Thursday, August 2, 2018

AdGuard Pro Discontinued Due to Apple’s Policy

Andrey Meshkov (via Hacker News):

Basically, this guideline makes it impossible to use the VPN API for any purpose different from establishing a real VPN connection. I can name A LOT of cool apps which can be affected by this change and can be taken down any time: Charles Proxy, DNSCloak, etc, etc. I hope they won’t, though, and the whole point of this is to get rid of known ad blockers.

[…]

We are not alone. It seems that Apple decided to ban all apps that do content blocking outside of Safari. Malwarebytes is another example.

5 Comments RSS · Twitter

The problem with apps that use the VPN API to do ad-filtering is that they see all the browsing the user is doing. That is a potential serious breach of privacy, unlike Apple's carefully designed content filtering API.

Fazal: it's also a serious win for privacy because one can block more spying crap at a lower level.

I think Apple has done more in the past 2 years to make me never want to buy their products again, than they did in the previous 20 years. Their hubris is out of control. I haven't bought a new Mac since 2009 (my current MBP is a top of the line 2014 that I got used for $1,000 last year). I haven't bought a new iPad since 2014. And when I turn my iPhone 8 Plus back into T-Mobile when I cancel my service at the end of this month, I'm not getting another new iPhone either. I've spent more than $20,000 on Apple products in the past 2 decades. They keep dumbing down their products more and more and more + treating developers like crap (I'm not one, but without great software, the rest is pointless... the App Store is already 90% garbage). I've had it.

From the developer's comment in the shared link:

IMPORTANT NOTE for those who are not too familiar with AdGuard Pro. I'd like to address a popular concern that I often see on the internet. AdGuard Pro it NOT a real VPN. It does NOT install any profile or certificate. Instead, it uses a public API (NEPacketTunnelProvider) to configure a local VPN tunnel and intercept the outgoing DNS requests. The code of AdGuard Pro is open and available on Github. Therefore, this Apple's policy has absolutely nothing to do with security or privacy.

I definitely appreciate Fazal Majid's comment and would be interested how his view squares with the developer's take on things. I'm not sure how AdGuard Pro would be a problem given the facts in play, but I'm far from an expert here. Would love if Fazal or anyone else could elucidate.

Is the concern that they could still be uploading information about the intercepted DNS traffic?

Leave a Comment