- WHAT HAPPENED TO DR.CLEANER FOR MAC IN APP STORE UPDATE
- WHAT HAPPENED TO DR.CLEANER FOR MAC IN APP STORE SOFTWARE
- WHAT HAPPENED TO DR.CLEANER FOR MAC IN APP STORE CODE
WHAT HAPPENED TO DR.CLEANER FOR MAC IN APP STORE CODE
Third, we believe we identified a core issue which is humbly the result of the use of common code libraries. This includes the one-time 24 hour log of browser history held for 3 months and permitted by users upon install. Second, we have permanently dumped all legacy logs, which were stored on US-based AWS servers. We have taken action and have 3 updates to share with all of you.įirst, we have completed the removal of browser collection features across our consumer products in question.
WHAT HAPPENED TO DR.CLEANER FOR MAC IN APP STORE UPDATE
Trend Micro then followed up with an update that read: The browser history data was uploaded to a U.S.-based server hosted by AWS and managed/controlled by Trend Micro.
The potential collection and use of browser history data was explicitly disclosed in the applicable EULAs and data collection disclosures accepted by users for each product at installation (see, for example, the Dr Cleaner data collection disclosure here: ).
This was a one-time data collection, done for security purposes (to analyze whether a user had recently encountered adware or other threats, and thus to improve the product & service). The company acknowledged that its apps “collected and uploaded a small snapshot of the browser history on a one-time basis, covering the 24 hours prior to installation.” It explained it this way: “Reports that Trend Micro is ‘stealing user data’ and sending them to an unidentified server in China are absolutely false,” it wrote in a statement. It said in a blog post that the apps were being unfairly characterized as duplicitous. On Monday Trend Micro moved to set the record straight on apps it distributed: Dr Cleaner, Dr Cleaner Pro, Dr. On Sunday, all three of the apps were removed from the Apple Mac App Store, according to a report by publication 9to5Mac’s Guilherme Rambo. The apps were identified by Malwarebytes, who notified Apple of the behavior of the app Open Any Files in December 2017. Cleaner” were also observed exfiltrating Safari, Chrome and Firefox browsing and search histories. Mac App Store applications identified as “Open Any Files” and “Dr. In a separate report, additional macOS apps were also flagged for violating Apple’s security rules for developers. The company has publicly said that the sandboxing issues tied to the data exfiltration of browser histories and cookies has been fixed in its upcoming Mojave macOS. Last week, Apple did not answer Threatpost’s questions as to why the app wasn’t removed sooner. Let’s face it, your browsing history provides a glimpse into almost every aspect of your life.” “There is rather a massive privacy issue here. “We tore apart Adware Doctor… our research uncovered blatant violations of user privacy and complete disregard of Apple’s App Store Guidelines,” Wardle wrote in a technical analysis of the app posted on Friday. After discovering the app, the researcher reached out to Patrick Wardle, chief research officer at Digita Security and founder of Mac security company Objective-See, to assist in analyzing the app. The researcher that goes by the Twitter handle is credited for first spotting the app early last month.
Researchers said the app violates Apple’s sandboxing security policies by surreptitiously copying a user’s entire browser history and cookies and sending both to a China-based domain.
WHAT HAPPENED TO DR.CLEANER FOR MAC IN APP STORE SOFTWARE
The app, which cost $5, was listed on Apple’s Mac App Store as the company’s fourth-highest “Top Paid” software program. But it appears, only after faced with public scrutiny, did Apple remove the app. In addition to Adware Doctor, Apple also took action against a number of different macOS apps that also collected browser history data.Īpple was initially alerted to the rogue app in early August – over a month ago. Apple removed the top-rated app Adware Doctor from its official Mac App Store after researchers publicly exposed the privacy-busting app on Friday.
0 kommentar(er)
