Apple no longer accepting VPN-based ad blockers to App Store, report says

Posted:
in General Discussion
Apple is reportedly limiting App Store distribution of VPN/root certificate-based ad blockers capable of blocking adds in other third-party apps, and will instead support only first-party content blockers offered through Safari.




The supposed policy shift came to light in an interaction between Apple and developer Future Mind, which markets a number of apps including the VPN-based content blocker AdBlock.

According to MacRumors, Future Mind recently saw a submitted update for AdBlock, which has been on the App Store since 2014, rejected by Apple's App Review Board. The group told Future Mind CTO Tomasz Koperski that Apple is no longer allowing VPN/root certificate-based ad blockers to be sold through the App Store.

"After submitting an appeal to the App Review Board, a member of the Review Team contacted me directly via phone and informed that Apple has officially changed their policy regarding VPN/root certificate based ad blockers on the App Store and is no longer accepting updates of apps, which directly block content in third party apps," Koperski said. "The only officially allowed ad blocking method is now Safari Content Blockers."

4.2.1, which says "Apps should use APIs and frameworks for their intended purposes and should indicate that integration in their app description," and to get even more specific, Future Mind was told the update was rejected because "Your app uses a VPN profile or root certificate to block ads or other content in a third-party app, which is not allowed on the App Store."

Koperski was also informed that AdBlock violates section 4.2.1 of the App Store Review Guidelines, which states, "Apps should use APIs and frameworks for their intended purposes and should indicate that integration in their app description."Further, Apple specifically called out AdBlock's use of VPN profiles and root certificates to block content in a third-party app, a practice not allowed on the App Store, the report said.

It seems Apple is implementing the change as developers update existing apps, as a number of titles employing VPN-based content blocking techniques are still available for download. Presumably, new app submissions that leverage similar technology will also be denied.

The policy shift comes as Apple places heavy emphasis on its web browsing experience. At WWDC 2017 in June, the company announced new features set to debut in macOS High Sierra, including autoplay video ad blocking and intelligent tracking prevention, both of which aim to cut down on intrusive advertisements.
«1

Comments

  • Reply 1 of 29
    XStylusXStylus Posts: 3member
    Hooooooly crap am I glad to have read this article. I was just about to make a very expensive mistake. Was about to retire my Galaxy S5 and jump ship to an iPhone. Not anymore.

    You'll have an easier time prying away a gun from a young Charlton Heston than foisting an un-adblockable device upon me. I'd rather suffer the throes of internet withdraw than put up with a toxic cesspool of distraction engineered, attention hijacking, consciousness derailing, apoplecticly infuriating internet advertising. HELL. NO.
    sergiozsphericwilliamlondontoysandmedaven
  • Reply 2 of 29
    XStylus said:
    Hooooooly crap am I glad to have read this article. I was just about to make a very expensive mistake. Was about to retire my Galaxy S5 and jump ship to an iPhone. Not anymore.

    You'll have an easier time prying away a gun from a young Charlton Heston than foisting an un-adblockable device upon me. I'd rather suffer the throes of internet withdraw than put up with a toxic cesspool of distraction engineered, attention hijacking, consciousness derailing, apoplecticly infuriating internet advertising. HELL. NO.
    Good riddance to you and your toy phone. Come back when you grow up. Or are you just a troll that is being willfully obtuse?

    Much (if not all) of the app functionality will be built-in to Safari now. Besides, most of the ad blockers are scams, receiving kickbacks from advertisers that wish to be white listed.
    RacerhomieXcalilostkiwipscooter63ronnwilliamlondonRayz2016magman1979tallest skilsuperkloton
  • Reply 3 of 29
    XStylusXStylus Posts: 3member
    osmartormenajr said:
    Good riddance to you and your toy phone. Come back when you grow up. Or are you just a troll that is being willfully obtuse?

    Much (if not all) of the app functionality will be built-in to Safari now. Besides, most of the ad blockers are scams, receiving kickbacks from advertisers that wish to be white listed.

    Setting your unwarranted insult aside, it's equally as much about privacy as it is about sanity and calm. The content blocking in Safari is just that -- it's for Safari only. It won't allow me to control what various apps on my phone are doing, such as a calculator app or alarm clock app sending/receiving data from the internet when it has no business to, or apps that have trackers or other means of trying to monetize my usage. So pardon me, I'd like to think my disgust is rather justified.
    williamlondonEdmontonGuyanalogjack
  • Reply 4 of 29
    sergiozsergioz Posts: 222member
    XStylus said:
    Hooooooly crap am I glad to have read this article. I was just about to make a very expensive mistake. Was about to retire my Galaxy S5 and jump ship to an iPhone. Not anymore.

    You'll have an easier time prying away a gun from a young Charlton Heston than foisting an un-adblockable device upon me. I'd rather suffer the throes of internet withdraw than put up with a toxic cesspool of distraction engineered, attention hijacking, consciousness derailing, apoplecticly infuriating internet advertising. HELL. NO.
    This only impacts fake/dummy VPN work around that was used by AdBlock, which by the way is a great app. iOS will allow regular VPN connection and there is many VPN ad blockers that will filter out ads on DNS level.
    lostkiwipscooter63ronnmagman1979uraharajony0
  • Reply 5 of 29
    radarthekatradarthekat Posts: 2,991moderator
    XStylus said:
    Hooooooly crap am I glad to have read this article. I was just about to make a very expensive mistake. Was about to retire my Galaxy S5 and jump ship to an iPhone. Not anymore.

    You'll have an easier time prying away a gun from a young Charlton Heston than foisting an un-adblockable device upon me. I'd rather suffer the throes of internet withdraw than put up with a toxic cesspool of distraction engineered, attention hijacking, consciousness derailing, apoplecticly infuriating internet advertising. HELL. NO.
    What you're really saying is that you don't want to use Safari, because in Safari on iOS you'll still have all the ad-blocking capability, plus the world's faster mobile browser.  But instead, you'll accept an Android phone, with its lack of privacy controls (relative to iPhone), poorer security, far more malware, and general inability to be updated beyond the major Android release each handset ships with.  Okay.  Enjoy. 
    RacerhomieXcalimacseekerplanetary paullostkiwipscooter63ronnwilliamlondonbadmonkajl
  • Reply 6 of 29
    radarthekatradarthekat Posts: 2,991moderator
    XStylus said:
    osmartormenajr said:
    Good riddance to you and your toy phone. Come back when you grow up. Or are you just a troll that is being willfully obtuse?

    Much (if not all) of the app functionality will be built-in to Safari now. Besides, most of the ad blockers are scams, receiving kickbacks from advertisers that wish to be white listed.

    Setting your unwarranted insult aside, it's equally as much about privacy as it is about sanity and calm. The content blocking in Safari is just that -- it's for Safari only. It won't allow me to control what various apps on my phone are doing, such as a calculator app or alarm clock app sending/receiving data from the internet when it has no business to, or apps that have trackers or other means of trying to monetize my usage. So pardon me, I'd like to think my disgust is rather justified.
    You can control, on an app by app basis, privacy.  iOS itself steps in, not relying upon the good will of app developers, to ask you whether you want to grant an app access to you location, your microphone, you Photos, etc.  Apps can ask, but you'll be warned and it's your choice.  thats an area where Android is playing catchup to iOS.
    macseekerpscooter63ronnwilliamlondonajlboredumbGeorgeBMacmagman1979superklotonurahara
  • Reply 7 of 29
    aaarrrggghaaarrrgggh Posts: 1,572member
    Root certificate systems are really dangerous.  It is a tough one to balance-- focus on unencrypted traffic only, or try to swat at everything, including your online banking.
    ronnsuperkloton
  • Reply 8 of 29
    calicali Posts: 3,495member
    This may mean OS-wide ad blocking. Hopefully our default google ad blocking wish come true!!

    XStylus said:
    osmartormenajr said:
    Good riddance to you and your toy phone. Come back when you grow up. Or are you just a troll that is being willfully obtuse?

    Much (if not all) of the app functionality will be built-in to Safari now. Besides, most of the ad blockers are scams, receiving kickbacks from advertisers that wish to be white listed.

    Setting your unwarranted insult aside, it's equally as much about privacy as it is about sanity and calm. The content blocking in Safari is just that -- it's for Safari only. It won't allow me to control what various apps on my phone are doing, such as a calculator app or alarm clock app sending/receiving data from the internet when it has no business to, or apps that have trackers or other means of trying to monetize my usage. So pardon me, I'd like to think my disgust is rather justified.
    Mentions privacy while going for an iPhone knockoff. Some people never learn. 


    lostkiwipscooter63ronnmwhitewilliamlondonGeorgeBMacmagman1979superklotonmacxpressurahara
  • Reply 9 of 29
    jdwjdw Posts: 696member
    The other day I noticed that VPN was active on my daughter's iPad Pro 9.7". I asked her about it and she said her ad blocker would not work without it. But this article makes me curious if that VPN connection could be a back-door for the bad guys to do naughty things to one's data or personal information. Is it a risk? My natural assumption is that it is indeed a risk, otherwise why would Apple try to now prevent it? Is Apple just being stupid Big Brother again? Or are these VPN connections to "block" ads" being used for more nefarious purposes? I'd like to read an expanded AppleInsider article that answers those questions in detail.
    pscooter63ronnBabyWhatWhatosmartormenajrmagman1979
  • Reply 10 of 29
    SoliSoli Posts: 8,678member
    jdw said:
    The other day I noticed that VPN was active on my daughter's iPad Pro 9.7". I asked her about it and she said her ad blocker would not work without it. But this article makes me curious if that VPN connection could be a back-door for the bad guys to do naughty things to one's data or personal information. Is it a risk? My natural assumption is that it is indeed a risk, otherwise why would Apple try to now prevent it? Is Apple just being stupid Big Brother again? Or are these VPN connections to "block" ads" being used for more nefarious purposes? I'd like to read an expanded AppleInsider article that answers those questions in detail.
    Anything you install is a risk. Anything that connects to a network is a risk.

    VPN's work by creating an encrypted tunnel from your device to the VPN service's server where the data is then sent out and received normally. This gives the benefit of your local ISP not being able to track your activity as well as preventing anyone on the local network seeing what kind of data, even if it's encrypted with SSL, from seeing what you're doing, but you still have to trust your VPN provider.

    I use PIA every time I'm using public WiFi because I trust them more than I trust whomever could be snagging my local data. With the direction things are going in the US I may start to use on my private WiFi to prevent my ISP from tracking my activity, too.
    bshank
  • Reply 11 of 29
    sergiozsergioz Posts: 222member
    No comment 
    edited July 2017
  • Reply 12 of 29
    foggyhillfoggyhill Posts: 4,767member
    Soli said:
    jdw said:
    The other day I noticed that VPN was active on my daughter's iPad Pro 9.7". I asked her about it and she said her ad blocker would not work without it. But this article makes me curious if that VPN connection could be a back-door for the bad guys to do naughty things to one's data or personal information. Is it a risk? My natural assumption is that it is indeed a risk, otherwise why would Apple try to now prevent it? Is Apple just being stupid Big Brother again? Or are these VPN connections to "block" ads" being used for more nefarious purposes? I'd like to read an expanded AppleInsider article that answers those questions in detail.
    Anything you install is a risk. Anything that connects to a network is a risk.

    VPN's work by creating an encrypted tunnel from your device to the VPN service's server where the data is then sent out and received normally. This gives the benefit of your local ISP not being able to track your activity as well as preventing anyone on the local network seeing what kind of data, even if it's encrypted with SSL, from seeing what you're doing, but you still have to trust your VPN provider.

    I use PIA every time I'm using public WiFi because I trust them more than I trust whomever could be snagging my local data. With the direction things are going in the US I may start to use on my private WiFi to prevent my ISP from tracking my activity, too.
    That wasn't really his comment though, why on earth would those thing need constant VPN access to do their job, that's the question.
    Reducing the number of open services on the device, or on the router is what I do all the time; they better have a damn good reason for being there and staying up.

    VPN in itself relies on how confident you are in the endpoints, and if you think they're somehow compromised.
    A compromised external device on a VPN that has access to an internal network would be a real bad security risk. That's why you often connected to an isolated segmented network first when connecting into a company (if they've done their mitigation work properly).
    edited July 2017 jdw
  • Reply 13 of 29
    SoliSoli Posts: 8,678member
    foggyhill said:
    Soli said:
    jdw said:
    The other day I noticed that VPN was active on my daughter's iPad Pro 9.7". I asked her about it and she said her ad blocker would not work without it. But this article makes me curious if that VPN connection could be a back-door for the bad guys to do naughty things to one's data or personal information. Is it a risk? My natural assumption is that it is indeed a risk, otherwise why would Apple try to now prevent it? Is Apple just being stupid Big Brother again? Or are these VPN connections to "block" ads" being used for more nefarious purposes? I'd like to read an expanded AppleInsider article that answers those questions in detail.
    Anything you install is a risk. Anything that connects to a network is a risk.

    VPN's work by creating an encrypted tunnel from your device to the VPN service's server where the data is then sent out and received normally. This gives the benefit of your local ISP not being able to track your activity as well as preventing anyone on the local network seeing what kind of data, even if it's encrypted with SSL, from seeing what you're doing, but you still have to trust your VPN provider.

    I use PIA every time I'm using public WiFi because I trust them more than I trust whomever could be snagging my local data. With the direction things are going in the US I may start to use on my private WiFi to prevent my ISP from tracking my activity, too.
    That wasn't really his comment though, why on earth would those thing need constant VPN access to do their job, that's the question.
    Reducing the number of open services on the device, or on the router is what I do all the time; they better have a damn good reason for being there and staying up.
    He asked if there was a risk if a "VPN connection could be a back-door for the bad guys to do naughty things to one's data or personal information" and I I answered accordingly. If you don't understand why a VPN app would need access to their VPN servers to offer their VPN service (i.e.: to do their job) there are no additional words I can say that will make it more clear.
  • Reply 14 of 29
    foggyhillfoggyhill Posts: 4,767member
    Soli said:
    foggyhill said:
    Soli said:
    jdw said:
    The other day I noticed that VPN was active on my daughter's iPad Pro 9.7". I asked her about it and she said her ad blocker would not work without it. But this article makes me curious if that VPN connection could be a back-door for the bad guys to do naughty things to one's data or personal information. Is it a risk? My natural assumption is that it is indeed a risk, otherwise why would Apple try to now prevent it? Is Apple just being stupid Big Brother again? Or are these VPN connections to "block" ads" being used for more nefarious purposes? I'd like to read an expanded AppleInsider article that answers those questions in detail.
    Anything you install is a risk. Anything that connects to a network is a risk.

    VPN's work by creating an encrypted tunnel from your device to the VPN service's server where the data is then sent out and received normally. This gives the benefit of your local ISP not being able to track your activity as well as preventing anyone on the local network seeing what kind of data, even if it's encrypted with SSL, from seeing what you're doing, but you still have to trust your VPN provider.

    I use PIA every time I'm using public WiFi because I trust them more than I trust whomever could be snagging my local data. With the direction things are going in the US I may start to use on my private WiFi to prevent my ISP from tracking my activity, too.
    That wasn't really his comment though, why on earth would those thing need constant VPN access to do their job, that's the question.
    Reducing the number of open services on the device, or on the router is what I do all the time; they better have a damn good reason for being there and staying up.
    He asked if there was a risk if a "VPN connection could be a back-door for the bad guys to do naughty things to one's data or personal information" and I I answered accordingly. If you don't understand why a VPN app would need access to their VPN servers to offer their VPN service (i.e.: to do their job) there are no additional words I can say that will make it more clear.
    Stop the condescension bud (see I can do it too huh). There are other ways to get these apps to work; not just one.
    An ad blocker is not "a VPN app", just like a browser is not a VPN software either despite the fact you can run one inside it. That's not their primary function at all.
    Been using VPN's since they first appeared in about 93 in Cisco routers and ran vpn tunnels over ssh by the late 90s. So, I'm quite familiar with them.. Thanks for the info though (sic).
    Its bad security to keep ports/services open anywhere, especially with endpoints of dubious security.
    Your giving access to your browser to those things; not something trivial at all; a possible entry vector for social engineering, getting a web workers running some bots or bitcoin mining or whatever, without any way really of monitoring this (except battery usage which many people don't look at).



    edited July 2017 mwhitejdwavon b7ronnStrangeDays
  • Reply 15 of 29
    slurpyslurpy Posts: 5,115member
    XStylus said:
    Hooooooly crap am I glad to have read this article. I was just about to make a very expensive mistake. Was about to retire my Galaxy S5 and jump ship to an iPhone. Not anymore.

    You'll have an easier time prying away a gun from a young Charlton Heston than foisting an un-adblockable device upon me. I'd rather suffer the throes of internet withdraw than put up with a toxic cesspool of distraction engineered, attention hijacking, consciousness derailing, apoplecticly infuriating internet advertising. HELL. NO.
    Assuming you're not a blatant liar, and you were ACTUALLY going to switch from an iPhone from an S5 (massive assumption) instead of just simply shitty trolling, enjoy your Galaxy S5. Let's just ignore the elephant in the room too, which is that you choose to instead use an OS from a company that only exists because of ad revenue, and doesn't give a fuck about your privacy and security. Your little screed is laughable. 

    I'm guessing you don't actually care about privacy or security either- all you care about is stripping away ads from free ad supported apps, in which ads are the only way the developer can support themselves, instead of actually paying a pittance to remove the ads legitimately. At the end of the day, 99% of Android users who vehemently champion "open" and bash iOS only do so because they're thieves and enjoy side-loading paid apps at no cost, not because they have any real principles. And you obviously fall within this category, seeing as how you want to have your cake (no ads ever in apps) and eat it too (you don't want to pay for anything). How is a developer supposed to support himself if they can't show a single ad, and you don't pay them a single cent? People like you is how the entire industry gets screwed and developers don't make a dime. So spare us your sanctimonious bullshit, because that's all it is. 
    edited July 2017 BenCwilliamlondonmagman1979ronnStrangeDaysjony0
  • Reply 16 of 29
    MarvinMarvin Posts: 14,208moderator
    foggyhill said:
    why on earth would those thing need constant VPN access to do their job, that's the question.
    They want to filter ads out of all the traffic across the whole device so it has to be active all the time. The company listed here describes what they do:

    https://techcrunch.com/2015/10/06/apple-approves-an-app-that-blocks-ads-in-native-apps-including-apple-news/

    "When the VPN is enabled, traffic is then routed through Been Choice’s servers where it performs deep packet inspection on the content. It can then remove specific content – like ads – through pattern matching.

    “While we inspect headers and the body, no user content is stored, and our filtering is done on the fly. This approach may be more familiar in its corporate form. For example, companies use deep packet inspection on their managed devices to ensure that sensitive information never leaves internal corporate networks,” explains Yoon.

    This ability, the company claims, makes Been Choice the first to block ads in Facebook’s native iOS app. In addition, the app blocks ads in Pinterest, Pandora, Yahoo and the New York Times apps, among others. It also blocks sponsored posts, native ads, and pre-roll videos like those in news apps from CNN or CNBC, for example.

    Surprisingly, Been Choice is also capable of blocking ads in Apple’s News app, as well.

    Twitter, however, is not blocked because of its use of end-to-end encryption that makes it impossible to block ad traffic without blocking non-ad traffic."

    This has the potential to be sending all data through a 3rd party server: every email you send, every photo/video you upload, every web page you visit. The company selling AdBlock says they don't route general traffic through their servers, just ad content:

    http://nomobileads.com/privacy

    It says here that they aren't using a VPN at all:

    https://www.reddit.com/r/VPN/comments/5pdw00/is_an_ad_block_app_that_creates_a_vpn_profile/

    That says they setup a fake VPN that routes ad content to it locally, which then fails to connect. That may be what Apple is talking about when it says the app isn't doing what it says. This would be equivalent to the hosts file on the Mac where you put in a set of ad domains and route them to 127.0.0.1 so they don't load.

    Some of the VPN providers are routing your content through their servers, which is a privacy concern. Some of them aren't setting up a proper VPN. The latter is the better option as it does ad-blocking locally.

    The functionality these apps provide should still be available, blocking them from the store will mean having to do a manual configuration of the VPN. The fake VPN setup would be done the following way:

    https://nerd.one/vpn-on-demand-configuration-profiles-for-ios-and-macos-explained/

    https://www.derman.com/blogs/Begin-Configuration-Profile-Setup

    The on-demand VPN functionality wasn't intended to be used as an ad-blocker.

    Apple will want to be supporting both their developers and their users here and they have conflicting interests. Developers and content publishers need to use ads to support themselves in some cases, user hate seeing ads and want them all blocked. Most of the ads people will see are browser ads so the Safari content blockers will suffice for most users. For in-app ads, that's up to the developer, if the ads are annoying then users can tell the developer to either remove them or offer a paid option.

    A hosts file equivalent on iOS would be useful for permanently blocking bad hosts like MacKeeper and similar.

    Maybe Apple can make a feature where people can subscribe to a system-level ad-blocker for say $0.99/month and it blocks all ads in all apps. Then whenever it detects a blocked ad, part of the subscription revenue goes to that developer. An ad view is only worth about 0.1c so $0.99/month covers nearly 1000 ad views/month. The developers might actually make more money that way. Alternatively, this can just be an alternative to ads and instead be a store-wide subscription. Rather than $0.99 per app, it would be $0.99/month ($9.99/year) for all apps that are in the program. If you aren't in the subscription, it wouldn't necessarily mean you don't get the app but it can be time-limited or have some other restrictions unless subscribed and this subscription can work across Apple News, Music etc.

    macplusplusGeorgeBMacbshankronnpropoduraharawonkothesane
  • Reply 17 of 29
    foggyhillfoggyhill Posts: 4,767member
    Marvin said:
    foggyhill said:
    why on earth would those thing need constant VPN access to do their job, that's the question.
    They want to filter ads out of all the traffic across the whole device so it has to be active all the time. The company listed here describes what they do:

    https://techcrunch.com/2015/10/06/apple-approves-an-app-that-blocks-ads-in-native-apps-including-apple-news/

    "When the VPN is enabled, traffic is then routed through Been Choice’s servers where it performs deep packet inspection on the content. It can then remove specific content – like ads – through pattern matching.

    “While we inspect headers and the body, no user content is stored, and our filtering is done on the fly. This approach may be more familiar in its corporate form. For example, companies use deep packet inspection on their managed devices to ensure that sensitive information never leaves internal corporate networks,” explains Yoon.

    This ability, the company claims, makes Been Choice the first to block ads in Facebook’s native iOS app. In addition, the app blocks ads in Pinterest, Pandora, Yahoo and the New York Times apps, among others. It also blocks sponsored posts, native ads, and pre-roll videos like those in news apps from CNN or CNBC, for example.

    Surprisingly, Been Choice is also capable of blocking ads in Apple’s News app, as well.

    Twitter, however, is not blocked because of its use of end-to-end encryption that makes it impossible to block ad traffic without blocking non-ad traffic."

    This has the potential to be sending all data through a 3rd party server: every email you send, every photo/video you upload, every web page you visit. The company selling AdBlock says they don't route general traffic through their servers, just ad content:

    http://nomobileads.com/privacy

    It says here that they aren't using a VPN at all:

    https://www.reddit.com/r/VPN/comments/5pdw00/is_an_ad_block_app_that_creates_a_vpn_profile/

    That says they setup a fake VPN that routes ad content to it locally, which then fails to connect. That may be what Apple is talking about when it says the app isn't doing what it says. This would be equivalent to the hosts file on the Mac where you put in a set of ad domains and route them to 127.0.0.1 so they don't load.

    Some of the VPN providers are routing your content through their servers, which is a privacy concern. Some of them aren't setting up a proper VPN. The latter is the better option as it does ad-blocking locally.

    The functionality these apps provide should still be available, blocking them from the store will mean having to do a manual configuration of the VPN. The fake VPN setup would be done the following way:

    https://nerd.one/vpn-on-demand-configuration-profiles-for-ios-and-macos-explained/

    https://www.derman.com/blogs/Begin-Configuration-Profile-Setup

    The on-demand VPN functionality wasn't intended to be used as an ad-blocker.

    Apple will want to be supporting both their developers and their users here and they have conflicting interests. Developers and content publishers need to use ads to support themselves in some cases, user hate seeing ads and want them all blocked. Most of the ads people will see are browser ads so the Safari content blockers will suffice for most users. For in-app ads, that's up to the developer, if the ads are annoying then users can tell the developer to either remove them or offer a paid option.

    A hosts file equivalent on iOS would be useful for permanently blocking bad hosts like MacKeeper and similar.

    Maybe Apple can make a feature where people can subscribe to a system-level ad-blocker for say $0.99/month and it blocks all ads in all apps. Then whenever it detects a blocked ad, part of the subscription revenue goes to that developer. An ad view is only worth about 0.1c so $0.99/month covers nearly 1000 ad views/month. The developers might actually make more money that way. Alternatively, this can just be an alternative to ads and instead be a store-wide subscription. Rather than $0.99 per app, it would be $0.99/month ($9.99/year) for all apps that are in the program. If you aren't in the subscription, it wouldn't necessarily mean you don't get the app but it can be time-limited or have some other restrictions unless subscribed and this subscription can work across Apple News, Music etc.

    Well, I got that after I posted but just found the whole setup mind boggling;  I clearly see this as a security risk not just a privacy one and see why apple would do that which is in line with my own comments

    not to mention how much of a potential battery suck age those things would potentially be.

    edited July 2017 ronn
  • Reply 18 of 29
    rogifan_newrogifan_new Posts: 3,823member
    XStylus said:
    Hooooooly crap am I glad to have read this article. I was just about to make a very expensive mistake. Was about to retire my Galaxy S5 and jump ship to an iPhone. Not anymore.

    You'll have an easier time prying away a gun from a young Charlton Heston than foisting an un-adblockable device upon me. I'd rather suffer the throes of internet withdraw than put up with a toxic cesspool of distraction engineered, attention hijacking, consciousness derailing, apoplecticly infuriating internet advertising. HELL. NO.
    Here’s a novel idea: How about you just pay for apps? It’s not like apps are that expensive. If you have enough money to buy a premium flagship you can spend $.99 or $1.99 on an app.
    ronnjony0
  • Reply 19 of 29
    rogifan_newrogifan_new Posts: 3,823member

    XStylus said:
    Hooooooly crap am I glad to have read this article. I was just about to make a very expensive mistake. Was about to retire my Galaxy S5 and jump ship to an iPhone. Not anymore.

    You'll have an easier time prying away a gun from a young Charlton Heston than foisting an un-adblockable device upon me. I'd rather suffer the throes of internet withdraw than put up with a toxic cesspool of distraction engineered, attention hijacking, consciousness derailing, apoplecticly infuriating internet advertising. HELL. NO.
    What you're really saying is that you don't want to use Safari, because in Safari on iOS you'll still have all the ad-blocking capability, plus the world's faster mobile browser.  But instead, you'll accept an Android phone, with its lack of privacy controls (relative to iPhone), poorer security, far more malware, and general inability to be updated beyond the major Android release each handset ships with.  Okay.  Enjoy. 
    This applies to Samsung Galaxy phones?
  • Reply 20 of 29
    SoliSoli Posts: 8,678member
    foggyhill said:
    Soli said:
    foggyhill said:
    Soli said:
    jdw said:
    The other day I noticed that VPN was active on my daughter's iPad Pro 9.7". I asked her about it and she said her ad blocker would not work without it. But this article makes me curious if that VPN connection could be a back-door for the bad guys to do naughty things to one's data or personal information. Is it a risk? My natural assumption is that it is indeed a risk, otherwise why would Apple try to now prevent it? Is Apple just being stupid Big Brother again? Or are these VPN connections to "block" ads" being used for more nefarious purposes? I'd like to read an expanded AppleInsider article that answers those questions in detail.
    Anything you install is a risk. Anything that connects to a network is a risk.

    VPN's work by creating an encrypted tunnel from your device to the VPN service's server where the data is then sent out and received normally. This gives the benefit of your local ISP not being able to track your activity as well as preventing anyone on the local network seeing what kind of data, even if it's encrypted with SSL, from seeing what you're doing, but you still have to trust your VPN provider.

    I use PIA every time I'm using public WiFi because I trust them more than I trust whomever could be snagging my local data. With the direction things are going in the US I may start to use on my private WiFi to prevent my ISP from tracking my activity, too.
    That wasn't really his comment though, why on earth would those thing need constant VPN access to do their job, that's the question.
    Reducing the number of open services on the device, or on the router is what I do all the time; they better have a damn good reason for being there and staying up.
    He asked if there was a risk if a "VPN connection could be a back-door for the bad guys to do naughty things to one's data or personal information" and I I answered accordingly. If you don't understand why a VPN app would need access to their VPN servers to offer their VPN service (i.e.: to do their job) there are no additional words I can say that will make it more clear.
    Stop the condescension bud (see I can do it too huh). There are other ways to get these apps to work; not just one.
    An ad blocker is not "a VPN app", just like a browser is not a VPN software either despite the fact you can run one inside it. That's not their primary function at all.
    Been using VPN's since they first appeared in about 93 in Cisco routers and ran vpn tunnels over ssh by the late 90s. So, I'm quite familiar with them.. Thanks for the info though (sic).
    Its bad security to keep ports/services open anywhere, especially with endpoints of dubious security.
    Your giving access to your browser to those things; not something trivial at all; a possible entry vector for social engineering, getting a web workers running some bots or bitcoin mining or whatever, without any way really of monitoring this (except battery usage which many people don't look at).
    So you're just reiterated my comments where VPNs are always a potential security risk after telling me I was wrong for saying that. Brilliant¡
Sign In or Register to comment.