10-23-2018 04:35:06 PM -0700
10-23-2018 12:28:52 PM -0700
10-23-2018 11:29:26 AM -0700
10-23-2018 08:15:43 AM -0700
10-23-2018 06:52:12 AM -0700
It looks like you've previously blocked notifications. If you'd like to receive them, please update your browser permissions.
Desktop Notifications are  | 
Get instant alerts on your desktop.
Turn on desktop notifications?
Remind me later.
PJ Media encourages you to read our updated PRIVACY POLICY and COOKIE POLICY.
X


Stretch, grab a late afternoon cup of caffeine and get caught up on the most important news of the day with our Coffee Break newsletter. These are the stories that will fill you in on the world that's spinning outside of your office window - at the moment that you get a chance to take a breath.
Sign up now to save time and stay informed!

Apple CEO Questioned on 'Significant Lapse' for Inaction on Malicious Chinese App

Apple CEO Tim Cook at an Apple educational event

WASHINGTON -- Sen. Marco Rubio (R-Fla.) charged that Apple showed a "blatant disregard" for security in its response to China using a popular app to harvest and store data of American users.

Adware Doctor, which purported to scan Macs for malware and clear suspicious files, was the top paid utility app in Apple's store. It was bulked up with five-star reviews that were likely fake.

Patrick Wardle, chief research officer at Digita Security and founder of Mac security company Objective-See, said Apple was notified in early August that the app was copying users' browser data and sending it to a domain based in China. However, it took Apple a month to pull it from the Mac App Store.

In a letter today to Apple CEO Tim Cook, Rubio noted that the company only took action after tech sites publicly reported on the malicious app.

"For a company that prides itself on prioritizing user privacy and security, this delayed response is extremely disconcerting," he wrote. "It is also troubling that Apple researchers failed to uncover Adware Doctor’s covert collection and 'storage' process."

Rubio said he has "serious concerns about China’s malevolent economic behavior involving the theft of U.S. intellectual property, which costs the United States hundreds of billions of dollars annually" but "the threat of American user data being kept on a server in China is equally alarming."

"While I am aware of Apple’s efforts to protect against these intrusions by keeping apps compartmentalized from each other in 'sandboxes,' it is evident that Adware Doctor managed to circumvent your implemented guidelines and protections."

The senator added that the "significant lapse" in not initially acting on security researchers' findings to the company "exposes a range of problems, not least of which are internal coordination issues and possibly a blatant disregard for significant user security concerns that were brought to your attention."

Rubio asked Cook to answer a series of questions on why Apple didn't act on the security issue for month and what safeguards the company will use in the future. "What steps will Apple take to ensure that applications using Apple’s Mac App Store have appropriate security protocols in place to prevent foreign actors from gaining access to user data?" he asked. "When users access the Mac App Store, they do so under the belief and reasonable expectation that the application options presented to them have been thoroughly vetted and approved by Apple. This incident with Adware Doctor has brought this trust into question."