Apple throws in-app ad blockers out of the iOS App Store, citing security concerns

iOS 9 brought ad-blocking to mobile Safari users, which either delighted or disgusted you (depending on whether you were an online site which relied upon advertising or not).

Here is the video where I demonstrated how you can set up iOS 9 to block ads in the built-in web browser.

But now some content-blocking apps, which went took the concept of blocking ads in the web browser and took it to the logical next step of also preventing ads from appearing in third-party mobile apps such as Facebook and Pinterest, have felt the wrath of Cupertino.

Yes, Apple has moved swiftly to kick the likes of Been Choice out of the iOS app store, citing security concerns.

Been choice

Been Choice and similar apps differ from regular ad-blockers like Purify and Crystal by tunnelling your phone's web traffic through a VPN, which examines what content your device is being sent and strips out any ads.

In this way it can stop both regular web-based ads from appearing, and the ads that appear in - say - the Facebook app.

Block using vpn profile

Sounds neat, huh?

Well, that all rather depends on whether you trust the company filtering your iPhone's web traffic, as your data is now going through their servers, where it will be inspected for adverts and other potentially undesirable content.

Been Choice defended the app's behaviour, claiming that the only content routed to its VPN was tracker and ad traffic.

But, presumably realising that it was unlikely to win a fight with the custodians of the App Store, Been Choice told its Twitter followers that it would stop blocking in-app ads:

As Apple's own Apple News is one of the apps that has its revenue-generating in-app ads censored by Been Secure, it's perhaps not surprising that Cupertino has looked unkindly on the aggressive ad-blocking.

An Apple spokesman told iMore that some apps had been removed from the store for taking, in its opinion, ad-blocking too far:

"Apple is deeply committed to protecting customer privacy and security. We've removed a few apps from the App Store that install root certificates which enable the monitoring of customer network data that can in turn be used to compromise SSL/TLS security solutions. We are working closely with these developers to quickly get their apps back on the App Store, while ensuring customer privacy and security is not at risk."

For its part, Been Choice says it will be addressing Apple's concerns and will issue a revised version of its app to the iOS App Store in the near future.

Tags: , , , ,

Smashing Security podcast
Check out "Smashing Security", the new weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"Three people having fun in an industry often focused on bad news" • "It's brilliant!" • "The Top Gear of computer security"

Latest episode:

, , , ,

5 Responses

  1. David L

    October 9, 2015 at 5:32 pm #

    And Apple tries to claim the moral high ground over Google? Seems to me,there is some massive hypocrisy going on at Apple. I spent several hours researching just what personal information Apple collects and how they use it to build profiles on users,then sell ad space for their own profits. It's a little obnoxious that they profit from selling you a phone,and related services,and then want to push ads on you too. Not only that,but the carriers want a piece of you as well!

    That said, Verizon has started using the Zombie Super Cookies AGAIN, and have made opting out extremely difficult. Here is a story on this egregious,obnoxious,disrespectful,GREEDY behavior.

    Verizon super cookies are back!
    https://www.propublica.org/article/verizons-zombie-cookie-gets-new-life

  2. Simon

    October 9, 2015 at 10:30 pm #

    Seems unless you revert to an old Nokia, host your own email, avoid social media, you 'might' be able to mitigate against being 'profiled' amongst telco's and big companies…

    However this isn't any different to companies using/selling our contact details for 'marketing' purposes…

    • coyote in reply to Simon.

      October 10, 2015 at 1:00 am #

      No, no, not at all. I do this (although admittedly I also use my ISP mail and for specific correspondences gmail) and I still wouldn't be able to stop it all. Even if I were to stop using ISP mail and gmail I would still face this reality.

      Besides that, you have the courts that force telcos (and other corporations) to hand over information. There are too many variables to consider but I'm afraid the 'might' you refer to is more like 'will still not'.

      • Spryte in reply to coyote.

        October 10, 2015 at 4:09 am #

        Quite Right!

        Even if I use Putty (or something similar) to get to my old freenet mail account, it is full of spam… and Lynx( yes it eliminates ***some*** tracking ), I'm not sure I I remember how to use it (properly)!!

        As i have told many friends/clients… If you choose to use the internet, you choose between tracking and privacy. It is quite easy to log everything your clients do if you are the ISP or…

        Although even if you send information through 'Sail Mail' and label it "Personal and Confidential" there is no guarantee of privacy either.

        Especially if it goes through a corporate mail room.

        • coyote in reply to Spryte.

          October 10, 2015 at 6:13 pm #

          I just use openssh but I'm a long time Unix (admittedly almost-exclusively Linux in recent years). Lynx isn't hard to use but there isn't much to do, is there? My own mail hosted accounts aren't spammed but I see many attempts at sending to not-existent accounts as well as relaying to other host. Some networks I've seen so much abuse from that I add a null route so as to not worry about them ever again.

          But no matter where you are, privacy (generally) is mostly a myth. Sure, you can have private moments, but the bottom line is that you aren't free from being watched by others (espionage and otherwise). And indeed, snail mail won't be completely private either, especially if you were to do something like that. That's why never include cash in mail (and other similarly abused things). And while redaction is (mostly?) during wartime you always have the risk that it will be read by others (e.g. WW2 the governments would read mail and redact information, either by blacking it out or cutting it – I've seen both through family archives).

          Then there is so-called private mail…

Leave a Reply