The only way to protect code running or content playing on an open system is security by obscurity. As a developer, choose your trade-off on the scale between inconvenient-but-quite-secure and simple-but-easy-to-copy and go with it. Any protection will be broken in time. Adjust based on customer feedback and the amount of cracking going on, but that's pretty much all you can do from a technical perspective.
NB: at a low enough level, all systems in the hands of the attacker are open. Hardware DRM is vulnerable to attack by equipment for scraping layers of atoms from the silicon and inspecting it with an electron microscope.
Not all systems, not if you're doing server authentication (itunes account?) / code download every time the app starts (e.g. webapps).
That's why DRM is broken by design.
All it takes is one skilled individual to develop an easy-to-use method for cracking the thing, start a torrent and that's it, millions of people have access to it instantly.
Surely, if the system is server side, then it's not in the hands of the attacker? For webapps, etc. it's not the client side code that's protected, but the server code and data.
I would argue that the target audience of the app store isn't tech-savvy enough to do this anyway. Sure, it's easy to HN readers, but to the general public it probably "sounds too hard."
The clunkiness of the iOS store has to play at least a part. Compared to using a music player on your computer, Cydia is a pretty user-friendly and elegant way to install applications.
I'm not sure if I misunderstood your comment. But as far as I know most iOS users install apps using the app store built into the device. It's really not much different, if not more polished than the cydia store.
I think the real reason for the popularity of cydia is that 1) it has a user friendly UI 2) you can get apps on it that will not make it to the app store and 3) some people are just too cheap to pay for some apps and use it to pirate them
The target audience of what? The app store? Each app? In Apple's eyes, their target audience is the entire computing population ... and it's not a stretch to think that an exploit like this will be simplified for the masses now that it's been identified.
I'm sure Apple will tighten it up a bit but if it stops casual piracy that's probably good enough. More sophisticated and invasive DRM schemes don't stop people anyway. It's a waste of time to go much further than "keeping the honest people honest" style protections.
What's happened is that some developers haven't fully implemented scrupulous receipt checks, which weakens the DRM considerably.