Forgot your password?
typodupeerror
Iphone Security Apple

Tor Project: Fake Tor App Has Been In Apple's App Store For Months 78

Posted by Unknown Lamer
from the well-he-paid-his-developer-fees-so-... dept.
itwbennett (1594911) writes "For the past several months Tor developers have unsuccessfully been trying to convince Apple to remove from its iOS App Store what they believe to be a fake and potentially malicious Tor Browser application. According to subsequent messages on the bug tracker, a complaint was filed with Apple on Dec. 26 with Apple reportedly responding on Jan. 3 saying it would give a chance to the app's developer to defend it. More than two months later, the Tor Browser app created by a developer named Ronen is available still in the App Store. The issue came into the public spotlight Wednesday when people involved in the Tor Project took to Twitter to make their concerns heard. Apple did not respond to IDG News Service's request for comment."
This discussion has been archived. No new comments can be posted.

Tor Project: Fake Tor App Has Been In Apple's App Store For Months

Comments Filter:
  • by Anonymous Coward on Thursday March 20, 2014 @04:45PM (#46538063)

    I've been using a tor app In the app store and it works is it the same one, what's this one called. If it is I agree I don't see a problem.

  • Typical Apple idiocy (Score:5, Interesting)

    by bazmail (764941) on Thursday March 20, 2014 @04:46PM (#46538073)
    They took about 30 seconds to take down that breast feeding app (a BREAST!!!), but something so utterly evil like an app that promises anonymity and delivers spyware gets to live on for months? Sounds like Apple may have received a National Security letter about this fake Tor app (i.e. leave it alone!) and are playing dumb.
  • Not fake... (Score:2, Interesting)

    by Anonymous Coward on Thursday March 20, 2014 @05:05PM (#46538231)

    as much as "not an official release".

    When you are working with something like the TOR network and you want to stay as secure and (hopefully) as safe as possible, you want everything to be officially released. If the browser bundle in the store is not official, you don't know *exactly* what is in it or if they added anything to it. That alone is scary. Especially if you know & trust the TOR project and expect the same from the app as you get from their other browser bundles.

    "Fake" is definitely the wrong way to describe it ( if it actually does use TOR ), but it definitely makes a bigger impression than "unofficial".

  • by SuperKendall (25149) on Thursday March 20, 2014 @05:25PM (#46538373)

    If the app sends back a message to it's developer showing what you looked at then that is a serious security breach.

    That's a reason not to trust the app for the intended use, but not a good reason to pull the app from the store. Apple's job is not to make sure that the app operates 100% as described, but that it falls within the guidelines for being on the store and lives up to the app description. The app says it "helps" you with security but that's as far as it goes, and would be true for anyone monitoring just the HTTP URL's accessed by the app (if it's really using TOR).

    The thing is we have no-one saying it is in fact reporting back anything to anyone - all I can find is complaints ads make use of location! Location which the app user has to approve the app getting access to.

    If you are a Russian citizen using this app because of a real need for anonymity, you would not approve it accessing location...

  • by Anonymous Coward on Thursday March 20, 2014 @08:02PM (#46539567)

    I've been using a tor app In the app store

    If you're trying to use TOR on Apple or Microsoft OSs, you're doing it wrong.

Blinding speed can compensate for a lot of deficiencies. -- David Nichols

Working...