Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

MacRumors

macrumors bot
Original poster
Apr 12, 2001
63,460
30,673



Sensor Tower, an analytics platform that aggregates data on app downloads and usage for developers, has been secretly collecting data from millions of Android and iOS users who have installed popular VPN and ad-blocking apps, reports Buzzfeed News.

sensortowerlunavpn.jpg
Luna VPN, one of the VPN apps owned by Sensor Tower that asked users to install an enterprise certificate​

These apps, which are owned by Sensor Tower, do not disclose that their user data powers Sensor Tower's analytics platforms. iOS and Android users have downloaded the apps more than 35 million times.

Some of Sensor Tower's 20 or more apps on iOS and Android include Adblock Focus and Luna VPN, with the former having been removed by Apple after Buzzfeed News alerted Apple's App Store team about the existence of the app. Free and Unlimited VPN and Mobile Data were also on the Google Play Store, but Google has since removed Mobile Data.

When installed, Sensor Tower's apps are designed to prompt users to install a root certificate, which lets Sensor Tower monitor all traffic and data passing through the phone. Sensor Tower bypasses Apple and Google's restrictions on root certificate privileges by requiring users to install the certificate through an external website.

Sensor Tower told Buzzfeed News that it collects anonymized usage and analytics data to determine the popularity, usage trends, and revenue of apps. Ownership of the apps was not disclosed due to "competitive reasons," according to Randy Nelson, head of mobile insights at Sensor Tower.
"When you consider the relationship between these types of apps and an analytics company, it makes a lot of sense -- especially considering our history as a startup," he said, adding that the company originally started with the goal of building an ad blocker. (He was unable to provide media coverage or other evidence of this early focus.)
He went on to explain that many of the apps are now defunct or are "in the process of sunsetting," which Buzzfeed points out is because they were removed from Apple and Google's App Stores due to policy violations.

An Apple spokesperson confirmed that a dozen Sensor Tower apps had previously been removed from the iOS App Store due to violations. Both Google and Apple are continuing to investigate Sensor Tower's apps, and more information on Sensor Tower's data collection practices can be found over at Buzzfeed News.

iOS users should be wary of installing VPN and ad-blocking apps from unknown developers, and should avoid apps that ask for certificates to be installed.

Article Link: Sensor Tower Secretly Collecting Data From VPN and Ad-Blocking Apps on iOS and Android
 

Cosmosent

macrumors 68020
Apr 20, 2016
2,315
2,693
La Jolla, CA
I'd like to see Apple add two new Indicators to ALL app in the App Store:

1.) Collect NO User Data !

2.) Uses NO third-party frameworks !

If an app OR app update selects either one OR both, & is later found to be in violation of it, that App Dev loses ALL rights to participate in the App Store for THREE years !

BTW, regarding #1 above, some other MR member came up with that idea initially ... I'm just running with it because it is a very good idea !

IMO, this kind of stuff would have been implemented years ago if Phil Schiller wasn't in charge of the App Store ... I personally believe Apple needs to retire the dude ! ... I don't think he is qualified to even run a Hot Dog Stand at the local Park !
 

len5

macrumors member
May 15, 2008
41
87
California
Apple once again let's something pass into the Apps store and then after it's been there for a long time and collected tons of user data removes it from the App Store. haha
 
  • Like
Reactions: ChromeCrescendo

GeoStructural

macrumors 65816
Oct 8, 2016
1,157
3,912
Colombia
Apple once again let's something pass into the Apps store and then after it's been there for a long time and collected tons of user data removes it from the App Store. haha

And some people here would swear and die for Apple Store procedures.

Geez, I talked (not texted) to a friend about going to a Chiropractor and now all my ads are related to that. Yes, my phone is spying on me and Apple is doing nothing to prevent it.

The other day a friend also told me about meeting Daniel Radclife and guess what! then creepy YouTube is suggesting a video of Daniel Radcliffe meeting fans outside theater in New York.
 

fairuz

macrumors 68020
Aug 27, 2017
2,486
2,589
Silicon Valley
Installing a new root CA is the worst thing you could ever do, and regular users don't know what that means. Evidently Apple needs to make it harder.
 

Dave-Z

macrumors 6502a
Jun 26, 2012
861
1,447
Installing a new root CA is the worst thing you could ever do, and regular users don't know what that means. Evidently Apple needs to make it harder.

As someone who installs my own root CA, Apple has made it harder. When I do it I've found that, even after installing the root certificate, by default third-party root CAs not enabled. You have to go to Settings > General > About > CAs > Toggle Enable > Accept the model dialogue prompt.

Short of not allowing them at all, I'm not sure what more Apple can do. There are valid reasons for installing them.
 
  • Like
Reactions: Ladybug

Zahni

macrumors regular
Jul 16, 2019
134
57
I tried LUNA VPN on IPAD I don't get that Youtube-Popup. Something changed?
 

Tech198

Cancelled
Mar 21, 2011
15,915
2,151
"Free and Unlimited VPN"

Ideally, an app wouldn't be needed for that, just the VPN.
 

macintoshmac

Suspended
May 13, 2010
6,089
6,991
Serious question, is MR just a news aggregator where people have to go elsewhere to get full and more information? The least this article could have to become meaningful is the list of apps to watch out for. Same happens when posting about Apple seeds, the articles never contain build information now as they used to.
 

Mick-Mac

macrumors 6502a
Oct 24, 2011
504
1,150
I'm guessing this all started with people download another "free" app and then being just blown away that all the work and effort the developers put into that "free" app actually cost them something. When are people going to realize that nobody was put on this earth to make a living out of developing and maintaining products that they just give away to other people...
 

maxfromdenmark

macrumors 6502a
May 8, 2011
674
1,158
Copenhagen
I think it’s time to Apple should provide a safe and build in VPN service for Mac and iOS users. If Apple cares so much about our privacy as it saying.
 
Last edited:

Rexogamer

macrumors newbie
Nov 12, 2019
24
67
SE London (one day, Toronto)
This isn’t “sensical” because “we’re an analytics company”, this is scummy. Share the fact you’re collecting this data!

But to be honest, having to install an *enterprise profile* to block ads is a bit silly, and people should’ve cottoned on.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.