Apple Removes Apps That Expose Encrypted Traffic

Apple today removed a number apps from the App Store accused of installing root certificates that compromised SSL/TLS connections.

Apple has purged its App Store of a number of apps that expose encrypted traffic via the installation of root certificates. Apple has declined to name the apps.

“Apple has removed a few apps from the App Store that install root certificates that could allow monitoring of data,” Apple said today in a statement on its website. “This monitoring could be used to compromise SSL/TLS security solutions.”

A request to Apple for further comment was not returned in time for publication.

Apple also suggested that in addition to deleting the apps in question, users should also be sure to delete the apps’ respective configuration profiles.

The offending apps not only installed root certificates, but some that were removed reportedly also provided ad-blocking capabilities in Safari and other apps such as Facebook.

One of the apps apparently is Been Choice, which via a root cert it installs, can block ads inside apps.

The app’s behavior, however, is similar to how Lenovo’s pre-installed Superfish utility facilitated man-in-the-middle attacks. In the case of Been Choice and the other apps pulled today, the root certificate compromises SSL/TLS connections, putting supposedly secure data at risk to attack.

Apple, meanwhile, has introduced its Content Blocker app extension in iOS9 and in El Capitan for OS X. If enabled, the extension will block ads and many other content types from being displayed in the browser.

Suggested articles

enterprise mobility cyberthreats risk management

Mobile Risks Boom in a Post-Perimeter World

The bloom is on mobile, whether it be the enterprise, employees or the cybercriminals plotting new ways to slip past a corporate defenses in a post-parameter world.

Discussion

  • Pook on

    Why are they being so vague, Apple? Tell us which apps were removed!
    • Khürt Williams on

      I want to know the list of apps as well.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.