this post was submitted on 04 Jan 2024
1012 points (94.9% liked)
Privacy
32120 readers
396 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
There's also no way that it's happening. You can't key log with JavaScript. There's something called cross domain policies or xDomainPolicy which prevent certain types of code being run on one website by a different website.
Cross domain policies are enforced by the browser. If you’re using a third party app, guess what you’re using as a browser.
Want an easy example of this? Userscrips on Firefox. Install GreaseMonkey, and you can run whatever the hell you want on any webpage. Keylogging, mouse movements, clicks and navigations. Not hard, and impossible to really stop from the site itself, because no matter what you tell the browser to do, you essentially have to just hope the browser follows through.
Yes if you are inside Facebook and while inside Facebook click a link to go somewhere else you are still in Facebook and they will keylog everything.
This is presented as if Facebook/Toktok can keylog everything.
“Don’t use in-app web browsers”
Somebody else is already pointed out that it's already been debunked so no it wasn't happening
And somebody else pointed out that that was debunked so yes it's happening
Edit: the point I'm hopefully making is that you're just kinda saying stuff and not even bothering to post a source.
I was responding to your claim of “not happening, impossible” with proof of it being possible, and actually fairly easy to implement.
But it's not another website, it would be the web browser within the Facebook app, which could absolutely do that.
Except this is already being debunked see above
Except that this this has been debunked see below
Edit: the point I'm hopefully making is that you're just kinda saying stuff and not even bothering to post a source.