A secret program called "Project Ghostbusters" saw Facebook devise a way to intercept and decrypt the encrypted network traffic of Snapchat users to study their behavior.
I’m concerned that the narrative that what Facebook was trying to achieve here was wrong or bad is itself user-hostile, and pushes in favor of the non-fiduciary model of software.
Facebook paid people to let them have access to those people’s communications with Snap, Inc., via Snapchat’s app. This is so that Facebook could do their analytics magic and try and work out how often Snapchat users tend to do X, Y, or Z. Did they pay enough? Who knows. Would you take the deal? Maybe not. Was this a totally free choice without any influence from the creeping specter of capitalist immiseration? Of course not. But it’s not some unusually nefarious plot when a person decides to let a company watch them do stuff! Privacy isn’t about never being allowed to reveal what you are up to. Some people like to fill out those little surveys they get in the mail.
Now, framing this as Facebook snooping on Snapchat’s data concedes that a person’s communications from their Snapchat app to Snapchat HQ are Snapchat’s data. Not that person’s data, to do with as they please. If the user interferes with the normal operation of one app at the suggestion of someone who runs a different app, this framing would see that as two apps having a fight, with user agency nowhere to be found. I think it is important to see this as a user making a choice about what their system is going to do. Snapchat on your phone is entirely your domain; none of it belongs to Snap, Inc. If you want to convince it to send all your Snapchat messages to the TV in Zuckerberg’s seventh bathroom in exchange for his toenail clippings, that’s your $DEITY-given right.
User agency is under threat already, and we should not write it away just to try and make Facebook look bad.
Even if they paid them there are a lot of things being done here that could be illegal, hence why they immediately shut down the VPN after someone found out what they are doing.
Not to mention how highly unethical this all is. If you read the articles, there were multiple people FROM Facebook that questioned the approach.
There are obviously ways that this kind of research could be done ethically or legally, and your right that people should be empowered over their data. That does not mean a large company abusing it’s knowledge and power should be legal.
Why? It’s not illegal, people don’t care, they’ve decimated privacy to the point no one cares, so they’re doing nothing wrong as Lon as they can justify all his horrendous shit to themselves.
Why the hell do they even let them operate anymore? Spying on people. That’s one of the most illegal things you can fucking do to a person, save bodily harm. Even law enforcement needs a damn permit for it.
It’s not spying when you directly give them access to monitor your communications. Says section 632 subsection VIIXVVIIX Subsubsection D in the 69 fine print 42. Isn’t everyone a lawyer with hundreds of hours to spend reading Eula’s?
Also fuck this noise. It’s made legal because people click agree to 10000000 pages of contract.
They have money. Period. End of discussion. Money equals do what you want. Having “fuck you” money equals do what you want to whoever you want without consequence.
This is the world we live in and it’s not going to change while half of an entire country’s voting body is willing to elect an insurrectionist that’s guilty of rape among ninety some-odd other things.
Best to just accept this and look inward to you and your own and do your best to keep those things happy and healthy.
How many times is Facebook going to be caught doing this kind of shit before some real action is taken. They clearly can’t be trusted. Let’s add them to the same TikTok ban at this point.
I was pointing out that the poster was likely referring to Gboard, not that I have knowledge about any data being collected by Gboard or any other keyboard software.
In evaluation of threats, that standard is way too high. The possibility is real even if unlikely. Unlikely things happen daily we just can’t predict which ones, because they’re each unlikely.
Let’s be real for a moment, when has legality stopped Google?
I’m not saying you’re wrong, but until relatively recently countries have not been holding Google or other big tech companies to task beyond a measily small percentage of their annual revenue
beyond a measily small percentage of their annual revenue
If you are referring to the GDPR you should know that the penalty is actually really high.
And it’s not like they can’t continue issuing fines if they don’t stop.
Also you have to keep the PR impact in mind.
Proved tracking of keyboard input like that would be very concerning for even the people that say “I have nothing to hide”.
Google also doesn’t need to track that when they know everything else about our life’s.
Yes, you shouldn’t download every random keyboard app on the app store or play store.
It’s just that it would be insane for an even slightly well known company to do stuff like that. I would be happy (or concerned really) to be proven wrong but that would obviously require actual evidence.
You think? How many times does Google getting sued for questionable or anti-Trust behaviour do you need?
By now, no one should be using them if they can do so. Or at least in an extremely limitedl fashion. For their and our sake. Since Google’s harm can reach societal levels.
Remember, they themselves are the ones who stopped using their own mantra of Don’t be Evil.
The penalty, if any, would be the equivalent of you promising, someday, to pay half a penny… If you can find one, but don’t rush… You know what, just forget about the whole thing and apologies for your troubles
There’s no doubt they have an ulterior motive. The way they’re federating right now is very one-sided and basically tells people they can just post on Threads and get the best of both worlds as they reach both audiences.
However, I see no harm from this to the dedicated Mastodon users who boycott or avoid Meta. They now get to follow Threads accounts without sharing their phone number or other personal information with Meta.
The data collection argument is weak, since everything you post on Mastodon is already public.
They now get to follow Threads accounts without sharing their phone number or other personal information with Meta.
Great! Going back to an abusive ex but they dont get your phone number this time. But its going to be different this time! I actually had a mother like this. Classic self delusion.
Yeah, not in the fedipact world. We are not going to facilitate this. It is technically impossible for most servers, opens us up to all kinds of exploitation (not data collection but definitely ad display, EEE and the effect of making people used to inflated feeds and likely to switch in case of defederation).
The fun thing is that some people are ignorant enough to think that humans actually have the ability to not follow ads and dark patterns. If that were the case, we wouldnt have an 800 billion $ ad business. Now all the ad companies have to do is make people believe that only the weak get influenced by ads. Like people going against restrictions for corporations. Its dunning kruger in full effect.
Also, we dont have many instance admins generally in the comments. Never having hosted an instance and tended to users needs but being very opinionated about admin decisions is like the people knowing how to coach a football team better than the actual coach. I advise anyone who knows better to host their own instance. Because underappreciating others’ struggle and effort is massively disrespectful imo.
Are you really comparing following a video game page, a media outlet, favorite musician or actor to an abusive ex? Are you on Twitter or any of Meta’s platforms? If not, how do you get the updates exclusive to social media? What if it’s a website that has no RSS feed?
I dont know if you’re deliberately ignoring the fact that I am talking about the service provider, not the actions you take on the platform. meta is on record for abusing human rights and facilitating all kinds of crimes against humanity. The comparison is spot on imo.
Edit: I was on most social media until a couple years ago. Some stuff I had to use for my job. So I very much understand the mechanics. I dont know what you mean by updates exclusive to social media. I dont need updates or news and if something goes down, someone will make a post about it on lemmy, mastodon, matrix or peertube.
I dont need updates or news and if something goes down, someone will make a post about it on lemmy, mastodon, matrix or peertube.
That’s fair, but I don’t think the same is true for most people. There is still a lot missing from the Fediverse in terms of prompt or important updates, especially if related to a matter outside the mainstream. I truly wish everyone had a presence on the Fedi platforms, but that’s just not the reality when even some of the biggest ideological opponents of Musk or Zuckerberg still actively use their platforms, even if their views or practices threaten their very existence.
At the end of the day, the reason even Privacy Guides recommends all the alternative frontends for sites like YouTube is to allow people to stay in the loop without having to share anything with those platforms that collect and sell data. With Nitter dead and Threads being the next big thing after Twitter, the federation could work as a viable frontend and potentially more.
I‘m not most people, tbf. My autistic brain is wired differently. But the fact that you get thebimportant stuff on the fedi remains imo. FOMO isnt a thing for peeps beyond a certain age and with a certain mindset I believe.
And the only way imo to get „everyone“ to join the fedi is using it, improving it and talking about it. Most people dont contribute to it since they are oblivious to the possibilities. You can write code, open issues, translate, build tools, design stuff, whatever your skillset or just donate. Sadly, most people are more comfortable with a small, underfunded groups of devs who constantly get shit on doing the work while they sit on their high horse and discuss what „should be done“.
I host an instance, write code, donate, open issues, build tools, post and discuss and advocate.
Btw you‘re equating necessity with demand which is a fallacy. If I recommend metadone in case you‘re a heroin addict doesnt mean everyone should use it. Its exactly this short, low hanging fruit thinking that makes people think dealing with meta will surely be fine.
They could and anyone things that they’re not already doing that is high. But thats not the concern of the fedipact. We just dont want them here as in their posts, their culture and their behavior.
Which is batty. I want lemmy to grow, to have niche communities open up etc. Gatekeeping people because “we don’t take kindly to your type” is plain stupid.
What do you gain by being shitty? What do you gain by complaining about threads? Maybe I’m simply someone who doesn’t look at lemmy through rose colored glasses thinking it is some wonderful place with no issues at all and I would rather not gatekeep new users?
The company that has been complicit with multiple ethnic cleansing campaigns, election manipulation schemes, and attempted to suppress their own research showing that their platform harms children? Yeah. They’re pretty ethically bankrupt and anyone with something resembling scruples should want nothing to do with them. The users are welcome to join an existing instance or create their own. The company needs to be blocked.
Who is “we”? This is a slippery slope talking point and nothing more. Fediverse was made with redundancy in mind, so nobodys instance is the “main” one by design. Being scared of someone comming in and being part of the various communities doesn’t mean that the fediverse would somehow get absorbed, destroyed or whatever have you.
Okay, but they want to join a meta instance. That’s what they know. Instantly defederating away from them “because corporation” is simply fearmongering in a system that’s resistant to “bad corp” taking over.
Consider not disparaging people who use drugs or those who are finished served their time in jail. Drug use is innate across the human species, and ex convicts should be fully integrated with the community as full citizens.
I want Lemmy to grow too but not at any cost. I’d rather have quality than quantity quite frankly.
Same.
I used TOR to log in to my FB account after years, just to see how my normie friends and family might be doing. They barely posted anything. It was just reposted ads.
My experience was also:
Numerous unblockable “suggested for you” pages were all thot-videos that would get me fired if I worked in an office.
FB marketplace, rife with scams.
The company has been caught doing everything from enabling genocides to collecting data on children to making “shadow profiles” for people without accounts, to influencing elections.
A single clicked link can hijack your account, evidenced by how many relatives send me private messages about a “friend that just got them a bunch of money.”
Yeah I’m more than happy having Lemmy have a basic intelligence barrier to entry, and making sure Meta suffocates if they try to zombify our platform with their accessibility + indoctrination strategy, like they have with entire countries.
Having a massive illiterate army that will do whatever you influence them to is nothing to sneeze at. (See: TikTok mobilizing their user base in the name of “free speech”)
If any living breathing person wants to come hang out with us on Lemmy / Mastodon / Pixelfed / etc… using any instance? I’m happy to walk them through it. There’s no “gatekeeping” any more than being required to read is gatekeeping the rest of society.
It’s been said the Fediverse feels like “the old internet”…exactly, when it was about expression, and anonymous handles, and not corporate and nation-state interests trying to mind control and profit off of alarmingly detailed profiles of the entire human population. Keep the board rooms out of our bedrooms.
Implying that lemmy is somehow better than other social media networks is equally silly. It’s not. It’s basically the exact same thing reddit is, with less people on it.
I’m looking at a computer, and I have no clue who any of you are. There’s nothing inherently social about anonymous message boards no matter what the revisionist clowns say.
It is a social network. Just because you don’t know someone personally doesn’t mean you aren’t interacting with them socially. Asking someone for directions to somewhere is socializing - you won’t meet the other person ever, but you made a connection, talked to someone. In extension, people who post more in certain communities will be recognized by many people visiting those communities. It doesn’t matter who is behind the nickname - you are talking to them, a living human being.
I agree and disagree. Crackheads and ex convicts are humans, meta is not human.
Its like letting the invading army of nazi germany in because „they’re human“. Meta is by definition a psychopathic authoritarian with an enormous force of „somewhat harmless“ people who will flood the servers and by their sheer number have the power to change anything they want.
We’ve already had this debate and we don’t care that you don’t like it. If you want to be on Threads, go be on fucking Threads. Not all of us want Lemmy to grow at all.
Why would you not want it to grow. I would have never cared about my online privacy if I didn’t stumble upon a Lemmy thread on reddit and join. I would have never ditched windows for Linux without Lemmy. I would not have done a lot of things without Lemmy. Saying you don’t want it to grow is dumb if something does not grow it will die. If you don’t want to see there content then block them. You should not be able to decide what others see.
That and there is organic growth and a 100x entity entering your space and calling it „growth“. Its delusional. Its literally the gauls and the romans.
Facebook achieved their MITM attack by selling a VPN with spyware in it.
And so you have to wonder: who in his right mind would buy a VPN service from effing Facebook of all companies? It’s like asking the KKK to do the catering at your bar mitzvah: if you have a problem with the service, you kind of asked for it.
it was a free app, wasn’t owned by Facebook from the beginning (they’ve acquired it in 2013), and it offered data saving, so it was a tempting install for people with small data plans.
It’s a proprietary platform … what do people expect?
It’s visiting someone’s business and you are in their property and you are watching TV on their TV set. You are reading newspapers and books that are on their property. And everyone acts surprised when the property owner keeps track of what you watched and what you read on their property.
You have no rights to do anything on their property … other than the rights they give you, which they can also take away, or just kick you out.
I think you are thinking of Instagram. Facebook doesn’t own Snapchat.
Oh it’s Onavo. Onavo was the “Facebook VPN” software they shuttered in 2019. So it had access to network traffic on-device before it was sent out.
Seems like it was more than a VPN, and put its claws deep into the network stack if it was reading packet buffers before they were encrypted. Not good; I’m sure that users were not made aware of this but in light of this possibility, your point stands.
What I really dislike in this way of thinking is that when Facebook is doing it, the reaction is what do you expect and when TikTok are doing it, people are outraged and call for banning the whole platform.
It’s a proprietary platform … what do people expect?
It’s visiting someone’s business and you are in their property and you are watching TV on their TV set. You are reading newspapers and books that are on their property. And everyone acts surprised when the property owner keeps track of what you watched and what you read on their property.
You have no rights to do anything on their property … other than the rights they give you, which they can also take away, or just kick you out.
Are you under the impression that Facebook owns Snapchat? Because they don’t. Nothing about this little “blame people for using proprietary services” rant is actually relevant to what happened. At all.
You should read the article because you clearly didn’t. Hell, all you’d have to do is read the first paragraph to understand they were spying on the users of a competitor.
Are you under the impression that Facebook owns Snapchat? Because they don’t. Nothing about this little “blame people for using proprietary services” rant is actually relevant to what happened. At all.
You should read the article because you clearly didn’t. Hell, all you’d have to do is read the first paragraph to understand they were spying on the users of a competitor.
The spying was done by a proprietary service (Facebook’s VPN). Blaming the users for anything on that scale is dumb and futile, but it still reinforces the idea of avoiding proprietary services as much as possible, especially anything on the client side.
The article didn’t explain how the attack worked though. Did the Snapchat client not use anything like TLS to connect to the Snapchat server? Did the Facebook VPN somehow still intercept it, e.g. with a certificate that Snapchat trusted but that Facebook used for spying? Die that cert also work in browsers and did it somehow pass a third party audit, that at least Mozilla requires? I do know Mozilla looks very askance at such things, and they booted out at least one cert vendor over something like that a few years ago.
If Snapchat used some kind of device-wide TLS stack that Facebook managed to subvert, that should be treated as an OS vulnerability (assuming we’re talking about mobile devices). There’s a bunch of stuff that apps simply cannot do unless the user first goes through some complex procedure to root the phone. Messing with the TLS stack should be one of them.
This was one company spying on the users of its competitor via unofficial means. Even in the furthest stretch of the corporate boot licking bullshit that “you signed up for the app so you deserve to be spied on” exists in, I don’t see how this scenario is covered.
This is just typical Lemmy. User doesn’t read the article but has very strong opinions based on what they imagine it to be about. Comment gets upvoted by a bunch of other users who also didn’t read the article but imagine they know what happened too. Rinse and repeat.
Banning tick tok is meant to distract us from the lack of a digital bill of rights. That’s what we need, but Google and meta checks cleared so this is what we got.
The TikTok ban isn’t about Privacy - it’s about selling it to Trump’s billionaire backers for cheap. That’s why Truth Social is going public now and “mysteriously” doing so well. It’s leading to a TikTok takeover.
They took Twitter, already have Facebook, and now are targeting TikTok and Reddit.
The political right’s biggest enemy over the past 30 years has been the democratization of information. But with the centralization on online activity that’s occurred over the last 15 years, they have a chance to undo all progress we’ve made.
Wow. This is comedically implausible levels of cyberpunk dystopia villainy. I can’t believe it’s real and yet am forced to accept that it’s just how things work around here…
The project was part of the company’s In-App Action Panel (IAPP) program, which used a technique for “intercepting and decrypting” encrypted app traffic from users of Snapchat, and later from users of YouTube and Amazon, the consumers’ lawyers wrote in the document.
Looks like they didn’t decrypt anything, just used MitM spyware.
In 2016, Facebook launched a secret project designed to intercept and decrypt the network traffic between people using Snapchat’s app and its servers.
On Tuesday, a federal court in California released new documents discovered as part of the class action lawsuit between consumers and Meta, Facebook’s parent company.
“Whenever someone asks a question about Snapchat, the answer is usually that because their traffic is encrypted we have no analytics about them,” Meta chief executive Mark Zuckerberg wrote in an email dated June 9, 2016, which was published as part of the lawsuit.
When the network traffic is unencrypted, this type of attack allows the hackers to read the data inside, such as usernames, passwords, and other in-app activity.
This is why Facebook engineers proposed using Onavo, which when activated had the advantage of reading all of the device’s network traffic before it got encrypted and sent over the internet.
“We now have the capability to measure detailed in-app activity” from “parsing snapchat [sic] analytics collected from incentivized participants in Onavo’s research program,” read another email.
The original article contains 671 words, the summary contains 175 words. Saved 74%. I’m a bot and I’m open source!
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !privacyguides@lemmy.one
In the digital age, protecting your personal information might seem like an impossible task. We’re here to help.
This is a community for sharing news about privacy, posting information about cool privacy tools and services, and getting advice about your privacy journey.
You can subscribe to this community from any Kbin or Lemmy instance:
Check out our website at privacyguides.org before asking your questions here. We’ve tried answering the common questions and recommendations there!
Want to get involved? The website is open-source on GitHub, and your help would be appreciated!
This community is the “official” Privacy Guides community on Lemmy, which can be verified here. Other “Privacy Guides” communities on other Lemmy servers are not moderated by this team or associated with the website.
Moderation Rules:
We prefer posting about open-source software whenever possible.
No soliciting engagement: Don’t ask for upvotes, follows, etc.
Surveys, Fundraising, and Petitions must be pre-approved by the mod team.
Be civil, no violence, hate speech. Assume people here are posting in good faith.
Don’t repost topics which have already been covered here.
News posts must be related to privacy and security, and your post title must match the article headline exactly. Do not editorialize titles, you can post your opinions in the post body or a comment.
Memes/images/video posts that could be summarized as text explanations should not be posted. Infographics and conference talks from reputable sources are acceptable.
No help vampires: This is not a tech support subreddit, don’t abuse our community’s willingness to help. Questions related to privacy, security or privacy/security related software and their configurations are acceptable.
No misinformation: Extraordinary claims must be matched with evidence.
Do not post about VPNs or cryptocurrencies which are not listed on privacyguides.org. See Rule 2 for info on adding new recommendations to the website.
General guides or software lists are not permitted. Original sources and research about specific topics are allowed as long as they are high quality and factual. We are not providing a platform for poorly-vetted, out-of-date or conflicting recommendations.
wow so surprised, much shocked
Zuckerberg Did Nothing Wrong
I’m concerned that the narrative that what Facebook was trying to achieve here was wrong or bad is itself user-hostile, and pushes in favor of the non-fiduciary model of software.
Facebook paid people to let them have access to those people’s communications with Snap, Inc., via Snapchat’s app. This is so that Facebook could do their analytics magic and try and work out how often Snapchat users tend to do X, Y, or Z. Did they pay enough? Who knows. Would you take the deal? Maybe not. Was this a totally free choice without any influence from the creeping specter of capitalist immiseration? Of course not. But it’s not some unusually nefarious plot when a person decides to let a company watch them do stuff! Privacy isn’t about never being allowed to reveal what you are up to. Some people like to fill out those little surveys they get in the mail.
Now, framing this as Facebook snooping on Snapchat’s data concedes that a person’s communications from their Snapchat app to Snapchat HQ are Snapchat’s data. Not that person’s data, to do with as they please. If the user interferes with the normal operation of one app at the suggestion of someone who runs a different app, this framing would see that as two apps having a fight, with user agency nowhere to be found. I think it is important to see this as a user making a choice about what their system is going to do. Snapchat on your phone is entirely your domain; none of it belongs to Snap, Inc. If you want to convince it to send all your Snapchat messages to the TV in Zuckerberg’s seventh bathroom in exchange for his toenail clippings, that’s your
$DEITY-given right.User agency is under threat already, and we should not write it away just to try and make Facebook look bad.
Even if they paid them there are a lot of things being done here that could be illegal, hence why they immediately shut down the VPN after someone found out what they are doing.
Not to mention how highly unethical this all is. If you read the articles, there were multiple people FROM Facebook that questioned the approach.
There are obviously ways that this kind of research could be done ethically or legally, and your right that people should be empowered over their data. That does not mean a large company abusing it’s knowledge and power should be legal.
It’s weird they put shit like that clearly in internal emails, you’d think they’d wanna keep things off the books.
Why? It’s not illegal, people don’t care, they’ve decimated privacy to the point no one cares, so they’re doing nothing wrong as Lon as they can justify all his horrendous shit to themselves.
Why the hell do they even let them operate anymore? Spying on people. That’s one of the most illegal things you can fucking do to a person, save bodily harm. Even law enforcement needs a damn permit for it.
It’s not spying when you directly give them access to monitor your communications. Says section 632 subsection VIIXVVIIX Subsubsection D in the 69 fine print 42. Isn’t everyone a lawyer with hundreds of hours to spend reading Eula’s?
Also fuck this noise. It’s made legal because people click agree to 10000000 pages of contract.
They have money. Period. End of discussion. Money equals do what you want. Having “fuck you” money equals do what you want to whoever you want without consequence.
This is the world we live in and it’s not going to change while half of an entire country’s voting body is willing to elect an insurrectionist that’s guilty of rape among ninety some-odd other things.
Best to just accept this and look inward to you and your own and do your best to keep those things happy and healthy.
How many times is Facebook going to be caught doing this kind of shit before some real action is taken. They clearly can’t be trusted. Let’s add them to the same TikTok ban at this point.
The lesson to be learned here is to be careful with which VPN you trust on your phone.
Google offers a VPN as part of their Google subscription. Makes me wonder if they’re going the same thing.
Of course they’re doing the same thing! How much of a patsy do you need to be to think otherwise?
Honestly, I never considered the packet being decrypted by the vpn. I assumed it was encrypted til it gets to the app I’m using.
Hahaha, why would Google need a VPN to spy on you? Google keyboard tracks everything you do.
I am not fan of Google but that’s an enormous accusation. Do you have any evidence?
Willing to bet they meant in the context of whatever you search for with Google.
Or the default Gboard on Android phones.
Does this include aosp keyboard too?
I was pointing out that the poster was likely referring to Gboard, not that I have knowledge about any data being collected by Gboard or any other keyboard software.
That is what I thought they meant.
Tracking the keyboard like they said would be extremely invasive and extremely illegal.
Extraordinary claims require extraordinary evidence.
(And yes some local tracking is needed to predict words but that’s very different from collecting data)
In evaluation of threats, that standard is way too high. The possibility is real even if unlikely. Unlikely things happen daily we just can’t predict which ones, because they’re each unlikely.
Let’s be real for a moment, when has legality stopped Google?
I’m not saying you’re wrong, but until relatively recently countries have not been holding Google or other big tech companies to task beyond a measily small percentage of their annual revenue
If you are referring to the GDPR you should know that the penalty is actually really high. And it’s not like they can’t continue issuing fines if they don’t stop.
Also you have to keep the PR impact in mind. Proved tracking of keyboard input like that would be very concerning for even the people that say “I have nothing to hide”.
Google also doesn’t need to track that when they know everything else about our life’s.
Many shiti keyboard got caught logging tho
So it is not unheard of
Yes, you shouldn’t download every random keyboard app on the app store or play store.
It’s just that it would be insane for an even slightly well known company to do stuff like that. I would be happy (or concerned really) to be proven wrong but that would obviously require actual evidence.
You think? How many times does Google getting sued for questionable or anti-Trust behaviour do you need?
By now, no one should be using them if they can do so. Or at least in an extremely limitedl fashion. For their and our sake. Since Google’s harm can reach societal levels.
Remember, they themselves are the ones who stopped using their own mantra of Don’t be Evil.
There is zero doubt in my mind that Google VPN is a honey pot for ad mining.
You’d have to be a complete fucking moron to get your VPN from any surveillance capitalism corporation.
“Project Ghostbusters”
whatever criminal charges meta faces, the person who came up with that name should get the death penalty
that isn’t the worst name I’ve seen but, yeah… should’ve taken notes from the military on how to codename something.
The penalty, if any, would be the equivalent of you promising, someday, to pay half a penny… If you can find one, but don’t rush… You know what, just forget about the whole thing and apologies for your troubles
On that note, lets federate with threads! (I‘m gonna rub this in for the rest of eternity)
I mean, how braindead does someone have to be to not see that meta is the devil.
Fedipact for the win! :)
Lovely to see how crazy long that list was!
Quite simply: “Feda is always betta without meta”
There’s no doubt they have an ulterior motive. The way they’re federating right now is very one-sided and basically tells people they can just post on Threads and get the best of both worlds as they reach both audiences.
However, I see no harm from this to the dedicated Mastodon users who boycott or avoid Meta. They now get to follow Threads accounts without sharing their phone number or other personal information with Meta.
The data collection argument is weak, since everything you post on Mastodon is already public.
Great! Going back to an abusive ex but they dont get your phone number this time. But its going to be different this time! I actually had a mother like this. Classic self delusion.
Yeah, not in the fedipact world. We are not going to facilitate this. It is technically impossible for most servers, opens us up to all kinds of exploitation (not data collection but definitely ad display, EEE and the effect of making people used to inflated feeds and likely to switch in case of defederation).
The fun thing is that some people are ignorant enough to think that humans actually have the ability to not follow ads and dark patterns. If that were the case, we wouldnt have an 800 billion $ ad business. Now all the ad companies have to do is make people believe that only the weak get influenced by ads. Like people going against restrictions for corporations. Its dunning kruger in full effect.
Also, we dont have many instance admins generally in the comments. Never having hosted an instance and tended to users needs but being very opinionated about admin decisions is like the people knowing how to coach a football team better than the actual coach. I advise anyone who knows better to host their own instance. Because underappreciating others’ struggle and effort is massively disrespectful imo.
Are you really comparing following a video game page, a media outlet, favorite musician or actor to an abusive ex? Are you on Twitter or any of Meta’s platforms? If not, how do you get the updates exclusive to social media? What if it’s a website that has no RSS feed?
I dont know if you’re deliberately ignoring the fact that I am talking about the service provider, not the actions you take on the platform. meta is on record for abusing human rights and facilitating all kinds of crimes against humanity. The comparison is spot on imo.
Edit: I was on most social media until a couple years ago. Some stuff I had to use for my job. So I very much understand the mechanics. I dont know what you mean by updates exclusive to social media. I dont need updates or news and if something goes down, someone will make a post about it on lemmy, mastodon, matrix or peertube.
That’s fair, but I don’t think the same is true for most people. There is still a lot missing from the Fediverse in terms of prompt or important updates, especially if related to a matter outside the mainstream. I truly wish everyone had a presence on the Fedi platforms, but that’s just not the reality when even some of the biggest ideological opponents of Musk or Zuckerberg still actively use their platforms, even if their views or practices threaten their very existence.
At the end of the day, the reason even Privacy Guides recommends all the alternative frontends for sites like YouTube is to allow people to stay in the loop without having to share anything with those platforms that collect and sell data. With Nitter dead and Threads being the next big thing after Twitter, the federation could work as a viable frontend and potentially more.
I‘m not most people, tbf. My autistic brain is wired differently. But the fact that you get thebimportant stuff on the fedi remains imo. FOMO isnt a thing for peeps beyond a certain age and with a certain mindset I believe.
And the only way imo to get „everyone“ to join the fedi is using it, improving it and talking about it. Most people dont contribute to it since they are oblivious to the possibilities. You can write code, open issues, translate, build tools, design stuff, whatever your skillset or just donate. Sadly, most people are more comfortable with a small, underfunded groups of devs who constantly get shit on doing the work while they sit on their high horse and discuss what „should be done“.
I host an instance, write code, donate, open issues, build tools, post and discuss and advocate.
Btw you‘re equating necessity with demand which is a fallacy. If I recommend metadone in case you‘re a heroin addict doesnt mean everyone should use it. Its exactly this short, low hanging fruit thinking that makes people think dealing with meta will surely be fine.
That pink background, ugh.
#6F89B4goes much easier on the eyes and still keeps both black and white fonts perfectly legibleI agree, the background isnt too great. The idea though is gold.
They could be “snooping” on the fediverse anyway by starting an instance and federating.
They could and anyone things that they’re not already doing that is high. But thats not the concern of the fedipact. We just dont want them here as in their posts, their culture and their behavior.
Which is batty. I want lemmy to grow, to have niche communities open up etc. Gatekeeping people because “we don’t take kindly to your type” is plain stupid.
Whatever „batty“ means.
Your argument is falsely equating our „we dont accept authoritarian systems here“ to „we dont accept people“ which is thinly veiled gaslighting.
No, the issue is “we don’t accept people from facebook”. It doesn’t matter what their opinion is - facebook bad.
What are you gaining by astroturfing here? Are you being paid by the hour, or just being used as a free bootlicker?
What do you gain by being shitty? What do you gain by complaining about threads? Maybe I’m simply someone who doesn’t look at lemmy through rose colored glasses thinking it is some wonderful place with no issues at all and I would rather not gatekeep new users?
The company that has been complicit with multiple ethnic cleansing campaigns, election manipulation schemes, and attempted to suppress their own research showing that their platform harms children? Yeah. They’re pretty ethically bankrupt and anyone with something resembling scruples should want nothing to do with them. The users are welcome to join an existing instance or create their own. The company needs to be blocked.
You‘re doing it again. Please stop putting words in my mouth.
We dont accept facebook here, period.
Which is the exact same thing I said - you don’t care about the people, you just go “facebook bad” and ban it
Yeah, no. The issue is we don’t want corpos using the EEE standard as they have with mostly everything internet wise.
If people want to use Lemmy, make a fucking account, join an instance, and WOW look at that, we grew!
Who is “we”? This is a slippery slope talking point and nothing more. Fediverse was made with redundancy in mind, so nobodys instance is the “main” one by design. Being scared of someone comming in and being part of the various communities doesn’t mean that the fediverse would somehow get absorbed, destroyed or whatever have you.
Brother, it’s not the people. It’s the corporation. If the people want to join a non Meta instance they would be welcomed with open arms
Okay, but they want to join a meta instance. That’s what they know. Instantly defederating away from them “because corporation” is simply fearmongering in a system that’s resistant to “bad corp” taking over.
That’s like saying you want your country club to grow by letting crackheads, ex-convicts and hooligans have a membership card.
I want Lemmy to grow too but not at any cost. I’d rather have quality than quantity quite frankly.
Consider not disparaging people who use drugs or those who are finished served their time in jail. Drug use is innate across the human species, and ex convicts should be fully integrated with the community as full citizens.
Murder as well, doesn’t make it a good thing. Drugs are for losers.
Same.
I used TOR to log in to my FB account after years, just to see how my normie friends and family might be doing. They barely posted anything. It was just reposted ads.
My experience was also:
Numerous unblockable “suggested for you” pages were all thot-videos that would get me fired if I worked in an office.
FB marketplace, rife with scams.
The company has been caught doing everything from enabling genocides to collecting data on children to making “shadow profiles” for people without accounts, to influencing elections.
A single clicked link can hijack your account, evidenced by how many relatives send me private messages about a “friend that just got them a bunch of money.”
Yeah I’m more than happy having Lemmy have a basic intelligence barrier to entry, and making sure Meta suffocates if they try to zombify our platform with their accessibility + indoctrination strategy, like they have with entire countries.
Having a massive illiterate army that will do whatever you influence them to is nothing to sneeze at. (See: TikTok mobilizing their user base in the name of “free speech”)
If any living breathing person wants to come hang out with us on Lemmy / Mastodon / Pixelfed / etc… using any instance? I’m happy to walk them through it. There’s no “gatekeeping” any more than being required to read is gatekeeping the rest of society.
It’s been said the Fediverse feels like “the old internet”…exactly, when it was about expression, and anonymous handles, and not corporate and nation-state interests trying to mind control and profit off of alarmingly detailed profiles of the entire human population. Keep the board rooms out of our bedrooms.
Implying that lemmy is somehow better than other social media networks is equally silly. It’s not. It’s basically the exact same thing reddit is, with less people on it.
I’m looking at a computer, and I have no clue who any of you are. There’s nothing inherently social about anonymous message boards no matter what the revisionist clowns say.
It is a social network. Just because you don’t know someone personally doesn’t mean you aren’t interacting with them socially. Asking someone for directions to somewhere is socializing - you won’t meet the other person ever, but you made a connection, talked to someone. In extension, people who post more in certain communities will be recognized by many people visiting those communities. It doesn’t matter who is behind the nickname - you are talking to them, a living human being.
I agree and disagree. Crackheads and ex convicts are humans, meta is not human.
Its like letting the invading army of nazi germany in because „they’re human“. Meta is by definition a psychopathic authoritarian with an enormous force of „somewhat harmless“ people who will flood the servers and by their sheer number have the power to change anything they want.
Eternal September is inevitable. It’s not like the good communities will stop existing.
I saw many good Reddit subs then into garbage as the site grew.
At least the Fediverse should be resistant to enshittification because greed isn’t the driving force behind it.
We’ve already had this debate and we don’t care that you don’t like it. If you want to be on Threads, go be on fucking Threads. Not all of us want Lemmy to grow at all.
Why would you not want it to grow. I would have never cared about my online privacy if I didn’t stumble upon a Lemmy thread on reddit and join. I would have never ditched windows for Linux without Lemmy. I would not have done a lot of things without Lemmy. Saying you don’t want it to grow is dumb if something does not grow it will die. If you don’t want to see there content then block them. You should not be able to decide what others see.
Sounds like Lemmy did just just fine at the size it already is.
That and there is organic growth and a 100x entity entering your space and calling it „growth“. Its delusional. Its literally the gauls and the romans.
Did you want to say defederate?
No. I was being sarcastic. Sorry if that wasnt clear.
Yeah but…
Facebook achieved their MITM attack by selling a VPN with spyware in it.
And so you have to wonder: who in his right mind would buy a VPN service from effing Facebook of all companies? It’s like asking the KKK to do the catering at your bar mitzvah: if you have a problem with the service, you kind of asked for it.
I constantly wondered the same thing about sensor-laden VR HMDs, but here we are.
At this point I wonder how many people wouldn’t bat an eye if their Facebook account was their national ID.
@ExtremeDullard
@throws_lemy
Facebook paid kids $20 a month to run this app: https://www.vox.com/the-goods/2019/1/30/18203803/facebook-research-vpn-minors-data-access-apple
These kids most likely didn’t see it as a VPN at all
it was a free app, wasn’t owned by Facebook from the beginning (they’ve acquired it in 2013), and it offered data saving, so it was a tempting install for people with small data plans.
When I was a kid, my parents taught me not to accept free candy from creepy old men.
Kids should be taught not to install VPNs from Big Data for the same reason - and a whole host of other common sense internet hygiene rules.
Sure, but you would have to first get people to understand what VPNs are.
It’s a proprietary platform … what do people expect?
It’s visiting someone’s business and you are in their property and you are watching TV on their TV set. You are reading newspapers and books that are on their property. And everyone acts surprised when the property owner keeps track of what you watched and what you read on their property.
You have no rights to do anything on their property … other than the rights they give you, which they can also take away, or just kick you out.
I like your analogy but from my perspective it isn’t fitting.
It would be more like the postal service opening your letters.
I think you are thinking of Instagram. Facebook doesn’t own Snapchat.Oh it’s Onavo. Onavo was the “Facebook VPN” software they shuttered in 2019. So it had access to network traffic on-device before it was sent out.
Seems like it was more than a VPN, and put its claws deep into the network stack if it was reading packet buffers before they were encrypted. Not good; I’m sure that users were not made aware of this but in light of this possibility, your point stands.
What I really dislike in this way of thinking is that when Facebook is doing it, the reaction is what do you expect and when TikTok are doing it, people are outraged and call for banning the whole platform.
So why the double standards?
“Foreign oligarchs are taking over!” - domestic oligarchs probably
removed by mod
Are you under the impression that Facebook owns Snapchat? Because they don’t. Nothing about this little “blame people for using proprietary services” rant is actually relevant to what happened. At all.
You should read the article because you clearly didn’t. Hell, all you’d have to do is read the first paragraph to understand they were spying on the users of a competitor.
The spying was done by a proprietary service (Facebook’s VPN). Blaming the users for anything on that scale is dumb and futile, but it still reinforces the idea of avoiding proprietary services as much as possible, especially anything on the client side.
The article didn’t explain how the attack worked though. Did the Snapchat client not use anything like TLS to connect to the Snapchat server? Did the Facebook VPN somehow still intercept it, e.g. with a certificate that Snapchat trusted but that Facebook used for spying? Die that cert also work in browsers and did it somehow pass a third party audit, that at least Mozilla requires? I do know Mozilla looks very askance at such things, and they booted out at least one cert vendor over something like that a few years ago.
If Snapchat used some kind of device-wide TLS stack that Facebook managed to subvert, that should be treated as an OS vulnerability (assuming we’re talking about mobile devices). There’s a bunch of stuff that apps simply cannot do unless the user first goes through some complex procedure to root the phone. Messing with the TLS stack should be one of them.
…what?
This was one company spying on the users of its competitor via unofficial means. Even in the furthest stretch of the corporate boot licking bullshit that “you signed up for the app so you deserve to be spied on” exists in, I don’t see how this scenario is covered.
This is just typical Lemmy. User doesn’t read the article but has very strong opinions based on what they imagine it to be about. Comment gets upvoted by a bunch of other users who also didn’t read the article but imagine they know what happened too. Rinse and repeat.
“It’s okay when a major company does it. For everyone else that’s a violation of the computer fraud and abuse act…” - FBI/DOJ
Banning tick tok is meant to distract us from the lack of a digital bill of rights. That’s what we need, but Google and meta checks cleared so this is what we got.
Let me correct you: “It’s okay when a major AMERICAN company does it.”
Fixed it for you. Guarantee if they found TikTok doing this that ban would be going through today.
The TikTok ban isn’t about Privacy - it’s about selling it to Trump’s billionaire backers for cheap. That’s why Truth Social is going public now and “mysteriously” doing so well. It’s leading to a TikTok takeover.
They took Twitter, already have Facebook, and now are targeting TikTok and Reddit.
The political right’s biggest enemy over the past 30 years has been the democratization of information. But with the centralization on online activity that’s occurred over the last 15 years, they have a chance to undo all progress we’ve made.
I haven’t heard about Truth Social’s plans, but that wouldn’t surprise me.
I have however heard of this:
https://www.politico.com/news/2024/03/14/steve-mnuchin-tiktok-00146966
Wow. This is comedically implausible levels of cyberpunk dystopia villainy. I can’t believe it’s real and yet am forced to accept that it’s just how things work around here…
*when the FBI/|DOJ/NSA gets their cut of the info.
The project was part of the company’s In-App Action Panel (IAPP) program, which used a technique for “intercepting and decrypting” encrypted app traffic from users of Snapchat, and later from users of YouTube and Amazon, the consumers’ lawyers wrote in the document.
Looks like they didn’t decrypt anything, just used MitM spyware.
https://www.businessinsider.com/mark-zuckerberg-facebook-execs-decrypt-rival-apps-usage-snap-youtube-2024-3
Yep, this article has more details about it
Feels like that blatant violation should be prison time for anyone involved.
Seems like a textbook case of violations of the US Computer Fraud and Abuse Act of 1986. They should be criminally charged.
This is the best summary I could come up with:
In 2016, Facebook launched a secret project designed to intercept and decrypt the network traffic between people using Snapchat’s app and its servers.
On Tuesday, a federal court in California released new documents discovered as part of the class action lawsuit between consumers and Meta, Facebook’s parent company.
“Whenever someone asks a question about Snapchat, the answer is usually that because their traffic is encrypted we have no analytics about them,” Meta chief executive Mark Zuckerberg wrote in an email dated June 9, 2016, which was published as part of the lawsuit.
When the network traffic is unencrypted, this type of attack allows the hackers to read the data inside, such as usernames, passwords, and other in-app activity.
This is why Facebook engineers proposed using Onavo, which when activated had the advantage of reading all of the device’s network traffic before it got encrypted and sent over the internet.
“We now have the capability to measure detailed in-app activity” from “parsing snapchat [sic] analytics collected from incentivized participants in Onavo’s research program,” read another email.
The original article contains 671 words, the summary contains 175 words. Saved 74%. I’m a bot and I’m open source!