Apple Removes Encrypted Traffic Snooping Apps from the App Store


Apple has removed some applications from its App Store that it said could spy on user data traffic.

apple removes apps

Apple pulls some applications from its Store:

Cupertino tech giant has removed several apps from its store that could pose a security threat by exposing a user's traffic data to untrusted sources. These removed apps installed their own digital certificates on the iOS devices to route data in a way that could allow for the man-in-the-middle attacks. Devices having these apps could send data through an intermediary server to untrusted sources as they can terminate an encrypted connection between a user device and a service.

Talking about bringing these apps back to the Store, Apple said, "We've removed a few apps from the App Store that install root certificates which enable the monitoring of customer network data that can in turn be used to compromise SSL/TLS security solutions. We are working closely with these developers to quickly get their apps back on the App Store, while ensuring customer privacy and security is not at risk."

SSL/TLS is a protocol that encrypts data traffic being exchanged with a user. Being an important part of traffic security, SSL/TLS layers make sure that data traffic that is being transferred is unreadable, if intercepted.

Apple is also recommending users to remove these apps, but oddly hasn't shared the names of them, making it difficult for their users to identify risky apps that could pose security threats to unsuspecting users, "This monitoring could be used to compromise SSL/TLS security solutions. If you have one of these apps installed on your device, delete both the app and its associated configuration profile to make sure your data remains protected." As users downloading apps from the App Store have usually no idea of the access granted to their data traffic, Apple is working closely with the developers to remove the risky parts of the concerned apps.

You can find the details on how to delete the apps and their configuration profiles on Apple's support page. However, Apple avoiding to name the problematic apps that were pulled makes this process unnecessarily tedious. Assuming that you know which of the installed apps tried to install root certificates, here is how you can remove apps' configuration profiles after uninstalling those apps, as instructed by Apple:

  • Delete the configuration profile that came with the app:
    • Go to Settings > General > Profile.
    • Tap on the app’s configuration profile.
    • Tap Delete Profile. If asked, enter your device passcode, and tap Delete.
    • Reboot your device.

Source | Via