Latest in Gear

Image credit:

Apple pulls ad-blocking apps that can 'compromise' security

27 Shares
Share
Tweet
Share
Save

Sponsored Links

Apple has removed several ad-blocking apps from its Store that created a risk of "man-in-the-middle" security breaches. While Apple now permits ad-blockers for Safari, the banned apps also block ads from native apps by installing their own "root certificates" and shunting all traffic through a VPN. From there, they read the unencrypted traffic and remove ads, provided you enable the feature. As spotted by Techcrunch, one of the apps Apple removed was "Been Choice," software that even removed ads from Apple's own News app. However, it was also gathering "behavioral data" and sharing it with other companies, offering users points and cash rewards in exchange.

While there were no reported breaches, Apple decided to pull the apps, noting that they "install root certificates which enable the monitoring of customer network data that can in turn be used to compromise SSL/TLS security solutions." However, it promised to work with the developers "to quickly get their apps back on the App Store," provided there's no risk to customer privacy and security. Starting with iOS 9, Apple decided to allow regular ad-blockers for Safari and other browsers, provided they don't monitor user traffic.

Apple is deeply committed to protecting customer privacy and security. We've removed a few apps from the App Store that install root certificates which enable the monitoring of customer network data that can in turn be used to compromise SSL/TLS security solutions. We are working closely with these developers to quickly get their apps back on the App Store, while ensuring customer privacy and security is not at risk.

As some observers have pointed out, Apple is likely to demand that the root certificate and VPN monitoring features be removed altogether, as they seemingly go against its Store policy. Meanwhile, Been Choice said that "we will remove ad blocking for FB, Google, Yahoo, Yahoo Fin., and Pinterest and resubmit tomorrow, to comply," but added "we will continue to block the majority of ads in apps, as well as Safari."

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
27 Shares
Share
Tweet
Share
Save

Popular on Engadget

US will reportedly give Huawei another temporary reprieve

US will reportedly give Huawei another temporary reprieve

View
Beto O'Rourke wants to hold internet companies liable for hate speech

Beto O'Rourke wants to hold internet companies liable for hate speech

View
The next Apple Watch may come in titanium and ceramic models

The next Apple Watch may come in titanium and ceramic models

View
Behind the wheel of VW’s electric dune buggy prototype

Behind the wheel of VW’s electric dune buggy prototype

View
The Morning After: The struggles of Formula 1's underdogs

The Morning After: The struggles of Formula 1's underdogs

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr