Apple removes certain content blockers from iOS App Store over security concerns

Posted:
in iPhone edited October 2015
In a bid to protect users against potential man-in-the-middle attacks, Apple on Thursday confirmed the removal of multiple iOS content blockers, also referred to as ad blockers, that relied on the installation of root certificates to operate.




The removal of root certification-based content blocking apps essentially reduces the potential of attack by cutting off outside access to otherwise secure data connections, reports iMore.

Apps that rely on root certification installations, like popular option Been Choice, go further than vanilla Safari ad-blocking extensions by sending off user network data to offsite servers, where offending content is filtered out. This system, while more comprehensive in its protection of apps outside of Safari, opens users to potential attacks as monitored traffic could be intercepted at a content blocker's servers.

"Apple is deeply committed to protecting customer privacy and security," an Apple spokesman told iMore. "We've removed a few apps from the App Store that install root certificates which enable the monitoring of customer network data that can in turn be used to compromise SSL/TLS security solutions. We are working closely with these developers to quickly get their apps back on the App Store, while ensuring customer privacy and security is not at risk."

The company did not specify which apps were affected by the takedown.

As noted by the publication, Apple's team created a safer solution in Safari View Controller that does not require an ad blocker to track network activity on its own.

Selective content blocking was introduced in iOS 9 to prevent malicious apps from surreptitiously gathering sensitive customer data. Apple's ad blocking mechanism went under the microscope last month when it was learned that popular blocker Crystal allowed certain advertisers to pay to bypass its filters.
«1

Comments

  • Reply 1 of 21
    calicali Posts: 3,494member
    Again,

    Apple should just have it's own ad blocker in the Settings app.

    Have Giggle ads blocked by default and all others unchecked. Allow the user to block the ads they want, if any.
  • Reply 2 of 21
    calicali Posts: 3,494member
    sog35 wrote: »
    Agree.

    But dont call it adblock. Call it spyblock or tracking block. Basically block all spy and tracking scripts.

    Who the hell can argue you dont have right to your own privacy?

    The problem is calling it ad block. Since ads are a normal part of business, it sounds bad to block all ads. So if a website uses native ads that dont track/spy they wont be blocked.

    Time to go thermo nuclear on Google Tim.

    True. Especially since that's exactly what Giggle is doing. Spying.
  • Reply 3 of 21
    sog35 wrote: »
    Agree.

    But dont call it adblock. Call it spyblock or tracking block. Basically block all spy and tracking scripts.

    Who the hell can argue you dont have right to your own privacy?

    The problem is calling it ad block. Since ads are a normal part of business, it sounds bad to block all ads. So if a website uses native ads that dont track/spy they wont be blocked.

    Time to go thermo nuclear on Google Tim.

    Why even use the word "block"?

    Why not call it "Privacy Mode" or "Privacy Filter"? Something that when enabled signifies the actual benefit you receive (privacy) as opposed to namng it based on what it's removing (ads, trackers).
  • Reply 4 of 21
    calicali Posts: 3,494member
    As far as thermonuclear goes, the News app isn't it. The damn stories redirect to the original webpage and you see Giggle ads and others again.

    What a disappointment. :(

    I don't mind most ads but I don't wanna share my info with Giggle so having a list of filters would help. "Blacklists/whitelist" they're called?
  • Reply 5 of 21
    Quote:

    Originally Posted by AJL View Post



    ...Is there any list that shows the removed apps? ...


    Agree that it would have been a nice thing to do for Apple to post a list of apps - although it concerns me that Apple might be opening itself up for a suit considering our litigious society.


    ...I'm really worried that delicate private data (as banking operations) has been eventually stolen. I'm really concerned about it. ...


    If you are really that concerned that your 'delicate private data (as banking operations)' has been - err- eventually been stolen then I would report the bank info to to the banks, adopt a different way to pay (paypal, etc.), keep an eye out but at the same time take a chill pill. BTW: Apple does the most by a long shot to protect its customers and any comparisons to that swiss cheese security provided with Android is a joke.

  • Reply 6 of 21
    mobiusmobius Posts: 378member
    cali wrote: »
    As far as thermonuclear goes, the News app isn't it. The damn stories redirect to the original webpage and you see Giggle ads and others again.

    What a disappointment. :(

    I don't mind most ads but I don't wanna share my info with Giggle so having a list of filters would help. "Blacklists/whitelist" they're called?

    Who or what is Giggle?

    I'm guessing you're having a pop at Google? It's not really working - it's just distracting from what you're trying to say...not giving me any giggles anyway.
  • Reply 7 of 21
    MacProMacPro Posts: 19,379member
    mobius wrote: »
    Who or what is Giggle?

    I'm guessing you're having a pop at Google? It's not really working - it's just distracting from what you're trying to say...not giving me any giggles anyway.

    Right, everyone knows it's 'gaggle' when referring to Google. :D
  • Reply 8 of 21
    boredumbboredumb Posts: 1,418member
    Quote:

    Originally Posted by sog35 View Post

    Who the hell can argue you dont have right to your own privacy?

    Umm...I believe that would be the DoJ...?

    (Not saying I agree with them, though.)

     

    Quote:

    Originally Posted by cali View Post

    Have Giggle ads blocked by default and all others unchecked.

    I wonder whether that sort of specific default would expose Apple to litigation?

    In the NFL I think they call it "targeting"...the same thing could be accomplished with less exposure, I would think.

  • Reply 9 of 21
    Quote:

    Originally Posted by Mobius View Post

     
    Quote:

    Originally Posted by cali View Post



    As far as thermonuclear goes, the News app isn't it. The damn stories redirect to the original webpage and you see Giggle ads and others again.



    What a disappointment. image



    I don't mind most ads but I don't wanna share my info with Giggle so having a list of filters would help. "Blacklists/whitelist" they're called?




    Who or what is Giggle?



    I'm guessing you're having a pop at Google? It's not really working - it's just distracting from what you're trying to say...not giving me any giggles anyway.

    Stuff like that does get tiresome doesn't it? 

     

    Just like when people use versions like Samedung, M$FT, Apepull, and on and on.

     

    If that is the sentiment, it is better said with a well reasoned statement. When I see stuff like that I generally will instantly pass, and move on.

     

    Usually, but not always. Like right now.

  • Reply 10 of 21
    gatorguygatorguy Posts: 23,162member
    sog35 wrote: »

    So what makes Spyware and Trackware any different?  These 'ads' by Google are Spyware and Trackware hidden behind an Ad.  But make no mistake those are just as dangerous as Virus' and Malware.
    Ads are as dangerous as viruses? Well OK then. This site, iMore, 9to5, Cult of Mac and others are certainly heavily infected and should be avoided by all fans of Apple right?

    ...or perhaps you're mistaken in equating the two?

    By the way the "spyware and trackware" you're encountering here is not coming from an ad company in many cases. For example approx. half the trackers I'm seeing here at this moment are not coming from an ad company. If you include the advertisers too only around 5% of the total number here right now are Google-related.
  • Reply 11 of 21
    gatorguygatorguy Posts: 23,162member
    sog35 wrote: »
    No.  I said Trackware and Spyware are as dangerous as Virus'.  

    I did NOT say ads.  Stop twisting my words like how the media twists words.
    Twisting your words? You absolutely said ads were as dangerous as viruses

    Quote: "These 'ads' by Google are Spyware and Trackware hidden behind an Ad. But make no mistake those are just as dangerous as Virus' and Malware.

    Fair enough if you didn't really mean what you wrote the first time.

    BTW, I agree with how you handle trackers. I block everything too via Ghostery and for the same reasons. Ads don't scare me, but there's other trackers here not coming from ad companies and some of those have really questionable and/or unclear privacy policies.

    EDIT: Note that tho pretty rare there have been instances where nefarious ads were used to deliver malware. Then again malware is routed to our devices from dozens of sources, even via hardware exploits.
  • Reply 12 of 21
    chickchick Posts: 35member
    SOG35 did not say ads are as dangerous as virus'. The sentence you quoted specifically refers to Google ads and calls them out. Learn to read and understand what is stated. Note that he put the word "ads" in quotes which further shows that he was not referring to ads in general but as the rest of his sentence shows was referring to ads which include trackware/spyware as part of their substance.
  • Reply 13 of 21
    Quote:
    Originally Posted by Gatorguy View Post





    By the way the "spyware and trackware" you're encountering here is not coming from an ad company in many cases. For example approx. half the trackers I'm seeing here at this moment are not coming from an ad company. If you include the advertisers too only around 5% of the total number here right now are Google-related.

     

    Just curious, if not from ad companies, where are those other trackers coming from?

  • Reply 14 of 21
    gatorguygatorguy Posts: 23,162member
    Just curious, if not from ad companies, where are those other trackers coming from?
    Data aggregators, web trackers, and social miners. Companies like Blue Kai, Facebook, Krux Digital, Acxiom, RadiumOne, Scorecard Research etc. who are all tracking your travels here and across the web.
  • Reply 15 of 21
    Quote:
    Originally Posted by Gatorguy View Post

     
    Quote:
    Originally Posted by RoundaboutNow View Post



    Just curious, if not from ad companies, where are those other trackers coming from?


    Data aggregators, web trackers, and social miners. Companies like Blue Kai, Facebook, Krux Digital, Acxiom, RadiumOne, Scorecard Research etc. who are all tracking your travels here and across the web.



    Ah, OK, thanks...

     

    I understand the difference, but "Data aggregators, web trackers, and social miners" are so closely aligned with serving ads (supplying data to influence what ads might get delivered), that I just kind of lumped them all together.

     

    In order to gain further insight, I googled some of the companies you listed, so now I'm wondering what sort of ads I will get now! ????

  • Reply 16 of 21
    gatorguygatorguy Posts: 23,162member

    Ah, OK, thanks...

    I understand the difference, but "Data aggregators, web trackers, and social miners" are so closely aligned with serving ads (supplying data to influence what ads might get delivered), that I just kind of lumped them all together.

    In order to gain further insight, I googled some of the companies you listed, so now I'm wondering what sort of ads I will get now! ????
    Data aggregators sell your "profile" to more than just ad companies. Insurers, pharmaceutical companies, lenders, investigative agencies etc all customers for what these companies gather. Unlike Google and many others that we're supposed to be worried about the companies like Acxiom tie your profile to your real name, addresses, SS numbers, loans, jobs, even sexual persuasion and religion.

    In fact I hope Acxiom was one of those your researched. They're much more than ads.
  • Reply 17 of 21
    Quote:

    Originally Posted by Gatorguy View Post

     

    In fact I hope Acxiom was one of those your researched. They're much more than ads.

    A while back you introduced me to Acxiom.

     

    I had never heard of them before. They really should just change their name to Evil Corp.

  • Reply 18 of 21
    Quote:
    Originally Posted by Gatorguy View Post

     
    Quote:
    Originally Posted by RoundaboutNow View Post





    Ah, OK, thanks...



    I understand the difference, but "Data aggregators, web trackers, and social miners" are so closely aligned with serving ads (supplying data to influence what ads might get delivered), that I just kind of lumped them all together.



    In order to gain further insight, I googled some of the companies you listed, so now I'm wondering what sort of ads I will get now! ????


    Data aggregators sell your "profile" to more than just ad companies. Insurers, pharmaceutical companies, lenders, investigative agencies etc all customers for what these companies gather. Unlike Google and many others that we're supposed to be worried about the companies like Acxiom tie your profile to your real name, addresses, SS numbers, loans, jobs, even sexual persuasion and religion.



    In fact I hope Acxiom was one of those your researched. They're much more than ads.

    Yes, I got that much more than ads are involved.

     

    I went back and took a closer look at Acxiom. Dang! It's amazing how much stuff about us really is out there. It made me think of that line: "I wouldn't be so paranoid if everyone wasn't out to get me!" Now where was that tinfoil hat...

  • Reply 19 of 21
    asciiascii Posts: 5,941member

    Here is Apple's support article on how to uninstall the apps.

    https://support.apple.com/en-au/HT205347

     

    It doesn't say which ones they were, but it says to delete the app's configuration profile from Settings > General > Profile. I guess if your iDevice doesn't have anything in this section (or doesn't have the section at all) then it means no apps have installed their own root certs?

  • Reply 20 of 21
    Quote:

    Originally Posted by Gatorguy View Post





    Data aggregators sell your "profile" to more than just ad companies. Insurers, pharmaceutical companies, lenders, investigative agencies etc all customers for what these companies gather. Unlike Google and many others that we're supposed to be worried about the companies like Acxiom tie your profile to your real name, addresses, SS numbers, loans, jobs, even sexual persuasion and religion.



    In fact I hope Acxiom was one of those your researched. They're much more than ads.



    Just more spokes in the axis of evil.  Google is still the biggest and most prolific of these types of horrible companies.  They have demonstrated on many levels and on several occasions they are a company without any scruples.

Sign In or Register to comment.