Apple: Developers, no installing your own root certificates
The App Store has become a few choices shorter of available software, as Apple has removed some programs from availability for installing their own root certificates within iOS. These root certificates would have allowed the developers to view encrypted traffic from their users, and some of the apps included ad blockers that could remove content from third-party software as well as Safari.
Within iOS 9, Apple has built a framework that allows ad-blocking in Safari, scraping the content out of your Web traffic. No such frameworks exist for removing unwanted content from third-party apps, so ingenious developers have set up Virtual Private Networking (VPN) arrangements that cause the traffic to flow through the developers’ servers to perform the removal.
This sort of arrangement is all well and good for actual VPN software used to access certain secured services, because users are explicitly aware that their traffic is going through another server. That’s not the case with the ad blockers, and such a scenario is closely linked with hacking attacks. It’s important to note that this does not affect content blockers like Crystal or Purify, which only remove ads from Safari and don’t use root certificates to achieve the goal.
One of the apps removed was apparently Been Choice, but Apple has not disclosed which programs were removed. Cupertino says it is working closely with app developers to restore their software to the App Store, but it seems unlikely that the programs will continue being able to strip ads from anything other than Safari going forward, because Apple does not have an official way to do that. In fact, the developers behind Been Choice confirmed on Twitter that they will revise their app to remove ad-blocking for Facebook, Yahoo, Google, and Pinterest apps.
Been’s Choice app was pulled from the App Store. We’ll remove ad blocking for FB, Google, Yahoo, and Pinterest apps http://t.co/5tMWWMgSOK
— Been® Choice (@beenchoice) October 9, 2015
Security is a big deal, and while the developers made quite intelligent and innovative use of VPN’s capabilities, perhaps they should have been more explicit in describing how their apps worked. That’s not to say that such explanations would have kept the software on the App Store, but it certainly might have helped.
