Has Apple fixed the security issues with in-app purchase receipt validation?

I am开发者_JAVA百科 referring to the issues described in this discussion.

From reading that discussion, it appears at the time it was not possible to securely allow a user to use an IAP product on multiple devices.

No, this hole still exists (I just recently finished another StoreKit implementation myself).

I don't think it's feasible for them to fix it in the near future, especially after they've been using it with the public for an extended period of time. Rolling out a new solution that isn't immediately compatible with what's already been implemented could prove disastrous.

Though I think the common consumer wouldn't possess the knowhow to leverage the hole you're concerned about. The difficulty would be in convincing a business manager that.