Apple pushes back against root certificate-based ad blockers
Are you using an ad blocker on iOS 9? Apple made the controversial decision to support content-blocking plug-ins with its new release of Safari for mobile devices, empowering users to control just what they see – and don’t see – as part of their mobile web experience. And while that type of software has Apple’s blessing, there’s another category of ad blockers that Apple’s having second thoughts about, and there’s a new effort underway to remove these titles from the App Store.
The issue is with how certain apps go about scanning for unwanted content. In order to expand beyond Safari-based ad blocking and provide a more robust solution, one also capable of blocking ads within other apps, this type of software installs its own root certificates into the device’s local repository – effectively empowering any apps with knowledge of those certificates to snoop on encrypted traffic moving on and off your phone.
While that technique does work as advertised, it also breaks your phone’s security in a way that’s not unlike how a malicious attacker might – basically, you’re hacking yourself.
Apple seems to have decided that the risk of apps doing this is just too high to justify, and so it’s pulled titles like Been Choice until the developers remove the offending certificate-installing behavior. Guess you’ll just have to live with in-app ads for the time being.