that Windows Store on Windows 8 and Windows RT might have the same problem. Although disguising device identity would be pointless on that front. Got a VAIO and a Surface and a Dell here. And the stuff in "OEM exclusivr" sections are to be described as uninteresting at best...

WPhoton says:

Apple doesn't have any OEM and all Android OEM preload all the crap as bloatware impossible to uninstall, except by flashing the phone.
"But what if some OEM whants to update their bloatware or add new apps?"
That would be a tuff question if Android OEMs keept supporting their phones after release but usualy that's not the case. And the only part Google cares about Android is the amazing piece of Spyware the've buit so OEM are able to do anything they want.

neo158 says:

All Microsoft or the manufacturers need to do is have XAP files check the device they are being installed on before installing, if it's not the right manufacturer it would just throw up an error message. 

rikipy says:

how a get the app? :O

xyhchina says:

Please.... Tell me how!??? Thanks in advance!

WPhoton says:

he will probably not tell you since everyone is already criticizing just because he written this.
but you can learn about how to do it by yourself reading the links (Fiddler).
if you are very lazy, I've read some tutorial in the WPCentral Forum by a guy which avatar is a orange squirrel but I don't know the link or name.

Darkwolf70 says:

Does this mean I can get my USAA app back that I lost when replacing my phone?

Kane Gao says: USAA app seems to be right there for free downloading, with no OEM restriction..?

jMawl says:

Only works for WP7 I least it says that it doesn't support my version of Windows Phone. Could that be gotten around as well?

DavidinCT says:

About the only way is to have a unlocked phone and find someone who "hacked" it from the marketplace then sideload it... I tried a few apps that were WP7 apps only on my unlocked WP8 device with questionable results.
Some worked fine for the most part but, at some levels it would not recover...

It has been shut down

Musicman247 says:

Not sure if describing exactly how to exploit the system is the right thing to do in this situation. Most "good-willed" hackers alert the person they've hacked and simply announce there is a way to exploit it without giving links to tools that can be used to do the same.

Sharpmango says:

+1, not impressed with WPCentral's behavior at all in this. Perhaps Nokia should rescind them their privileges to the next few Nokia exclusive events, then see how they like it.

Micah Dawson says:

While i agree with your first statement, I don't think blockign them from nokia exclusive events would do much of anything positive for nokia since WPcentral is often called "Nokia Central" . That said, I am quite disappointed with the reporting of this.

It's one thing to report and it's another thing to actually instruct people on how to do this...this goes for Nokia, Samsung or HTC products

Have any of you bothered to read the comments here? Clearly folks aren't being "educated" on "how to do this".

swizzlerz says:

Big deal we use to mod our windows mobile phones with apps from other phones back in the day. Big deal people can do what they want. Ohhh such a big deal that they posted the how too. Omg... Omg!

Musicman247 says:

Manufacturers might start charging for their exclusive apps instead of making them free to their own phones, so yeah, could be a big deal.

They can start charging or just make it free for their own phones

Mr. Brown says:

I agree. No need to tell everyone how they can get around the system and steal software. I hope MS and the OEMs have a way to pull/block the apps from working.

I kinda need a way to get ChatOn on my HTC8X ...

xyhchina says:

Yea, same here, could you please tell me how?

neo158 says:

Why didn't you get a Samsung ATIV then?

noelito says:

how can i do this rafael? i want nokia apps on my ativ s

Why didn't you get a Nokia?

Nik Rolls says:

Thanks! Fiddler is a much safer way to do it than using some random proxy someone made.

WP8Expert says:

I've successfully replicated the same thing to attempt to install HTC Hub as I have the direct link but the app only supprts 720P and 480x800. Bummer. Can't install. Lemme try Samsung

luimende says:

Can you post a link? Or is it not that simple?

WP8Expert says:

I got the link very easily. Just told my buddy with an 8X to tap "share" on the marketplace listing. Click Here: download link

backlashsid says:

Do you mind posting how you did it ? just for information sake ? i mean a lot of people now know it and i dont think its anything illegal ! 

WP8Expert says:

Its a really complicated process. Click here to learn how to connect your Windows Phone with fiddler2 and from there, click a link to an OEM app. You will find this link in fiddler2 that starts with that is the same as the one Rafael posted. Click that listing, click the auto-responder tab and at the bottom, there are 2 text fields. Enter the original one (e.g if u are a Samsung user, the listing that has te oemid as SAMSUNG) at the first field and the OEMID you want (e.g the same values as before but change the OEMID to the manufacturer you want. OEM ids are as follows: LGE = LG, SAMSUNG = Samsung, NOKIA = Nokia, HTC = htc. Note you can use this method to download carrier specific apps too by changing the moID value.) After changing the values and enabling auto-response, reload the link. You can now download apps from the OEM of your choice.

backlashsid says:

Thanks. Will check it out.

somubtech says:

WP8Expert, Thanks for a detailed procedure. 
I tried, but when I click on the link to OEM app, not always it takes me to I tried multiple times, and it does take me sometime there. I created this autoresponder - 
Does this look correct? After adding this one into auto-responder, the app is still not available for download on my device. Can you tell me if I am doing anything wrong... Thanks

WP8Expert says:

Try again but this time, tap the "This app is not available" thingy. It most likely will tell you that it cannot install cuz of screen limitations. If it still doesn't work, remove the EXACT: from the address. If it still doesn't work, PM me and I will help.

question where can i get the request generated by my phone in store, I Get
GET /en-us/store/app/rss-times/e7fd6b61-a095-4b06-9fba-005cc9b09267 HTTP/1.1
Kinda Clueless :/ help

cool8man says:

What is the moID value for T-mobile USA? I want to put the T-Mobile account app on a Verizon HTC 8X.

mreaglejr says:

Yeah, I wasn't able to download HTC's Flashlight app, or Samsung's MiniDiary app for the same reason. :(

Fndlumia says:

Thought as much

jmunchies1 says:

Damn. I want the Samsung call blocking app.

milkybuet says:

Since when do Rafael Rivera write here? This is a nice surprise!

Tiago Lopes says:

I only want something like the htc clock, why is this too much to ask!?!

francesco87 says:

anyone can explain me how to do it? ty

DAZTK says:

Hi, can someone advise if its possible to utilise this to download wp7 exclusive "rabbids go phone" on my lumia 920 by fooling it to think its a wp7?

DavidinCT says:

that one is a big no. I have a few apps and games that I lost from moving over from a Wp7 device to a Wp8 device...

DavidinCT says:

Is there a clear step by step directions to do this... I have a Lumia 928 and I **really** miss having my marketplace changer from my unlocked WP7.8 device..
I want ...
I'm a musician - Piano - from LG's collection (my kid loves that app)
HTC's flashlight app...

ygtgngr says:

So how do we actually install these apps if we are not a developer or so?

ahmedjan87 says:

I want Samsung apps on my Nokia so give me the method please ? Or a proxy and I'll follow the steps from the guide