Apple removes apps from App Store after root certificate security concerns

Apple removes apps from online store following root certificate security concerns

Apple has removed a number of applications from the App Store after fears that developers could snoop on user traffic by installing their own root certificates.

The removed applications, which include an ad blocker known as Been Choice, are able to route a user’s traffic through third-party sources to obtain private information.

An Apple spokesperson told V3: “We’ve removed a few apps from the App Store that install root certificates which enable the monitoring of customer network data that can in turn be used to compromise SSL/TLS security solutions.”

The developers of Been Choice, which is no longer listed in the App Store, acknowledged the removal on Twitter and said that they plan to re-submit the app to the official store.

In the case of Been Choice the application is able to block ads even in other applications, and offers a content blocker for Safari alongside a virtual private network (VPN) service that blocks native adverts. The VPN service lets users browse other apps such as Facebook, Pinterest and even Apple News without advertising.

Ad blockers have become increasingly popular following the release of iOS 9, when Apple first allowed developers to upload the software for Safari and other browsers. However, Apple does not currently allow the shutting down of content in other apps.

An Apple support page outlines how the affected applications can be uninstalled.

“Apple has removed a few apps from the App Store that install root certificates that could allow monitoring of data,” the firm said.

“This monitoring could be used to compromise SSL/TLS security solutions. If you have one of these apps installed on your device, delete the app and its associated configuration profile to make sure your data remains protected.”

Furthermore, Apple will now work closely with the application developers to get the software back online while ensuring that customer security is not at risk.

The news comes after Apple was forced to clean up the App Store following the discovery of XcodeGhost, a form of malware found in fake versions of Apple’s Xcode developer suite.

A separate threat known as YiSpecter was also uncovered which abused private APIs in iOS to infect non-jailbroken devices, leading some security experts to claim that iOS exploits are quickly changing the perception that Apple devices are immune to attack.

If the article suppose to have a video or a photo gallery and it does not appear on your screen, please Click Here

9 October 2015 | 10:34 am – Source: v3.co.uk

[ad_2]

Leave a Reply

Your email address will not be published.