Fake ‘Tor Browser’ App Raises Questions About App Store’s Vetting Process
As pointed out by Ars Technica, a fake iOS app named ‘Tor Browser’, which is full of adware / spyware, has been sitting in the App Store since November and hasn’t yet been removed by Apple, raising questions about the vetting process of what the critics refer to as the company’s walled garden. The report notes that high-ranking members of Tor anonymity service have already complained that the app is a fake, but it still available for download.
“Tor Browser in the Apple App Store is fake,” a report ticket published two months ago on the Tor website by high-ranking volunteer Phobos stated. “It’s full of adware and spyware. Two users have called to complain. We should have it removed.”
The ticket went on to say that Tor officials notified Apple of the fake Tor Browser app in December. In the intervening time, the app has remained available, touching off a series of exchanges among Tor members about how to respond.
While the source claims that it was unable to confirm the presence of any adware or spyware in Tor Browser, the incident does highlight the lack of transparency in the way that Apple vets the reliability of security apps and responds to complaints. And even though Apple has never described exactly what its process is for ensuring the titles in its App Store are safe, the comparatively fewer reports of rogue apps for iOS suggest that the review process is more stringent than Google’s Play Store.
Nonetheless, the report ticket from Tor’s high-ranking members suggests that Apple may not be doing everything it can or should do to protect iOS users.