“It’s okay when a major company does it. For everyone else that’s a violation of the computer fraud and abuse act…” - FBI/DOJ
“It’s okay when a major American company does it.” - FBI/DOJ
Fixed it for you. Guarantee if they found TikTok doing this that ban would be going through today.
The TikTok ban isn’t about Privacy - it’s about selling it to Trump’s billionaire backers for cheap. That’s why Truth Social is going public now and “mysteriously” doing so well. It’s leading to a TikTok takeover.
They took Twitter, already have Facebook, and now are targeting TikTok and Reddit.
The political right’s biggest enemy over the past 30 years has been the democratization of information. But with the centralization on online activity that’s occurred over the last 15 years, they have a chance to undo all progress we’ve made.
deleted by creator
deleted by creator
Let me correct you: “It’s okay when a major AMERICAN company does it.”
Banning tick tok is meant to distract us from the lack of a digital bill of rights. That’s what we need, but Google and meta checks cleared so this is what we got.
Feels like that blatant violation should be prison time for anyone involved.
Seems like a textbook case of violations of the US Computer Fraud and Abuse Act of 1986. They should be criminally charged.
Yeah but…
Facebook achieved their MITM attack by selling a VPN with spyware in it.
And so you have to wonder: who in his right mind would buy a VPN service from effing Facebook of all companies? It’s like asking the KKK to do the catering at your bar mitzvah: if you have a problem with the service, you kind of asked for it.
Facebook paid kids $20 a month to run this app: https://www.vox.com/the-goods/2019/1/30/18203803/facebook-research-vpn-minors-data-access-apple
These kids most likely didn’t see it as a VPN at all
it was a free app, wasn’t owned by Facebook from the beginning (they’ve acquired it in 2013), and it offered data saving, so it was a tempting install for people with small data plans.
When I was a kid, my parents taught me not to accept free candy from creepy old men.
Kids should be taught not to install VPNs from Big Data for the same reason - and a whole host of other common sense internet hygiene rules.
deleted by creator
“Project Ghostbusters”
whatever criminal charges meta faces, the person who came up with that name should get the death penalty
deleted by creator
that isn’t the worst name I’ve seen but, yeah… should’ve taken notes from the military on how to codename something.
The lesson to be learned here is to be careful with which VPN you trust on your phone.
Google offers a VPN as part of their Google subscription. Makes me wonder if they’re going the same thing.
There is zero doubt in my mind that Google VPN is a honey pot for ad mining.
You’d have to be a complete fucking moron to get your VPN from any surveillance capitalism corporation.
deleted by creator
deleted by creator
Willing to bet they meant in the context of whatever you search for with Google.
Or the default Gboard on Android phones.
deleted by creator
Let’s be real for a moment, when has legality stopped Google?
I’m not saying you’re wrong, but until relatively recently countries have not been holding Google or other big tech companies to task beyond a measily small percentage of their annual revenue
deleted by creator
In evaluation of threats, that standard is way too high. The possibility is real even if unlikely. Unlikely things happen daily we just can’t predict which ones, because they’re each unlikely.
Many shiti keyboard got caught logging tho
So it is not unheard of
deleted by creator
Does this include aosp keyboard too?
I was pointing out that the poster was likely referring to Gboard, not that I have knowledge about any data being collected by Gboard or any other keyboard software.
You think? How many times does Google getting sued for questionable or anti-Trust behaviour do you need?
By now, no one should be using them if they can do so. Or at least in an extremely limitedl fashion. For their and our sake. Since Google’s harm can reach societal levels.
Remember, they themselves are the ones who stopped using their own mantra of Don’t be Evil.
deleted by creator
Honestly, I never considered the packet being decrypted by the vpn. I assumed it was encrypted til it gets to the app I’m using.
Why the hell do they even let them operate anymore? Spying on people. That’s one of the most illegal things you can fucking do to a person, save bodily harm. Even law enforcement needs a damn permit for it.
deleted by creator
It’s not spying when you directly give them access to monitor your communications. Says section 632 subsection VIIXVVIIX Subsubsection D in the 69 fine print 42. Isn’t everyone a lawyer with hundreds of hours to spend reading Eula’s?
Also fuck this noise. It’s made legal because people click agree to 10000000 pages of contract.
This is the best summary I could come up with:
In 2016, Facebook launched a secret project designed to intercept and decrypt the network traffic between people using Snapchat’s app and its servers.
On Tuesday, a federal court in California released new documents discovered as part of the class action lawsuit between consumers and Meta, Facebook’s parent company.
“Whenever someone asks a question about Snapchat, the answer is usually that because their traffic is encrypted we have no analytics about them,” Meta chief executive Mark Zuckerberg wrote in an email dated June 9, 2016, which was published as part of the lawsuit.
When the network traffic is unencrypted, this type of attack allows the hackers to read the data inside, such as usernames, passwords, and other in-app activity.
This is why Facebook engineers proposed using Onavo, which when activated had the advantage of reading all of the device’s network traffic before it got encrypted and sent over the internet.
“We now have the capability to measure detailed in-app activity” from “parsing snapchat [sic] analytics collected from incentivized participants in Onavo’s research program,” read another email.
The original article contains 671 words, the summary contains 175 words. Saved 74%. I’m a bot and I’m open source!
It’s a proprietary platform … what do people expect?
It’s visiting someone’s business and you are in their property and you are watching TV on their TV set. You are reading newspapers and books that are on their property. And everyone acts surprised when the property owner keeps track of what you watched and what you read on their property.
You have no rights to do anything on their property … other than the rights they give you, which they can also take away, or just kick you out.
deleted by creator
This is just typical Lemmy. User doesn’t read the article but has very strong opinions based on what they imagine it to be about. Comment gets upvoted by a bunch of other users who also didn’t read the article but imagine they know what happened too. Rinse and repeat.
It’s a proprietary platform … what do people expect?
It’s visiting someone’s business and you are in their property and you are watching TV on their TV set. You are reading newspapers and books that are on their property. And everyone acts surprised when the property owner keeps track of what you watched and what you read on their property.
You have no rights to do anything on their property … other than the rights they give you, which they can also take away, or just kick you out.
Are you under the impression that Facebook owns Snapchat? Because they don’t. Nothing about this little “blame people for using proprietary services” rant is actually relevant to what happened. At all.
You should read the article because you clearly didn’t. Hell, all you’d have to do is read the first paragraph to understand they were spying on the users of a competitor.
Are you under the impression that Facebook owns Snapchat? Because they don’t. Nothing about this little “blame people for using proprietary services” rant is actually relevant to what happened. At all.
You should read the article because you clearly didn’t. Hell, all you’d have to do is read the first paragraph to understand they were spying on the users of a competitor.
The spying was done by a proprietary service (Facebook’s VPN). Blaming the users for anything on that scale is dumb and futile, but it still reinforces the idea of avoiding proprietary services as much as possible, especially anything on the client side.
The article didn’t explain how the attack worked though. Did the Snapchat client not use anything like TLS to connect to the Snapchat server? Did the Facebook VPN somehow still intercept it, e.g. with a certificate that Snapchat trusted but that Facebook used for spying? Die that cert also work in browsers and did it somehow pass a third party audit, that at least Mozilla requires? I do know Mozilla looks very askance at such things, and they booted out at least one cert vendor over something like that a few years ago.
If Snapchat used some kind of device-wide TLS stack that Facebook managed to subvert, that should be treated as an OS vulnerability (assuming we’re talking about mobile devices). There’s a bunch of stuff that apps simply cannot do unless the user first goes through some complex procedure to root the phone. Messing with the TLS stack should be one of them.
What I really dislike in this way of thinking is that when Facebook is doing it, the reaction is what do you expect and when TikTok are doing it, people are outraged and call for banning the whole platform.
So why the double standards?
“Foreign oligarchs are taking over!” - domestic oligarchs probably
I think you are thinking of Instagram. Facebook doesn’t own Snapchat.Oh it’s Onavo. Onavo was the “Facebook VPN” software they shuttered in 2019. So it had access to network traffic on-device before it was sent out.
Seems like it was more than a VPN, and put its claws deep into the network stack if it was reading packet buffers before they were encrypted. Not good; I’m sure that users were not made aware of this but in light of this possibility, your point stands.
I like your analogy but from my perspective it isn’t fitting.
It would be more like the postal service opening your letters.
Zuckerberg Did Nothing Wrong
I’m concerned that the narrative that what Facebook was trying to achieve here was wrong or bad is itself user-hostile, and pushes in favor of the non-fiduciary model of software.
Facebook paid people to let them have access to those people’s communications with Snap, Inc., via Snapchat’s app. This is so that Facebook could do their analytics magic and try and work out how often Snapchat users tend to do X, Y, or Z. Did they pay enough? Who knows. Would you take the deal? Maybe not. Was this a totally free choice without any influence from the creeping specter of capitalist immiseration? Of course not. But it’s not some unusually nefarious plot when a person decides to let a company watch them do stuff! Privacy isn’t about never being allowed to reveal what you are up to. Some people like to fill out those little surveys they get in the mail.
Now, framing this as Facebook snooping on Snapchat’s data concedes that a person’s communications from their Snapchat app to Snapchat HQ are Snapchat’s data. Not that person’s data, to do with as they please. If the user interferes with the normal operation of one app at the suggestion of someone who runs a different app, this framing would see that as two apps having a fight, with user agency nowhere to be found. I think it is important to see this as a user making a choice about what their system is going to do. Snapchat on your phone is entirely your domain; none of it belongs to Snap, Inc. If you want to convince it to send all your Snapchat messages to the TV in Zuckerberg’s seventh bathroom in exchange for his toenail clippings, that’s your
$DEITY-given right.User agency is under threat already, and we should not write it away just to try and make Facebook look bad.
Even if they paid them there are a lot of things being done here that could be illegal, hence why they immediately shut down the VPN after someone found out what they are doing.
Not to mention how highly unethical this all is. If you read the articles, there were multiple people FROM Facebook that questioned the approach.
There are obviously ways that this kind of research could be done ethically or legally, and your right that people should be empowered over their data. That does not mean a large company abusing it’s knowledge and power should be legal.
wow so surprised, much shocked
It’s weird they put shit like that clearly in internal emails, you’d think they’d wanna keep things off the books.
Why? It’s not illegal, people don’t care, they’ve decimated privacy to the point no one cares, so they’re doing nothing wrong as Lon as they can justify all his horrendous shit to themselves.
How many times is Facebook going to be caught doing this kind of shit before some real action is taken? They clearly can’t be trusted. Let’s add them to the same TikTok ban at this point.
