9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.
I’m in the midst of traveling to Ukraine this week for OFTWv2.0, and I can’t help but think about the comments on last week’s edition of Security Bite defending the VPN apps that still exist on the App Store in Russia. While almost every app from legitimate providers in the country has been removed, Russian users can still find a surplus of VPN options claiming to offer secure encryption and private browsing. The only question being–really?
Last week, I covered a recent report claiming Apple complied with Russia’s censorship demands by removing nearly 60 VPN apps from its App Store in the country last summer, nearly 100 since the conflict in Ukraine begun. The move was seen as enabling the Russian government’s control over internet access and limiting citizens’ ability to bypass restrictions. Major VPN services like ExpressVPN and NordVPN were among those removed.
Critics argue that Apple’s actions contribute to censorship and undermine digital freedom, raising concerns about the company’s commitment to privacy and human rights in authoritarian regions.
However, in the past, Apple has emphasized that it is obligated to keep the App Store online for residents to access necessary apps while following the laws of the countries where it operates, even when there are disagreements.
In response, I received dozens of comments arguing that there are still plenty of VPN options available to users. Someone even sent me this screenshot below of the top free apps in Russia, which is concerning on many levels.
As Apple continues to comply with Russia’s demands to remove specific VPNs from the App Store, it’s reasonable to assume the ones left are unreliable and can pose significant risks to users who believe they have anonymity.
We have seen before that many of these low-quality VPN apps log user data, including browsing history and IP addresses, and sell it to third parties such as advertisers or even be forced to fork over to governments. In authoritarian regimes like Russia, some VPNs might serve as tools for surveillance rather than protection.
For many in the country looking to use a VPN to access blocked pages and keep their search private, this could put them at risk of imprisonment. Furthermore, weak or outdated encryption protocols commonly found in these services expose users to cyberattacks, allowing hackers or malicious actors to intercept sensitive information such as passwords or financial data.
I strongly encourage users in countries with strict censorship laws to vet VPN providers thoroughly to ensure they are independent and uphold strict no-log policies. Relying on VPNs approved by the App Store is far from enough.
More: Apple pulls dozens of VPN apps from App Store in Russia
Follow Arin: X/Twitter, LinkedIn, Threads
Security Bite is a weekly security-focused column on 9to5Mac. Every Sunday, Arin Waichulis delivers his opinions and insights on data privacy, uncovers vulnerabilities, and sheds light on emerging threats within Apple’s vast ecosystem of over 2 billion active devices.
FTC: We use income earning auto affiliate links. More.
Comments