Latest in Gear

Image credit:

Apple pulls ad-blocking apps that can 'compromise' security

27 Shares
Share
Tweet
Share

Sponsored Links

Apple has removed several ad-blocking apps from its Store that created a risk of "man-in-the-middle" security breaches. While Apple now permits ad-blockers for Safari, the banned apps also block ads from native apps by installing their own "root certificates" and shunting all traffic through a VPN. From there, they read the unencrypted traffic and remove ads, provided you enable the feature. As spotted by Techcrunch, one of the apps Apple removed was "Been Choice," software that even removed ads from Apple's own News app. However, it was also gathering "behavioral data" and sharing it with other companies, offering users points and cash rewards in exchange.

While there were no reported breaches, Apple decided to pull the apps, noting that they "install root certificates which enable the monitoring of customer network data that can in turn be used to compromise SSL/TLS security solutions." However, it promised to work with the developers "to quickly get their apps back on the App Store," provided there's no risk to customer privacy and security. Starting with iOS 9, Apple decided to allow regular ad-blockers for Safari and other browsers, provided they don't monitor user traffic.

Apple is deeply committed to protecting customer privacy and security. We've removed a few apps from the App Store that install root certificates which enable the monitoring of customer network data that can in turn be used to compromise SSL/TLS security solutions. We are working closely with these developers to quickly get their apps back on the App Store, while ensuring customer privacy and security is not at risk.

As some observers have pointed out, Apple is likely to demand that the root certificate and VPN monitoring features be removed altogether, as they seemingly go against its Store policy. Meanwhile, Been Choice said that "we will remove ad blocking for FB, Google, Yahoo, Yahoo Fin., and Pinterest and resubmit tomorrow, to comply," but added "we will continue to block the majority of ads in apps, as well as Safari."

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
27 Shares
Share
Tweet
Share

Popular on Engadget

Kik Messenger will keep running under a different owner

Kik Messenger will keep running under a different owner

View
Netflix's 'Cowboy Bebop' production pauses after John Cho is injured on-set

Netflix's 'Cowboy Bebop' production pauses after John Cho is injured on-set

View
Nike puts an accessibility twist on its iconic Air Jordan 1

Nike puts an accessibility twist on its iconic Air Jordan 1

View
Harley-Davidson resumes LiveWire electric motorcycle production

Harley-Davidson resumes LiveWire electric motorcycle production

View
Alphabet’s Wing starts drone deliveries to US homes

Alphabet’s Wing starts drone deliveries to US homes

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr