TechCrunch reports that Apple, in an effort to protect its customer’s privacy and security, has removed a few apps from the App Store for installing root certificates of their own. Some of the removed apps were ad blockers, but Apple says it is working with the developers to get the apps back into the App Store.
The reason why ad blocker apps are affected is that they could set up a VPN-like arrangement whereby traffic flows through the developer’s server to identify and block the adds. While this can’t be called malicious, it still represents a threat to the user’s privacy and security, because users don’t expect such action from an ad blocker. Instead, you are fully aware that your traffic is routed through a third-party server if you are using a VPN app.
Apple has identified those apps that install their own root certificates to examine the traffic passing through them and removed them from the App Store because of the potential security risk they represent.
Apple’s statement:
Apple is deeply committed to protecting customer privacy and security. We’ve removed a few apps from the App Store that install root certificates which enable the monitoring of customer network data that can in turn be used to compromise SSL/TLS security solutions. We are working closely with these developers to quickly get their apps back on the App Store, while ensuring customer privacy and security is not at risk.
It remains to be seen whether the apps will retain their capabilities when they return to the App Store, but since Apple doesn’t have a framework for blocking ads inside apps as it does for Safari, well, the chances are minimal.
