Is there a concern, then? Not unless app developers don’t take the time to make sure that they’re properly validating those receipts.

I gave the hack a try myself. Upon launching my colleague Roman Loyola’s copy of Angry Birds, I was prompted for the password for Roman’s Apple ID (logging in with my own ID gets me nowhere, of course). Following the instructions for the hack, I replaced the specified files and sure enough: Angry Birds launched and I was able to play. (Note that while this worked on Angry Birds 1.0; the 1.0.1 version released on Friday seems to have fixed this flaw.)

However, Angry Birds isn’t alone in failing to properly implementing receipt validation—or even implementing it at all. A free app I copied from a colleague also fell prey to the hack above. And another paid application I copied didn’t even require me to replace the files: I double-clicked it and it ran, without ever asking for an Apple ID.

Other apps I tested seemed to have used the validation system correctly, and wouldn’t run on my Mac despite attempts at swapping out some files and altering others.

While Apple has placed the burden of validation on the developer, it would probably be to the advantage of both Apple and developers if the company tested apps’ implementation of the process during the approval process.