this post was submitted on 27 Mar 2024
0 points (NaN% liked)

Technology

58531 readers
4376 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago
MODERATORS
L3s@lemmy.world
enu@lemm.ee
L4s@lemmy.world
fry@fry.gs
L3s@fry.gs
enu@lemmy.world
L4s@fry.gs
0
Facebook snooped on users' Snapchat traffic in secret project, documents reveal (techcrunch.com)
submitted 6 months ago by ForgottenFlux@lemmy.world to c/technology@lemmy.world
13 comments fedilink hide all child comments
 

Meta tried to gain a competitive advantage over its competitors, including Snapchat and later Amazon and YouTube, by analyzing the network traffic of how its users were interacting with Meta’s competitors. Given these apps’ use of encryption, Facebook needed to develop special technology to get around it.

Facebook’s engineers solution was to use Onavo, a VPN-like service that Facebook acquired in 2013. In 2019, Facebook shut down Onavo after a TechCrunch investigation revealed that Facebook had been secretly paying teenagers to use Onavo so the company could access all of their web activity.

After Zuckerberg’s email, the Onavo team took on the project and a month later proposed a solution: so-called kits that can be installed on iOS and Android that intercept traffic for specific subdomains, “allowing us to read what would otherwise be encrypted traffic so we can measure in-app usage,” read an email from July 2016. “This is a ‘man-in-the-middle’ approach.”

A man-in-the-middle attack — nowadays also called adversary-in-the-middle — is an attack where hackers intercept internet traffic flowing from one device to another over a network. When the network traffic is unencrypted, this type of attack allows the hackers to read the data inside, such as usernames, passwords, and other in-app activity.

top 13 comments
sorted by: hot top controversial new old
[–] MataVatnik@lemmy.world 1 points 6 months ago (2 children)

And people want to let these parasites integrate into the fediverse

[–] nuzzlerat@lemmy.world 0 points 6 months ago

honest question: why does it matter? all data in any fediverse project is public anyways

[–] ramble81@lemm.ee 0 points 6 months ago (1 children)

Please tell me what governing body exists for the fediverse that would let us deny them access?

[–] ieatpillowtags@lemm.ee 0 points 6 months ago (1 children)

How is this a relevant question? Nobody said anything about some governing body. There have been discussions on many instances about whether to federate with them or not, and it’s accurate to say that some people think we should.

[–] Pips@lemmy.sdf.org 0 points 6 months ago (1 children)

For example, I'm personally of the opinion that instances should be allowed to federate until they prove themselves to be bad actors, but in Meta's case there's a lot of existing evidence that shows they shouldn't be allowed to federate in the first instance.

[–] JoBo@feddit.uk 0 points 6 months ago (1 children)

Who do you imagine is (or should be) making these rules for the Fediverse?

[–] Pips@lemmy.sdf.org 0 points 6 months ago (1 children)

Every instance gets to decide on its own, there's no set of rules governing the whole thing. That's why I stated this is my opinion, not some hard and fast rule.

[–] JoBo@feddit.uk 0 points 6 months ago (1 children)

You stated it very much as a set of rules that should exist. Twice.

[–] towerful@programming.dev 0 points 6 months ago (1 children)

For example, I'm personally of the opinion ...

Are you replying to the correct person?

[–] JoBo@feddit.uk 0 points 6 months ago

Yes. Did you forget how to quote your whole post?

[–] Sgn@programming.dev 0 points 6 months ago (1 children)

This is why tiktok shouldn't be banned it will only benefit zucck

[–] atrielienz@lemmy.world 0 points 6 months ago* (last edited 6 months ago)

Nah. Ban these companies or don't, we need user privacy protection laws.

[–] BurningnnTree@lemmy.one 0 points 6 months ago* (last edited 6 months ago)

I must be way out of the loop, cuz I had no idea this was possible. So does this mean the Facebook app on my phone has permission to view all of my network traffic? Why do Android and iOS allow this? Shouldn't that be a special permission that can only be granted explicitly?