Apple culls 'a few' in-app ad blockers rerouting user data to developers
Apple has pulled an undisclosed number of apps from the App Store capable of exposing its users’ web browsing histories to third parties.
A number of apps, including ad blockers, were found to have installed an unofficial root certificate capable of sending the encrypted data to developers.
The company maintains a tight grip on the root certificates that appear on its hardware to prevent exactly what happened from happening.
In-app ad blockers, such as the now removed Been Counter, require traffic to be directed to developer servers via a (VPN).
Although not immediately dangerous, privacy-centric Apple likes to clamp down on third party software on its devices while keeping valuable user data out of the hands of developers who could potentially abuse it.
The company said: “Apple is deeply committed to protecting customer privacy and security. We’ve removed a few apps from the App Store that install root certificates which enable the monitoring of customer network data that can in turn be used to compromise SSL/TLS security solutions.
“We are working closely with these developers to quickly get their apps back on the App Store, while ensuring customer privacy and security is not at risk.”
The move comes just days after Apple gave the greenlight to in-app ad blockers, striking a potential blow to the ad revenues of developers.