Malaysia Semiconductor Industry Eyes Helium Supply Risks Amid Middle East Conflict 
Cyberattack on Stryker Triggers U.S. Government Warning Over Microsoft Intune Security 
Super Micro Computer Shares Plunge After Co-Founder Charged in AI Chip Smuggling Case 
Elon Musk Confirms SpaceX, xAI, and Tesla Will Continue Large-Scale Nvidia Chip Orders 
Jeff Bezos Eyes $100 Billion Fund to Transform Manufacturing With AI 
SK Hynix Eyes Up to $14 Billion U.S. IPO to Fund AI Chip Expansion 
Nintendo Switch 2 Production Cut as Holiday Sales Miss Targets 
Judge Dismisses Sam Altman Sexual Abuse Lawsuit, But Sister Can Refile 
Elliott Investment Management Takes Multibillion-Dollar Stake in Synopsys 
Google's TurboQuant Algorithm Sends Memory Chip Stocks Tumbling 
Microsoft Eyes Legal Action as Amazon-OpenAI Deal Threatens Azure Exclusivity 
Amazon's "Transformer" Phone: Can It Succeed Where Fire Phone Failed? 
AMD CEO Lisa Su Heads to Samsung's South Korea Chip Facility Amid AI Expansion Talks 
OpenAI Pulls the Plug on Sora, Ending $1 Billion Disney Partnership 
Following the detection of 256 apps with an estimated 1 million total downloads for Apple devices that were extracting personally identifiable user information via private APIs prohibited by Apple, the Cupertino company has said that the affected apps have been removed from the Apple App Store.
Analytics service SourceDNA first reported the issue and said, “This is the first time we’ve seen iOS apps successfully bypass the app review process. But, based on what we learned, it might not be the last.”
SourceDNA found that the affected applications have been using the Youmi advertising SDK from China. The researchers believe that Youmi developers began experimenting with obfuscating a call to get the frontmost app name almost two years back.
The report further said that while Apple has been locking down private APIs, including blocking apps from reading the platform serial number in iOS 8, Youmi worked around this by enumerating peripheral devices, such as the battery system, and sending those serial numbers as a hardware identifier.
However, it added that the developers of these apps aren’t aware of this as the SDK is delivered in binary form, obfuscated, and user info is uploaded to Youmi’s server, not the app’s. It urged developers to stop using this SDK until this code is removed.
Apple issued a statement: “We’ve identified a group of apps that are using a third-party advertising SDK, developed by Youmi, a mobile advertising provider, that uses private APIs to gather private information, such as user email addresses and device identifiers, and route data to its company server. This is a violation of our security and privacy guidelines. The apps using Youmi’s SDK have been removed from the App Store and any new apps submitted to the App Store using this SDK will be rejected. We are working closely with developers to help them get updated versions of their apps that are safe for customers and in compliance with our guidelines back in the App Store quickly.”
Youmi has offered its “sincere apologies” in its ads after Apple removed the affected apps, Tech Times reported.
- News
- Economy
- Central Banks
- Investing
- Research
- Roundups
- Digital Currency
- Insights
- Technical Analysis
- Technology
- Business
- Law
- Health
- Nature
- Fintech
- Science
- Topic
- Opinions
- ©Econometrics LLC . All Rights Reserved.
Apple: Apps Using Youmi’s SDK Removed From App Store
Tuesday, October 20, 2015 12:27 PM UTC
Editor's Picks
- Market Data
Most Popular
