Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Advertising Privacy Security Software Apple

Apple Approves, Then Removes In-App Ad Blocker (reuters.com) 85

Mickeycaskill writes: Apple has pulled a number of applications from the App Store, most notably the "Been Choice" ad blocker, because of concerns the methods they employ to rid adverts could compromise sensitive user data. iOS 9 allows for the installation of applications that block adverts in Safari, but other apps like Been Choice go one step further and let users remove adverts from applications – including Apple News. Been Choice routes traffic through a VPN to filter out adverts in some applications, but it this technique has attracted the attention of Apple, which is concerned user data could be exposed. Apple says it is working with developers to get their apps back up and Been is refining its application for resubmission. In any case, Been says users must opt-in for in-app ad blocking and that no data is stored on its servers.
This discussion has been archived. No new comments can be posted.

Apple Approves, Then Removes In-App Ad Blocker

Comments Filter:
  • by Joe_Dragon ( 2206452 ) on Friday October 09, 2015 @09:24AM (#50692887)

    Just wait for macos to have the same level of lock down and app store only.

  • Good (Score:5, Insightful)

    by Anonymous Coward on Friday October 09, 2015 @09:36AM (#50692959)

    I'm the first guy in line to shit on Apple, but having an app that routes all traffic through some unknown server is a major security issue. Apple is right to pull this until they can figure out a way to make sure the user knows the implications and/or the server operator has no way of collecting data from the users routed through his/her VPN.

    • Silly they use an external VPN. On Android, local loopback VPNs like Mobiwol [mobiwol.com] work great. All the apps's traffic goes through the VPN, which is local, so you can allow/deny on the fly (can filter foreground vs background too). Mobiwol could easily add some DNS-based blacklists (aka hosts file) and do add blocking plus firewall.

      One would have to really trust an external VPN provider to ship all your traffic through. Which if you run your own VPN service or do trust one, it's safer than sending all your plain-

  • by SuperKendall ( 25149 ) on Friday October 09, 2015 @09:43AM (#50692995)

    The summary is horrific because it paints the pulling of these apps as negative when in fact it's one of the better demonstrations as to why non-technical people need a curated app store.

    Be honest, your mom or other family member is is not as technically knowledgeable tells you they installed an app that routes all mobile traffic through some VPN the developer runs (never mind how they knew enough to explain that to you!).

    Would you SERIOUSLY let that stay installed, or would you run to un-install it?

    This is nothing more than a giant security breach. If you really are STUPID enough to want to run all your traffic through some strangers VPN, you can do so easily with existing mobile VPN support on any platform. They can scrub ad blockers and run MITM attacks on your bank or what have you, but at least it would have required more effort on your part to get yourself into trouble.

    • The summary is horrific because it paints the pulling of these apps as negative when in fact it's one of the better demonstrations as to why non-technical people need a curated app store.

      Mods: Mod Parent UP. This is EXACTLY correct!

  • Honestly... (Score:4, Insightful)

    by hyperar ( 3992287 ) on Friday October 09, 2015 @09:46AM (#50693023)
    I don't own, and probably never will, an Apple product, i simply don't think they worth what they cost, but i got to give a thumbs up on this one, i don't know how many of the app's users know (and understand) what was going on, and while there isn't any evidence that this actually happened, you only can "trust" they don't. Maybe if this app was advertise as such, it may be acceptable, because the user choose to trust them or not.
  • The App developers may have good intentions around this and never contemplate using their pipeline from enduser's devices. The issue then becomes how solid they are in terms of security as this opens them up as a big target for others to compromise the user's traffic and device. This becomes a very weak point in the security walls and efforts which Apple has been building and would most certainly become a focus of parties interested in compromising iOS devices. We can't put that level of trust into just any

  • Jailbreak and install a hosts file. This is why I only buy NEXUS phones because they can always be easily rooted to eliminate all freaking ads.

    • by JustNiz ( 692889 )

      I would be right along with you if only nexus phones met both my minimum must-haves of an sd card slot and user-replaceable batteries.
      Meanwhile I use cyanogenmod on an old Samsung S3 and can do exactly the same.

  • Android fanboy here... just wondering - when Apple pulls an app from the store, does it force it to uninstall from your device(s) as well?
    • Android fanboy here... just wondering - when Apple pulls an app from the store, does it force it to uninstall from your device(s) as well?

      I've had one or two apps on an iPhone that were in the store and then got pulled for various reasons (nothing malware related). The app remained on my phone and functional. Whether Apple has the ability to reach in and remove the app I cannot say but it wouldn't surprise me if they did have the ability. We've seen Amazon do that with their Kindle and obviously it is technologically possible. I've not heard of them doing this yet and I presume it would be newsworthy if they did.

    • by tlhIngan ( 30335 ) <slashdot.worf@net> on Friday October 09, 2015 @11:50AM (#50693961)

      Android fanboy here... just wondering - when Apple pulls an app from the store, does it force it to uninstall from your device(s) as well?

      Nope.

      So far, if Apple even has the ability to uninstall an app, they've never used it. They've never used their ability to disable apps, either (though limited to ones which use CoreLocation, since the disabling code is in there, so if you never touch GPS...).

      All Apple has done is basically prevent users from redownloading apps. But even that's not as big a limitation - you can still back up an app using iTunes. Or download the app using iTunes and install it via iTunes (recommended method for large apps). Even if the app is removed, as long as you have the IPA (the app file, similar to apk for Android) file somewhere, and iTunes is available, you can install it via iTunes. iTunes doesn't check - as long as the app is in your name and account, iTunes will install it on your device long after the developer has disappeared.

      This was how users of a particular (medical) assistance app kept using it - after the developer has been sued by some larger company or patent violations that forced Apple to remove the app, the users backed up the app via iTunes and use that to install it on every new device.

      The only thing is, it's unmaintained, so if it doesn't work with a new OS version...

      And if you wanted, using iTunes you can back up old versions of apps too, so if they try to screw you or add stuff like ads or IAPs (in app purchase) you don't like, you can always revert by installing that particular version of the app.

      • Android fanboy here... just wondering - when Apple pulls an app from the store, does it force it to uninstall from your device(s) as well?

        Nope.

        So far, if Apple even has the ability to uninstall an app, they've never used it. They've never used their ability to disable apps, either (though limited to ones which use CoreLocation, since the disabling code is in there, so if you never touch GPS...).

        All Apple has done is basically prevent users from redownloading apps. But even that's not as big a limitation - you can still back up an app using iTunes. Or download the app using iTunes and install it via iTunes (recommended method for large apps). Even if the app is removed, as long as you have the IPA (the app file, similar to apk for Android) file somewhere, and iTunes is available, you can install it via iTunes. iTunes doesn't check - as long as the app is in your name and account, iTunes will install it on your device long after the developer has disappeared.

        This was how users of a particular (medical) assistance app kept using it - after the developer has been sued by some larger company or patent violations that forced Apple to remove the app, the users backed up the app via iTunes and use that to install it on every new device.

        The only thing is, it's unmaintained, so if it doesn't work with a new OS version...

        And if you wanted, using iTunes you can back up old versions of apps too, so if they try to screw you or add stuff like ads or IAPs (in app purchase) you don't like, you can always revert by installing that particular version of the app.

        Extremely Informative, thanks!

      • Awesome! I didn't realize Apple users could pseudo side-load apps via iTunes. I also didn't hear about this medial app fiasco. I'll have to Google that one - sounds like an interesting story.
  • I'm a firm believer that advertising should not be blocked or redirected to another advertisement service. I believe this because the application developers depend on this to obtain some reward for an application they developed at no "direct" cost to the users.

    The argument I keep hearing is: Well the advertisements are annoying.
    My answer back is: You don't have to use their application or service. In many cases the ad free apps are available at a small cost.

    IMO developers and broadcasters are allowed to mon

    • by Anonymous Coward

      The argument I keep hearing is: Well the advertisements are annoying.~

      Well you're not listening very hard. The big issue today is that ad networks are spreading malware. It's now necessary to block ads *as a security measure* (my company blocks them at our gateway for precisely that reason). If you want to be part of a botnet that's your choice.

      • by gnupun ( 752725 )

        The big issue today is that ad networks are spreading malware. It's now necessary to block ads *as a security measure*

        Then spend a dollar or some minor amount in-app purchase and the ads are gone. But I bet most iphone users won't spend a cent. They want to have their cake and eat it too.

        By all means, keep coming up with more BS to justify your piracy.

      • Well you're not listening very hard. The big issue today is that ad networks are spreading malware. It's now necessary to block ads *as a security measure* (my company blocks them at our gateway for precisely that reason). If you want to be part of a botnet that's your choice.

        Yes, because that's the reason people use ad blockers... SURE....

        Whatever floats you boat!

    • by Anonymous Coward

      I posted this response in another article this morning, but it's valid as an answer here as well.

      No one clicks on ads. Money is made from imprints. This is why news sites, which used to display articles on one page, now, quite unnecessarily, spread them across multiple pages for one reason -- ad imprints. More clicks, more eyeballs. It's disingenuous. Advertising is parasitic in nature. There is no obligation that visitors view the ads. None. The website owner may wish for this so he can make money by doing

    • Please go die in a fire.
    • by Anonymous Coward

      Lots of misunderstanding the arguments, and shifting the goalposts.

      The problem is not with ads. The problem with the types of ads. Too often we have ads that pop up, takeover the screen, resize, use scripts that bog down the browser, even act as vectors for malware. I don't give a shit if advertisements pay the bills, that need doesn't give them the right to run that kind of stuff, potentially putting people's systems at risk, without some sort of response.

      My answer back is: You don't have to use their application or service.

      And my response back: You had to use it

    • by 0123456 ( 636235 )

      I'm a firm believer that advertising should not be blocked or redirected to another advertisement service. I believe this because the application developers depend on this to obtain some reward for an application they developed at no "direct" cost to the users.

      Alternatively, they could get a real job, producing real products that real people are really willing to pay for.

      • by Anonymous Coward

        ^ There's this...

        So many people think they should attach ads to websites, sit back and rake in the cash. Sorry. Very few websites enjoy this level of income that would make this even remotely viable as serious income source.

        I see the adblocking and ad industries entering into a war very soon. Personally, I block all ads, cookies, tracking beacons, HTTP/S referrer, visited link histories, you name it. I'm sure websites hate me, but it's not my concern. Ads are the singlemost easy way to get infected with mal

        • So many people think they should attach ads to websites, sit back and rake in the cash

          That isn't your decision to make. If you don't want the ads, pay for the premium service and if it's not available don't use the service. It's really that simple.

          Ads are the singlemost easy way to get infected with malware in 2015.

          I'm sure you're right (for users with outdated browsers) but you need to back you claims with numbers from a reputable source.

          The adverse effect of ad blocking is poor browsing experience for those who have it (when countermeasures are in place) AND the reduced value of ad prints. The results of reduced ad value is that more are published to accomp

      • Alternatively, they could get a real job, producing real products that real people are really willing to pay for.

        Ahhh, so you fall in the category of "sense of entitlement".

        And why don't you defined real product for me because last I checked, apps are real products and so are online services.

        The fact that you are using the application and are blocking ads is sign that you are interested in the product but aren't willing to pay (sense of entitlement). That's where you way of thinking falls flat on it's face.

  • Downloaded BEEN when first posted online. I expected it too good to last. Here's why:

    Websites are unusable due to advertisers banner attacks. Apps are quickly monetizing to un-usability too. BEEN stops that Shit! Not only did I download, install and turn on BEEN, gladly, I added VPN capability to Stop app advertising pollution.

    Why? BEEN is my MITM gatekeeper. I have the Internet back ad-free and yes Shit from advertisers is trapped before It can waste my time in-app or online.

    Advertising is POLLUTION. Stop

Real Programmers don't eat quiche. They eat Twinkies and Szechwan food.

Working...