iOS “Masque Attack” – much ado about pretty much nothing
A reader asks…
Hi Chris, I’ve been reading a warning about a new “Masque Attack” on iPhones and iPads, is there anything I need to do to protect myself?
This is another great example of an otherwise-insignificant issue that the media (and government!) blows all out of proportion. Why? To sell eyeballs – to advertisers. Since the Apple iPhone/iPad duo is such a security hot button, anything that potentially knocks these products is given a lot of attention. Too much in my opinion.
The Masque Attack has absolutely no impact on 99.999% or more of iPhone/iPad users. That’s because we get all the apps we use on our iPhones exclusively from the Apple App Store and nowhere else. In order for the Masque Attack to work, you would have to download an app outside of the App Store. Now there are some Apple App developers out there who get specific people to do this in order to test their products before they are ready for the App Store. This is pretty rare, and pretty much no consumer is going to be doing this. Further, the risk is not for just any ‘beta’ app, but only those that’ve been distributed (or hacked by)…hackers. Bona fide Apple developers are in business to make money, and opening themselves up to being banned by Apple certainly goes against their pocketbook. So That drives the likelihood of this risk pretty much into the realm of fantastically bad odds – I’d say you have a better chance of winning a 100 million + lottery while playing only one time.
So what do you need to do to protect yourself? Why, just continue downloading and installing apps on your iPhone or iPad only from the App Store. Easy as pie!
If you were to install an app from someplace other than the App Store, you’d have seen an “Untrusted App Developer” alert as soon as you install and try to run the app. Assuming you ignored that warning, any app already installed on your iPhone or iPad could be overwritten without any further warnings. My guess is that Apple will be closing even that infinitesimal loophole shortly.
This website runs on a patronage model. If you find my answers of value, please consider supporting me by sending any dollar amount via
(send to @PosiTek), 
(send to Support@PosiTek.net), 
using any credit card (no Paypal account required), using Zelle, Apple Pay or Google Pay, or by mailing a check or cash to PosiTek.net LLC 1934 Old Gallows Road, Suite 350, Tysons Corner VA 22182.
I am not a non-profit, but your support helps me to continue delivering advice and consumer technology support to the public.
Thank you!
Author: Chris Gardner
Your Tech Coach at PosiTek.net
There are currently 1277 reader comments on published articles, care to join in? Use the Leave a Comment form below/at the bottom of any existing comments. This is a good place to ask follow-on questions on this subject.
