But it is much more likely that developers just haven't bothered to validate receipts.
The other thing is that you're dependent on the validation server's availability to check the receipts.
Sooner or later you will probably leave a trace of that password in the history of recently used commands, potentially becoming readable by anyone with local or remote access to your computer.
The commands in this tutorial are written in a way to minimize the chances of that happening, but it’s better to be safe than sorry.
Apple has a way of validating receipts for in app purchases, see:
Be aware, though, that doing this will leave the password recorded in the history of recent commands, potentially being readable by anyone with local or remote access to your computer.
Jorge is Product Manager and Automation Tinkerer at Esdecómic Digital, an ebook conversion company based in Barcelona and specialized in digital children ebooks, comics and mobile apps for publishing clients.
I guess we should really just be surprised this wasn't done sooner.
Even if this method does manage to bypass Apple's validation, then it is Apple's problem and they will fix it quickly.