A friend recently reported a problem where he was getting update notifications from the Mac App Store (MAS) for programs he did not have installed, under an AppleID that was not his. Since these programs were not installed, he had no way to remove them, and since it was not his AppleID, he had no way to update them. As such, it seemed he was going to be stuck getting these update notifications forever. Luckily, with a little know-how and a lot of persistence, we were able to track down the cause of this and resolve it.
In order to understand what is causing this problem, it is important to understand how the MAS keeps track of what you have installed, and what needs updating. In the simplest terms, every program you download from the MAS has a receipt file inside. This file is present in all MAS purchases and is the basis of the MAS copy-protection. The MAS can run a number of checks against this file when the program is launched, allowing it to verify that the program is permitted to run. According to Apple’s Developer documentation, there are five checks that an app can perform. The first check is to simply look for the receipt. The last is to compute the “hash of your computer’s GUID. If the result does not match the hash in the receipt, verification fails.” In other words, the receipt file is modified when you first install the app from the MAS; this is what allows the app to validate and run on your computer.
So, why does this cause weird problems where you are being prompted to download updates for programs that you don’t have? Well, I can’t speak for everyone, but in my experience the people suffering from this problem have “cracked” software on their Macs. That is to say software that was originally downloaded from the MAS, then altered to remove the DRM, then redistributed to them in the altered state. It turns out that this is sometimes accomplished by replacing the receipt file mentioned above with one from a legitimately purchased program.
Now, I am not accusing anyone of pirating software with this post, I am simply explaining that if you have done so, the chances are that is what is causing your problem. If you do not believe you have done so (or if you have so much pirated software you don’t know which is causing the problem), here is how you can figure out what program is misbehaving:
Open Terminal and type:
find /Applications -name _MASReceipt
You should now see a list directories similar to this screenshot
What you need to do is examine the receipt file in each directory listed in your first step. This can be done with the following command:
strings /Applications/<application_name.app>/Contents/_MASReceipt/receipt | less
Inside each receipt file is line the pretty easily identifies which program it thinks it belongs to. What you are looking for is a file that thinks it belongs to a program other than the one it is contained in (specifically the program asking to be updated). For example, you may find that the file below, which was found inside the program inSSIDer, instead identifies itself as UbikReader or Twitter.
Once you have located the files that do not match the programs they are contained in, you are all set to fix them. How do you do that? Uninstall the application. There may or may not be other ways to resolve the issue while leaving the programs installed, but given the very murky legal area this falls under, I’m just going to stick with “uninstall the program”. Once you have it uninstalled, you can redownload your legally purchased application from the MAS and the issue should be resolved.