Apple removes several ad-blocking apps due to security risk

Apple removed many of the ad-blocking apps from its store, citing that the security of some of its users could be compromised. Though until this point, nobody has yet reported any security breaches.

iOS 9 iPhone

Apple found out that many of the ad-blocking apps installed root certificates on its users phones so that the device’s SSL/TLS security can be bypassed and the usage behavioural data can be monitored and recorded by third parties. The company did assure that it would be working with ad block developers and allow it as long as it doesn’t monitor the phone’s usage.

It should be noted that Apple allowed Ad blockers for iOS 9 and Safari. It should be noted that at the time of announcements, Adblock Plus said the following:

In short, either this new API will improve Adblock Plus performance on Safari or it will force us to rely upon an inferior blocking format that would essentially kill ad blocking on Safari.

Apple, Inc. put out the following comment:

Apple is deeply committed to protecting customer privacy and security. We’ve removed a few apps from the App Store that install root certificates which enable the monitoring of customer network data that can in turn be used to compromise SSL/TLS security solutions. We are working closely with these developers to quickly get their apps back on the App Store, while ensuring customer privacy and security is not at risk.

While such ad blocks are not necessarily malicious, they do lead to a compromised handset where data can be compromised without user’s knowledge. Users would argue that installing root certificates is necessary to remove HTTPS advertisements.

Leave a Reply

Your email address will not be published.