Google relies on ads for its revenue, which is why it’s no surprise that it’s undermining Apple by telling developers how to bypass some of the security settings Apple is implementing with iOS 9.
The App Transport Security (ATS) settings requires content which arrives on your iPhone to use the “https” encryption settings — making sure that third parties can’t track what users are doing on their iPhones.
As Google writes in a blog post:
“While Google remains committed to industry-wide adoption of HTTPS, there isn’t always full compliance on third party ad networks and custom creative code served via our systems.
To ensure ads continue to serve on iOS9 devices for developers transitioning to HTTPS, the recommended short term fix is to add an exception that allows HTTP requests to succeed and non-secure content to load successfully.”
Google additionally gives the five lines of code developers can use to opt out of Apple’s new ATS settings with their app. These are:
<key>NSAppTransportSecurity</key> <dict> <key>NSAllowsArbitraryLoads</key> <true/> </dict>
As you’d expect, the decision is somewhat controversial on Google’s part, but Google has defended it as a last resort.
It’s not the first time it’s run into problems with Apple over the whole security vs. advertising issue, either. In 2012, Google was landed with a $22.5 million fine after hacking Apple’s Safari web browser to disable a setting blocking an ad tool.
This sneaky workaround isn’t illegal, but it’s unlikely to endear Google to the folks at Cupertino.
Source: iPhonehacks
Luke Dormehl is a U.K.-based journalist and author, with a background working in documentary film for Channel 4 and the BBC. He is the author of The Apple Revolution and The Formula: How Algorithms Solve All Our Problems … and Create More, both published by Penguin/Random House. His tech writing has also appeared in Wired, Fast Company, Techmeme and other publications.
11 responses to “Google tells devs how to bypass iOS 9 app security features”
Because they don’t want to pay for iAd revenue?
lets be honest, why does a developer need to know what people are doing on a device ?
for in-app usage we have build-in analytics within ITC and we can see what our customers do with our app
yet we can not see who does what, its anonymous
but i dont care who does what, i care what feature is used most and why,
This is not a google trick, this is the way **Apple** lets developers bypass. Don’t make headlines for nothing.
lol when you can get clicks with controversial headlines, I can see why they’d want to do it! :P
Google my ass. Every iOS developer knows this because Apple mentioned it during WWDC. Stupid Google engineers don’t know jack about anything. Google builds malware filled crappy devices for dumb users.
Luke writes a lot of clickbait and inconsistencies, i wonder how you are able to write for all these publications with your misinformation.
Google did not tell Devs, Apple did and here you are stating google did?
I know this is an Apple fan site but writing truthfully should be your hallmark, not falsifying
As a Android guy, (I didn’t come to troll just reading the tech news) I have to say “not cool google, what happened to do no evil?”
the war between google vs apple will be frightening.
worst case:
imagine if apple users have no access to youtube, google, gmaps, gmail, etc.
imagine if google got no ads money from apple users.
youtube would be about the only one i’d miss….i’d just use the web version or the squrl app
Most of Google’s mobile ad revenue is from iOS, so I think they’re worse off here. I can live without Google’s stuff.
Pretty sure this is exactly the same as the Safari hack. Google just loves giving money away.