Apple tonight removed some ad blockers, among other apps, from the App Store for installing root certificates that would allow developers to view encrypted traffic from their users, reports iMore. In a statement provided to the publication, Apple said it was working with developers to get the apps back into the App Store.
Apple is deeply committed to protecting customer privacy and security. We’ve removed a few apps from the App Store that install root certificates which enable the monitoring of customer network data that can in turn be used to compromise SSL/TLS security solutions. We are working closely with these developers to quickly get their apps back on the App Store, while ensuring customer privacy and security is not at risk.
With iOS 9, Apple allowed developers to create content blockers that would block ads on websites in Safari. Some ad blockers were removed because they could use the installed root certificates to view customer data passing through them. However, iMore notes that the ad blockers removed from the App Store are slightly different than the content blockers Apple enabled with iOS 9.
The ad blockers removed from the App Store block ads and other content inside apps by "exposing all your private Internet traffic to the blocker," according to iMore. The apps are set up in a way that allows a user's traffic to flow through the developer's servers to perform the content blocking. One of the apps that has been removed is Been Choice, who notes that they will resubmit their app tomorrow with the necessary changes.
While Apple has enabled developers to create content blockers for Safari, it currently has no systems in place to allow developers to block content within apps.
Top Rated Comments
iOS9 introduced ways to block ads which didn't compromise privacy. The old ad blockers which used insecure methods have been now been pulled and/or updated. End of story.
Oh, one developer pulled his safe ad blocker because he felt bad about it.
Mess. Mess. Mess.
Even if we assume this was well-intentioned (i.e. the adblocker dev only wanted to make sure that adblocking works on encrypted sites/apps too), this is a very dubious proposition, as most non-technical people won't expect this. At the very least the blocker needs to make it very clear to the user that their end-to-end encryption is being broken.
It's worth repeating that this issue does *not* affect bockers that use the new iOS 9 content blocker mechanism, such as the ones listed in the first post in this thread:
https://forums.macrumors.com/threads/the-ios-9-content-blocker-thread.1916783/