U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Adblock in Safari may die with IOS 9 ad-killer feature

Apple announced a series of improvement for it IOS 9, including a content blocker can kill a lot of applications similar the popular AdBlock. A lot have been talks about IOS 9, and now looks like Apple included an ad-blocking feature in its OS, I would say it is a great news for its customers, […]

Adblock in Safari may die with IOS 9 ad-killer feature

Apple announced a series of improvement for it IOS 9, including a content blocker can kill a lot of applications similar the popular AdBlock.

A lot have been talks about IOS 9, and now looks like Apple included an ad-blocking feature in its OS, I would say it is a great news for its customers, but for the developers of applications like Adblock it could become a nightmare.

“The new Safari release brings Content Blocking Safari Extensions to iOS. Content Blocking gives your extensions a fast and efficient way to block cookies, images, resources, pop-ups, and other content.” States Apple.

The content blocking doesn’t came natively, users will need to install a blocking software that interacts with Safari (via JSON),

“Your app extension is responsible for supplying a JSON file to Safari. The JSON consists of an array of rules (triggers and actions) for blocking specified content. Safari converts the JSON to bytecode, which it applies efficiently to all resource loads without leaking information about the user’s browsing back to the app extension. Xcode includes a Content Blocker App Extension template that contains code to send your JSON file to Safari. Just edit the JSON file in the template to provide your own triggers and actions. The sample JSON file below contains triggers and actions that block images on webkit.org”

But why such feature can kill applications like AdBlock?

“In short, either this new API will improve Adblock Plus performance on Safari or it will force us to rely upon an inferior blocking format that would essentially kill adblocking on Safari.” States Sebastian Noack from AdBlock.

adblock ios 9

“So far very little is known about Content Blocking Extensions, available in Safari 9 and iOS 9. However, according to the announcements there are so called “block lists”, which are JSON files, that can be registered by the extension.”

“This mechanism is entirely different from the one used by Adblock Plus on any other platform (including current versions of Safari), where we can run arbitrary code on request, blocking requests depending on their URL and context.”

“With this new mechanism, we’d need to convert Adblock Plus filter lists to a block list like the one above. However, most of our filters aren’t as simple as the example above. So, we are nervously awaiting how powerful their block lists will be, most importantly when it comes to matching the document domain and request type, as well as regular expression matching of URLs and recursive exception rules.”

In this phase developers can only wait for Apple information on iOS 9 and its content-blocker working mode, either will help them to improve their adblocking software.

About the Author Elsio Pinto

Elsio Pinto (@high54security) is at the moment the Lead Mcafee Security Engineer at Swiss Re, but he also as knowledge in the areas of malware research, forensics, ethical hacking. He had previous experiences in major institutions being the European Parliament one of them. He is a security enthusiast and tries his best to pass his knowledge. He also owns his own blog http://high54security.blogspot.com/

Edited by Pierluigi Paganini

(Security Affairs – AdBlock,  iOS 9)