How do you get and install an needed app on your Mac? Will you go to the Mac App Store or the vendor’s website? Apple always boast that its App Store is a safe place to download apps, as it will review the uploaded apps to prevent potential harmful apps from being published there. However, recent news shows that Mac App Store may not be as safe as you think: some popular Mac apps have been caught circumventing protections supposedly provided by the App Store and invading users’ privacy.
On last Friday a few security researchers revealed their findings independently that a bunch of Mac App Store apps are employing dubious tactics to monitor users’ computer activities, like silently spying on the browser history, which obviously violates Apple’s guidelines. By far, more apps are found to be in the suspicious list.
A Twitter user named “Privacy 1st” is the first one who discovered the suspicious behavior in a popular app called Adware Doctor, which recently achieved App Store stardom as #1 in Top Paid Utilities and #4 in Top Paid Apps. Later on, researcher Patrick Wardle verified that Adware Doctor was stealing users’ browsing history.
As an utility that claims to search for adware on users’ computer, Adware Doctor requests access to the user’s home directory. However, once you grant this access, the app will create a password-protection zip archive containing your Chrome, Firefox, and Safari browsing history, the App Store search history as well as a list of all the running apps, and then sends that zip archive to a server allegedly located in China.
Involved apps include Adware Doctor, Adware Medic, Open Any Files, Dr. Cleaner, Dr. Unarchiver Dr, Antivirus, most of which are distributed by Trend Micro Inc.
On September 10, the company admitted in its blog that “Dr Cleaner, Dr Cleaner Pro, Dr. Antivirus, Dr. Unarchiver, Dr. Battery, and Duplicate Finder collected and uploaded a small snapshot of the browser history on a one-time basis, covering the 24 hours prior to installation”, and it argued that this “one-time data collection”, was done for security purposes (“to analyze whether a user had recently encountered adware or other threats, and thus to improve the product & service”, in its words).
This behavior undoubtedly invades users’ privacy, as it takes place silently in the background and users are not informed about or asked to consent to this activity, though the company still argued that “the potential collection and use of browser history data was explicitly disclosed in the applicable EULAs and data collection disclosures accepted by users for each product at installation”.
So far all Trend Micro apps have been removed from Mac App Store.
Update: Trend Micro claims to have removed the browser history collection capability from the products at issue and dumped all legacy logs, which were stored on US-based AWS servers. The user disclosure, consent processes and posted materials for all Trend Micro products are being reviewed and re-verified, adds the company.
What’s your opinion about this news? Share the thoughts with us right here.