Apple killing ad blockers that install root certificates
Apple has had a few security issues popping up recently between new iOS malware variants that attack both jailbroken and non-jailbroken devices, and now there is an issue with the new content blocker system in iOS 9. It seems that some content blocker apps have been installing root certificates on devices which could allow dangerous access.
The developers created content blockers on iOS 9 that would basically create a VPN where all traffic is run through the developer’s servers to remove the ads. If that app installs a root certificate, it could allow the developer to be able to access encrypted traffic from users, which is obviously a security concern.
Apple told TechCrunch on the matter:
Apple is deeply committed to protecting customer privacy and security. We’ve removed a few apps from the App Store that install root certificates which enable the monitoring of customer network data that can in turn be used to compromise SSL/TLS security solutions. We are working closely with these developers to quickly get their apps back on the App Store, while ensuring customer privacy and security is not at risk.
It is unclear how this may affect the functionality of the apps, or when the apps will make it back into the store.
source: TechCrunch
Things that are NOT allowed: