Перейти к содержанию

Bitdefender's iOS privacy app yanked from the App Store

Recommended Posts


The iOS security app Clueful, which scanned apps for privacy policies, has been removed from the App Store after about two months on the market:

Bitdefender's iOS app that let users see what information installed applications had access to, has been removed from the App Store after being approved nearly two months ago.

In a statement, Bitdefender said Apple alerted the company to the removal of the Clueful app -- which was first released in late May -- "after initial approval and sale." A Bitdefender spokesperson elaborated on that, saying it was actually removed on June 29.

The software made use of a proprietary database, which told users whether a particular application gathered analytics or accessed things like unique identification numbers and other personal information. If an installed application was not in that database, users could ask the company to analyze it.

Apple declined to comment on the removal. One possibility is that the app violated a section of the company's App Review Guidelines covering "incorrect diagnostic or other inaccurate device data."

Ahead of the removal, Bitdefender says it analyzed more than 65,000 "popular" apps on the iOS platform as part of that database. During that time, the company says it found a number of noteworthy privacy behaviors:

42.5 percent of apps do not encrypt users' personal data, even when accessed via public Wi-Fi.

41.4 percent of apps were shown to track a user's location unbeknownst to them.

Almost one in five of the apps analyzed can access your entire Address Book, with some even sending your information to the cloud without notification.

According to Catalin Cosoi, Bitdefender's chief security researcher, the company intends to bring the application back to the App Store. Cosoi added that Bitdefender will also maintain, update, and expand its database of applications. However, he declined to say what the reason behind the removal was, citing a confidentiality agreement that the company signed to become a developer on Apple's platform.

One thing that might change by the time Clueful returns to the App Store is that Apple has made app privacy more granular in iOS 6. The iOS 6 software, which is expected to roll out to consumers in the next few months, requires that apps spell out the kind of user data they need access to. The existing version of iOS is more broad, covering things like user contacts and location, even when an app is only asking for access to a user's camera roll.

In an interview with CNET, Cosoi said Bitdefender will offer, inside Clueful, "a lot more detail" than what Apple serves up. "Even though Apple is doing a lot in terms of security and privacy, we're trying to offer a lot of insight," he said.

Bitdefender says those who already downloaded the program back when it was still available can continue to use the app. The company did not offer a prediction on when the software would return, or if it could continue to charge for it.


Поделиться сообщением

Ссылка на сообщение
Поделиться на другие сайты

а куда Эппл смотрел когда добавлял ?

Поделиться сообщением

Ссылка на сообщение
Поделиться на другие сайты

  • Сообщения

    • Ego Dekker
      Домашние антивирусы для macOS были обновлены до версии 7.3.3700.
    • demkd
       o Исправлена критическая ошибка при разборе параметров в файлах задач.
         Из-за ошибки uVS мог аварийно завершится без создания дампа.  o Каталог по умолчанию теперь каталог Windows.
         (Для окон выбора каталога).
    • PR55.RP55
      NVIDIA Power Management - приложение с открытым исходным кодом... Для управления настройками электропитания приложение использует System Management Interface. Это утилита командной строки NVIDIA, которая позволяет запрашивать и изменять состояния видеокарт. Инструмент поддерживает графические процессоры NVIDIA Tesla, GRID, Quadro и Titan X, а также может работать с ограничениями с другими видеокартами NVIDIA. NVIDIA Power Management имеет графический интерфейс. Пользователям доступны создание ограничений мощности для отдельных приложений, создание профилей мощности для нескольких приложений, базовый мониторинг производительности, адаптивное энергопотребление и другие функции. https://www.comss.ru/page.php?id=11792 Фактически это не только позволит получать информацию и вести мониторинг. Но и добавить в меню\скрипт uVS новые команды.        
    • PR55.RP55
      Руководство по расследованию атак с использованием CVE-2022-21894 BlackLotus campaign https://www.microsoft.com/en-us/security/blog/2023/04/11/guidance-for-investigating-attacks-using-cve-2022-21894-the-blacklotus-campaign/    
    • PR55.RP55
      Думаю стоит добавить твик: [HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Wintrust\Config] "EnableCertPaddingCheck"="1" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Cryptography\Wintrust\Config] "EnableCertPaddingCheck"="1" ------------------- https://www.comss.ru/page.php?id=11668 Бывают всякие непонятные неясные случаи - возможно это в ряде случаев поможет.