Apple the leading tech giant in the world has removed several apps from the App Store for installing root certificates, which allows the developer to view encrypted Web traffic from their users. Some of the apps were ad blockers, capable of inspecting traffic at the packet level to remove ads. The root certificates bypass iOS data protection, encryption, and privacy methods installed by Apple to keep users safer on mobile. Apple said in an announcement that it was working with the engineers to recover their applications on the store.
Some known ad blockers are among those being uprooted, to a great extent on the grounds that they could utilize those root testaments to inspect movement going through them (the sites you see and then some) at the bundle level, bypassing encryption and other information security routines. Apple normally precisely approves root authentications by means of iOS and OS X.
In a statement, Apple said it’s ” deeply committed to protecting customer privacy and security,” before confirming the removal of certain apps. The most controversial app removed is Been Choice, an ad blocker that offers typical content blocking for Safari, alongside a VPN to turn off ads inside Facebook, Yahoo, and Apple News, using deep packet inspection to remove the native ads, videos, and sponsored content.
To do this, Been Choice installs a root certificate to reroute traffic to its servers. Users are then faced with a choice, block ads inside the apps, or make money selling your data to undisclosed third-party marketers inside the app.
Apple claims it is working with the app developers to fix the apps, but we suspect Been Choice and other apps that reroute traffic to block native ads inside of apps won’t be coming back. Mobile ads are the lifeblood for companies like Facebook, Twitter, and YouTube on mobile, lowering that revenue could be detrimental.
One of the apps that has been removed is apparently Been Choice, a content blocker that worked even inside apps. We covered them recently and remarked that it was very curious that they were able to do what they do inside of Apple’s system. The app is currently no longer available on the App Store.
In traditional VPN app, people are explicitly aware that their traffic is being routed through an external server. With content blockers, not so much. So Apple is likely putting the kibosh on these apps both because they use a third-party root certificate and because they route traffic through external servers to perform those actions and because it is not expected behavior, as it is with a VPN. Apple has also expanded their support for VPNs with official frameworks in iOS 9.
Here is Apple’s statement:
Apple is deeply committed to protecting customer privacy and security. We’ve removed a few apps from the App Store that install root certificates which enable the monitoring of customer network data that can in turn be used to compromise SSL/TLS security solutions. We are working closely with these developers to quickly get their apps back on the App Store, while ensuring customer privacy and security is not at risk.
