After all the fanfare and razzmatazz that came with Apple’s decision to allow third party ad-blockers to be installed on iOS devices, Apple has been forced to begin removing some of them due to security concerns.
Included in the Ad-Blocker cull was the higly popular, and highly rated Been Choice.
After the newest Apple OS launched last month, app developers were tripping over each other to release their own Ad-Blocker apps in the Apple Store. The new Ad-Blockers quickly managed to race to the top of the download charts.
Now though, Apple has started the process of removing some due to potential security concerns surrounding the methods of what some of the Ad-Blocker apps do to remove advertising from showing up on peoples screens.
Have Apple suddenly decided they don’t like Ad-Blockers.
Ad-Blockers for iOS were originally intended by Apple to be used with Apple’s in house Safari web browser, utilising Apple’s content blocking system. This was supposed to allow for 3rd party app developers, such as the makers of Been Choice to filter out ads on the Safari browser.
Been Choice and others, however, were found to not only block ads from within Safari, but also those displayed on other apps as well.
Techcrunch.com commented on this just a few days ago in their round up review of content blockers saying that it was ‘very curious that they [Been Choice] were able to do what they do inside of Apple’s system.’
The issue stems from the fact that the removed Ad-Blockers installed ‘root certificates’ in any iOS device they were installed on. The certificates were then used to funnel that device’s web traffic through a proxy Virtual Private Network (VPN). The VPN then literally scraped any and all ads from being shown on that iOS device. This included ads being shown on Apple’s own News App.
Apple are removing the apps to protect against potential ‘man-in-the-middle attacks.’ The problem was that the traffic and all the unencrypted information within it that was being shunted via the VPN was also being used to gather ‘behavioural data,’ that was then being sold to other companies. Users were, apparently being offered cash and ‘points,’ in exchange.
The other, even more concerning consequence of VPNs of this nature however is that hackers and other 3rd parties can interfere with browsing and also, in extreme cases, steal information such as credit card and security details.
Understandably then, Apple has made the move to shut the affected Ad-Blockers down. No security breaches have been reported so far, and none of the AD-Blockers in question are reported to have had malicious or nefarious intent.
Apple themselves also commented that they were working hard with the app developers to allow them to get the Ad-Blocker apps back in the Apple Store once they had been modified.
This latest revelation has further hit Apple’s reputation for being meticulous about security. It comes after the news just a few weeks ago, that Apple were forced to remove 300 malware infected apps from their Chinese store, and also the morally dubious removal of a drone strike app.