AppleInsider Staff
In a bid to protect users against potential man-in-the-middle attacks, Apple on Thursday confirmed the removal of multiple iOS content blockers, also referred to as ad blockers, that relied on the installation of root certificates to operate.
The removal of root certification-based content blocking apps essentially reduces the potential of attack by cutting off outside access to otherwise secure data connections, reports iMore.
Apps that rely on root certification installations, like popular option Been Choice, go further than vanilla Safari ad-blocking extensions by sending off user network data to offsite servers, where offending content is filtered out. This system, while more comprehensive in its protection of apps outside of Safari, opens users to potential attacks as monitored traffic could be intercepted at a content blocker's servers.
"Apple is deeply committed to protecting customer privacy and security," an Apple spokesman told iMore. "We've removed a few apps from the App Store that install root certificates which enable the monitoring of customer network data that can in turn be used to compromise SSL/TLS security solutions. We are working closely with these developers to quickly get their apps back on the App Store, while ensuring customer privacy and security is not at risk."
The company did not specify which apps were affected by the takedown.
As noted by the publication, Apple's team created a safer solution in Safari View Controller that does not require an ad blocker to track network activity on its own.
Selective content blocking was introduced in iOS 9 to prevent malicious apps from surreptitiously gathering sensitive customer data. Apple's ad blocking mechanism went under the microscope last month when it was learned that popular blocker Crystal allowed certain advertisers to pay to bypass its filters.
Andrew O'Hara
Malcolm Owen
William Gallagher
Sponsored Content
Mike Wuerthele
Chip Loder
21 Comments
Again, Apple should just have it's own ad blocker in the Settings app. Have Giggle ads blocked by default and all others unchecked. Allow the user to block the ads they want, if any.
[quote name="sog35" url="/t/189023/apple-removes-certain-content-blockers-from-ios-app-store-over-security-concerns#post_2788471"] Agree. But dont call it adblock. Call it spyblock or tracking block. Basically block all spy and tracking scripts. Who the hell can argue you dont have right to your own privacy? The problem is calling it ad block. Since ads are a normal part of business, it sounds bad to block all ads. So if a website uses native ads that dont track/spy they wont be blocked. Time to go thermo nuclear on Google Tim.[/quote] True. Especially since that's exactly what Giggle is doing. Spying.
[quote name="sog35" url="/t/189023/apple-removes-certain-content-blockers-from-ios-app-store-over-security-concerns#post_2788471"] Agree. But dont call it adblock. Call it spyblock or tracking block. Basically block all spy and tracking scripts. Who the hell can argue you dont have right to your own privacy? The problem is calling it ad block. Since ads are a normal part of business, it sounds bad to block all ads. So if a website uses native ads that dont track/spy they wont be blocked. Time to go thermo nuclear on Google Tim.[/quote] Why even use the word "block"? Why not call it "Privacy Mode" or "Privacy Filter"? Something that when enabled signifies the actual benefit you receive (privacy) as opposed to namng it based on what it's removing (ads, trackers).
As far as thermonuclear goes, the News app isn't it. The damn stories redirect to the original webpage and you see Giggle ads and others again. What a disappointment. :( I don't mind most ads but I don't wanna share my info with Giggle so having a list of filters would help. "Blacklists/whitelist" they're called?
...Is there any list that shows the removed apps? ...