Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Communications Facebook Privacy Security Software Apple

Apple Removes Facebook's Onavo Security App From the App Store (cnbc.com) 98

Apple has removed Facebook's Onavo security app from the App Store because it violated the company's privacy rules. In a statement to CNBC, an Apple spokesperson said: "We work hard to protect user privacy and data security throughout the Apple ecosystem. With the latest update to our guidelines, we made it explicitly clear that apps should not collect information about which other apps are installed on a user's device for the purposes of analytics or advertising/marketing and must make it clear what user data will be collected and how it will be used." From the report: According to a Wall Street Journal story on Wednesday, citing a person familiar with the matter, Apple officials told Facebook last week that Onavo violated the company's rules on data collection by developers, and suggested last Thursday that Facebook voluntarily remove the app. Facebook acquired Israel-based Onavo in 2013, snapping up the free security app that lets users access a virtual private network, or VPN, to browse the web and download apps with a greater degree of privacy. Facebook in the past has offered that service to users without clearly disclosing that its owns the app, and has collected data about what other types of apps those customers use. In June, Facebook told Congress that it does not use Onavo data "for Facebook product uses" or to collect information about individuals, but it has admitted to using Onavo to gather broad information about which apps are popular and how people are using them, which it uses to improve its own products.
This discussion has been archived. No new comments can be posted.

Apple Removes Facebook's Onavo Security App From the App Store

Comments Filter:
  • Too bad this isn't a fight to the death.

  • Apple (Score:5, Insightful)

    by tsa ( 15680 ) on Wednesday August 22, 2018 @10:07PM (#57178152) Homepage

    This is why I love Apple and pay premium prices for their stuff. They care about their customers.

    • Nothing about the status you perceive yourself to have by publicly displaying the Apple logo? After all, everyone knows they're expensive. You're displaying it in public. You sure it's their service, invisible to the outside world, that you like the most?
      • by tsa ( 15680 )

        I don't care what other people think about me and I don't care what they use either. Why do you care what I think?

      • Nothing about the status you perceive yourself to have by publicly displaying the Apple logo? A

        As opposed to those displaying the usually bigger logo of their non-Apple devices? Do you suffer logo envy?

    • so you are happy in letting them decide what you can and cannot have on your phone?
      • by tsa ( 15680 )

        Yes. I let them judge the safety of my apps because they know more about that than I do and I have better things to do.

      • If you're running a rooted android then your phone has already been exploited at least once during the rooting process. If you're not using a rooted phone then you are also allowing a certain level of control to be held by the manufacturer. If you're sideloading apps on a rooted android then you are a complete idiot. So Mr security expect man, what do you think is the best option?
    • They care about their customers.

      By dictating with whom you may or may not do business?

    • They care about their customers money and overcharge for everything. FTFY.
    • by AmiMoJo ( 196126 )

      You may not have noticed by Google removed a similar VPN service from their Play store last week, for exactly the same reason. If anything it looks like Apple saw that and realized that they were not adequately checking VPNs on their own app store.

      The issue is the lack of a proper privacy policy, not the fact that they spy on you. Spying is fine, as long as it's clearly stated in the privacy policy. Otherwise they would have banned the Facebook app too.

      • You may not have noticed by Google removed a similar VPN service from their Play store last week, for exactly the same reason. If anything it looks like Apple saw that and realized that they were not adequately checking VPNs on their own app store.

        Errm, yeah. Maybe Google should also remove the Onavo app? Or at fucking least the app that calls itself "Onavo Protect" but isn't from Onavo? https://play.google.com/store/... [google.com]

        You can pretend that the fact that Google last year removed over 700k apps from the play store as a security win, but you are only fooling yourself.

  • by williamyf ( 227051 ) on Wednesday August 22, 2018 @11:31PM (#57178346)

    I already told A LOT about me to Facebook, on my own volition. What they are able to collect with Onavo is peanuts in comparison.

    I also tend to recomend Onavo, but ONLY in facebook. After all, if some contact of mine reads my recomendation in Facebook, it means that they too have given FB enough info so far that what FB collects through Onavo is peanuts.

    I use Onavo in my android Phone. Onavo is easy to set up, easy to use, free, mantained by a well known company that will be here tomorrow, and let's me access sites my oppresive government deems unappropiate, as well as sites that are collateral damage of the censorship. I do not need to define the country I use to connect, nor am I torrenting, or streaming on my phone.

    What's not to like? Spying? Again, I told FB all they need to know, whatever they gather through Onavo is peanuts.

    On my Mac, on the other hand, I use ProtonVPN, where (I think) they are not spying on me, I can chose the country, I can Torrent* or stream if so I please, and have a VM with TAILS (yes, I know, TAILS on a VM is not the most secure, but I have no money for 2 PCs, and booting TAILS from a pen-drive is a pain in the nuts).

    Moral of the story is: use the tool best fitted for the job.

    And in the end, I'd rather have mark suckerberg spying on me than Nicolas Maduro...

    * Right now, among other things, I am seeding Tails i386 2.12 (the last one with I2P), Latest tails, latest Kali, CrunchbangPP 32 and 64, and libreoffice win32 and LO for OSX...

    • Is Venezuela socialist?
      • No, it's a messed up dictatorship run by a former bus driver who is way out of his depth.
        • No, it's a messed up dictatorship run by a former bus driver who is way out of his depth.

          When I lived in Venezuela, the bus drivers (who owned their own buses) were upper middle class. Some of them made over US$100 a day. My apartment at the time cost me US$10 per month. I usually spent about US$5 a week on groceries. Most of them were not well educated, but their children often were. However, most of them were pretty smart people. They just lacked the opportunity to learn more. I'm not trying to say anything about Maduro. He's obviously a tool. But the kinds of people who had the time a

        • I was asking the man who actually lives in Venezuela, not people anxious to remove the taint of yet another horrible failure from the "good brand" of socialism. For you, here's Jeremy Corbyn, a man who has been a socialist all his life and who knows socialism when he sees it: https://www.youtube.com/watch?... [youtube.com]

          "Chavez ... showed us that there is a different, and a better way of doing things. It's called socialism".

  • by mccalli ( 323026 ) on Thursday August 23, 2018 @04:57AM (#57179060) Homepage
    This is the right thing to do but I'm in interested in the technical detail - I thought apps were sandboxed and couldn't know about each other. How did it collect info? Are they talking network destinations via the VPN, or actual on-device discovery of apps.
    • I thought the same thing. it is great that Apple did this. But, if these actions violate their policy, why not make them technically impossible?
    • by ecmcn ( 705386 )
      Onavo is probably using the standard VPN APIs and just inferring what apps are installed by watching the network traffic. Many apps have a server component they talk to, so that's not too difficult. There are network APIs on iOS (Content Filter, Per-App VPN) that will let you directly associate network traffic with apps, but they're targeted for enterprise security products and require supervised devices and/or MDM to get set up, so it isn't something you see typical consumer apps like this using.
    • It doesn't. Onavo only sets up a VPN for the iOS Safari browser. So it'll redirect browser based web apps (i.e. not downloaded from the app store) via their servers where it can be sniffed. But real apps (downloaded from the app store) are not redirected, and cannot be sniffed.

  • When companies say "which it uses to improve its own products" you have to think, what is the product? One of Facebook's products is aggregated data about FB users. So any kind of covert information gathering is used to improve their product of providing information.
  • apple's makin moves!... was actually just reading about this re onavo - https://acreto.io/facebook/fac... [acreto.io] - i reckon they're on to something, the Book's after your IoTs, devices, etc. what's next???
  • Hello everyone, I know of some ethical private investigators who can hack into any phone and device..they can decrypt and recover emails password,jailbreaking,employee monitoring,spouse tracking,facebook,SMS,snapchat,whatsapp,microsoft,social networking sites,google play,recorder,gmail,skype,linked-in and also contact them for MSPY,Cpanel and any hacking and tracking tools of all kind,including parental control.Contact email is CHARLESCYBERWIZ @ GMAIL.COM They are affordable and available all time. Contact

Think of it! With VLSI we can pack 100 ENIACs in 1 sq. cm.!

Working...