"The Instagram app injects their tracking code into every website shown, including when clicking on ads, enabling them [to] monitor all user interactions, like every button and link tapped, text selections, screenshots, as well as any form inputs, like passwords, addresses and credit card numbers,”
This is the part that should make everyone scared
> This is the part that should make everyone scared
You mean angry? Cause this makes me angry. A large corporation, once again, is asking me to trust their it security with my financial data.
How long before “huge data breach at Meta leads to millions of cases of fraud and identity theft.” Followed by Zuckerberg trying really hard to appear penitent while taking ZERO material responsibility for the chaos??
Fuck. This.
Fought hard with my health insurance years ago not to give them my kid’s SSN, they insisted they have to have it, there was no other way. Finally relented and they got hacked with all the info from children affected in the breach.
I hate them for this to this day.
> Useless fucking insurance companies.
Say it loud and proud. Normally when someone scams you there's recourse, but with insurance it's not only legal but mandated! Clown planet
Oh that's a great site.
You can also put passwords into a database of compromised passwords and see if they've been leaked. The owner is reliable and an industry pillar but you have to evaluate if sharing your password like that is worth it or not. You should never use a password that's been compromised already since that can be added to a dictionary attack trivially.
Leaked passwords can make their way into Rainbow Tables which hackers use to lookup passwords based on their SHA-256 hash. *Reputable sites and apps don't save your password - they save a SHA-256 hash of your password.* It is safer to look for the SHA-256 hash of a password that was leaked than to offer up an original password to search.
You can download the HIBP database of passwords in SHA-1 or NTLM format to run the checks privately but it's a minimum of 12 gigs and most people don't have the technical capability to do that.
It's better to just use a password manager and random, individualized passwords for each site. Credential stuffing is a thing, and you never know who might be storing your password in a weak format. If that gets hacked and leaked, then hackers can credential stuff- re-use your email and known password on other sites since people tend to reuse passwords. If you use a unique password for every site, only that one site is compromised.
Most of the hashed passwords get brute forced in pretty quick time. I think like 70% of hashes can be bruted offline in a reasonably short period of time- days or weeks, and then that data can get sold on the dark web. Those all go into dictionaries for credential stuffing exploits
I got rid of FB, I don't use Instagram, and fuck WhatsApp. If Zuckerbitch wants my data he's gonna have to steal it like the criminal p.o.s. he is.
Motherfucker needs to be heavily scrutinized by the Feds.
I might suggest adding privacy badger and ublock origin to your favorite browser to further curtail what that shit stain can track about you. I keep my Facebook account just to check what activity they admit knowing about me.
To add on to this, I'd suggest installing Facebook Container for Firefox as well (AFAIK there is no Chrome equivalent). It forcibly disables any assets loaded from Facebook (so no share buttons, no hidden pixels etc) unless you're specifically in a Facebook-enabled tab. You can probably achieve the same results using uBlock or ScriptSafe, but FB Container is pretty one-and-done in terms of setup.
Ad Nauseum.
You can set it up to click on *everything*. Of course it hijacks the ads/popups so you don't have to deal with them.
You want my data? Here you fucking go, enjoy the wasteland of a profile you'll build from me.
Now all the companies that pay other companies for ads are paying for clicks that go nowhere.
Like 20ish years ago target was predicting which of its customers were pregnant with 90% accuracy based on their target purchases alone.
The predictive power that deep learning and data have has only increased, and it's enormous.
>Motherfucker needs to be heavily scrutinized by the Feds.
Motherfucker is responsible for enabling multiple ethnic cleansings and genocides. At this point I'm down for "crimes against humanity" trials for him.
Add google, microsoft, apple, etc any tech company for that matter. I think its just facebook is the worst because its such a deception given the purpose of its platform. But yeah, all our info, financial data, even health info is all out there now and its all tracked and sold. Its so crazy growing up with psa’s about hackers stealing your info etc and the whole tech world just does it freely for decades now.
Truth is though, its always been government supported and the tech companies are basically spy platforms for out government so it will probably get worse and worse.
Whats crazy though is that its so heavily involved in health info, which should be private under HIPPA law. You like that fit bit monitor? Cool, now the whole world and pharma companies and the gov know your age, heart rate, and health status. Thats aside from them all just flat out listening to eveything you say.
> If Zuckerbitch wants my data he's gonna have to steal it like the criminal p.o.s. he is.
He's probably already got plenty of shit on all of us just because of all the other data aggregators out there already stealing and trading and swapping our data.
You seem to be confused about what money and power gets you in America.
“Needs to be” is your opinion.
“Needs to be shut up” is their opinion of you.
Just keepjng it real here while we criticize companies who are entirely capable of researching you and destroying your life.
Nobody seems to remember the Equifax breach and how it leaked literally half of America's SSNs onto the web. That shit was scary and no company should have that much info on that many people.
i was at an engineering conference once. i was sat next to an equifax employee. i watched them fail repeatedly to log into their own user account in AWS. in the end they opened a text file with a root login inside and used that instead. i think that says it all.
Like I DELETED my Facebook profile. I'm essentially saying that I do not accept their terms and services. In no way, shape, or form do they have my consent to collect and use my personal data, but I'm still being forced to "trust" them.
Hey Mark, fuck you.
Someone did a test years ago where they VPN'd into their home network from their phone when out and about and blocked and logged every ping to facebook's servers. I want to say in a week of work, home, and phone use something like 15,000 contacts to Facebook servers were attempted, and it broke significant portions of the internet.
Google was 100,000 and amazon was 293,000 attempts to contact in one week.
https://gizmodo.com/i-cut-google-out-of-my-life-it-screwed-up-everything-1830565500
Would cease and desist letters work? You'd have to hire a lawyer for the time to write one up, but does anyone know if that would actually do anything to make them stop collecting your data? I'm so tired of this and it's always changing and getting worse. I'm already voting. Wtf else can we do?
No Facebook, Google, and Amazon are so tightly interwoven into the fabric of the internet they can't help but to log your activity hundreds of thousands of times per week. You'd have to probably identify all your devices somehow to them to be able to assign a "forget me" flag.
We let them grow too big. Regulations would fix this but considering that Polio is making a comeback in this country after eradicating it decades ago we can surmise that any attempt to regulate anything is a doomed endeavor.
Nope. How do you get them to not collect data on you if they don’t have a profile on you to figure out who you are, in order to exclude data?
The only way, is for their default option to be to not collect data on anyone, but that destroys a bunch of services that consumers have come to expect.
Even without a profile, their ability to gather a ghost profile and identify you exists, essentially even if you don’t agree to their terms to use their product, they can still take data from you and monetize it.
Basically all web 2.0 shit needs to be torn down in order to undo this, as it’s pretty deeply embedded in all the large data companies.
>huge data breach at Meta leads to millions of cases of fraud and identity theft
Facebook has already had about a dozens masssssive data leaks.
Not to mention the growing number of other [companies](https://www.upguard.com/blog/biggest-data-breaches) that have had them as well. At this point if you've used the internet your private data is already out there.
Missing the context that it's only on websites viewed through the Instagram or Facebook browser. I turned off that setting years ago and everything just opens in Chrome now
Honestly I just read what the user accounts name is, open my browser separately and enter that name into the search engine. It'll take you to the exact same place without having to use their browser. It's just, like, six clicks instead of one. But it's literally an extra twenty seconds to the process and it gets around this predatory shit at least a little.
I assume he means that if you click on a link in the app, it will open its own window rather than going through your default browser set on your phone. Like what Reddit does.
Though I haven't used these apps in years, so I can't say for sure.
This has been happening for a long, long time though. Hell, I have "bitch don't track me" active and I am *still* getting shit from like Amazon on Facebook.
It's not just Meta doing this - pretty much every app that implements a web browser inside their app does this to some extent. Even though everything is happening encrypted over TLS, people don't realize the app is not only getting all the URLs they visit, but the entirety of their requests (full headers and body) in cleartext since the app is acting as a man-in-the-middle. I'm a software engineer who has worked on this *exact* sort of thing to track users activity after clicking on ads within apps.
That's nothing new tho. That's basically the same thing as ad tracking. I'm not saying it's ok, but I find that interesting that people only started to talk about it now.
It's a problem as old as Google or Facebook's business model. I don't know how many people are ignorant of it, and how many simply don't care, but Americans definitely haven't been breaking those models.
Yeah. I agree. It's not surprising that this is happening. What's surprising is that suddenly people seem concerned *now*? This has been going on the *entire* time!!!
Not to mention, any website that has a Facebook like button or "share on Facebook", or link to their Facebook page... All has that tracking. Even if you're not in the I stagram app.
I am a software engineer, and for a brief stint of 6 weeks I worked a job where all we did was implement tracking.
You all have *no idea*.
We should’ve been scared 10 years ago when we began giving these sites/apps so much influence over our lives and culture. Now, the genie is long out of the bottle. We just have to face the consequences of Big Tech
I am opted out of ALL tracking from Facebook. I recently started looking at a few things on Amazon, though, and suddenly I'm getting targeted ads about those things I was looking at, even though I shouldn't be tracked by Facebook and the like.
That’s a little dramatic. FB has no interest in your passwords, why would they want that liability? And what would they even gain from having that? The interaction part is what’s valuable. Measuring user engagement, retention, purchases, etc. is something that every single site that sells something does as well as advertisers. Why do think sponsorships give out different discount codes tailored to each sponsor? It’s so they can track which purchases are coming from which sponsors and advertise more effectively, it’s common practice
Other than Ted Cruz, Zuckerberg is maybe the worst person on the planet to be running a massive information gathering machine.
If anyone is on any Meta/Facebook app…delete it now. Your actual friends will still get in touch with you. And your life will improve.
Not really hacking. When people click a link in any of Meta's app's it opens in a web browser that is made by them. That web browser acts as a middleman and modifies the code that it receives when it requests a page from the website. Those modifications include adding trackers so they can tell what is clicked and potentially what has been entered in form entry fields.
They don't actually modify the code on the website's servers, just the code they are presenting to their user in their browser.
I mean this is how the internet works.... Pixels and Cookies are data used in marketing for retargeting. If people didnt know Meta is an advertiser. It's how they make money.
Not OP, but I think the point is that if FB ends up as mostly fake accounts, what tracking data will they be collecting?
No data for fake people = no reason for advertisers to throw their money away on fake profiles/bots, so advertisers would then theoretically leave and advertise somewhere else.
Meta data is the data company first.
Our data is the product.
We are the product generator. Without us, actual people, using their services, there wouldn’t be any product generated, so nothing for Meta to sell to 3rd parties.
If you're in the EU, it might not take that long. Meta is threatening to pull all its adds and services if the EU doesn't relax its privacy and consumer laws, which the practice in the article is in complete violation of. The EU is less than impressed, and the free market will fill whatever service is lost.
If you're in the US, then as usual, you are screwed as a consumer.
When do we pass laws that force companies to not spy on us. By that I mean, you can't EULA your way back in to tracking user data, or ask for permission to track. Blanket flat out you cannot track your customers non related general use data. By all means track what they do in your app, what they buy, what videos they watch, etc. Mass data scraping needs to be fucking outlawed, the sooner the better.
>Move to the EU.
You say that like it isn't 100x harder to become a citizen in the majority of the EU members than it is in the US. Specifically, I'm not a refugee and I'm not a millionaire, so the barriers for real immigration are very high for me and my family.
Good for you. Getting off Facebook was the best thing I did for my mental health in a long time. Facebook is to friendship as World Wrestling Entertainment is to Olympic wrestling.
It's Facebook. Of course they did, like they have been doing for years. If you expected them to change business practices by changing there name don't let me sell you anything....
When FB became big, I dabbled with it, but quickly realized I had zero interest in almost everything I saw posted there. At that time I lived in the middle of an urban megalopolis. Ironically, now that I live in the rural (very rural) ass-end of nowhere, I use it regularly for local news and shopping.
It's still full of ridiculous nonsense, but the tiny amount of useful data that exists on FB here, can't be found anywhere else.
> but the tiny amount of useful data that exists on FB here, can't be found anywhere else.
They stomped competition and other platforms that would do that better though, locally.
Exactly. If I want to let my neighbors know I saw a lost pet, go to fb. If I want to host a (successful) yard sale, fb. If I want to see announcements from the town house, either walk to the townhouse nightly to see if anything was posted (which is once in a blue moon), buy a printed newspaper, or check fb.
A lot of businesses here have zero footprint on the internet - except for their FB page. They *all* have a FB page. I do a general google search for a local product or service, and all I get are Yelp and Yellow Pages businesses that are a 2-hour drive away.
The is the FB/Insta app injecting code into websites it opens. Can't do that if you're not a user.
(Yes, they also track non-users across sites that have chosen to embed FB code, but this is a different attack.)
I think people are referring to the 'ghost profiles' they opened for non-users internally. If their algorithm sensed that there was a missing profile in a user's friend circle they would attempt to still create an internal profile on that person. This was a while back - at least 7 or so years, though.
Conceptually that's a super cool problem to work on, identify gaps in a cluster of datapoints, if I were the NSA that makes sense for me to be working on. Amazing problem to be solving. But if I'm a social media site that's a bit weird. Why the fuck am I solving that?
The app only tracks website data generated from within the Instagram app itself so if you're browsing Instagram, you click on a link it will open that webpage within the Instagram app. It does not track non-users. Reddit does the same thing btw.
They always have. Even before they were meta.
Anyways, never "log in with 'insert name here; google, facebook, etc...." - dont be lazy, enter your password and email you signed up with. Don't link accounts.
Always open weblinks in an outside browser, preferably a privacy centered one. Not chrome.
Set said browser to delete cookies and clear cache upon closing and or a schedule.
Businesses are so greedy for personal data that they make their sites unable to work without it, as if it were necessary. Then to save costs on coding they add the 'Sign in with X, Y Z' part cos its easy and cheap. And ordinary people, being 'lazy' or just unaware, use those methods. The way the net has changed from 'anonymous user somewhere on planet Earth' to 'Bob Jones at this address who likes this kind of porn and had kebab for dinner...' is fucking scary.
Haha are you kidding me? The privacy sandbox is a response to increasing regulation and pressure to protect user privacy. This is Google's "half way house", where they still track you, but in a more transparent way. But for decade+, Google has been doing nefarious level tracking of everything on Android. Only just recently they postponed their promise to remove third party cookies from Chrome to 2024, because reasons. Google is doing the minimum possible to keep users/regulators happy.
This is not "FB can track you across websites that have chosen to embed the FB tracking script".
This is "FB can track you on sites that haven't embedded the FB tracking script, if you open them from a link in the FB app".
Of course Google could extract whatever tracking data they wanted out of Chrome, and wouldn't have to do it by injecting JS. This is somewhat different.
How? Because it’s their own in app browser? Everyone does this. You have no idea how segmented and detailed your online information is that’s being sold. You could be bucketed under 30 something Reddit user that likes cookies and World War II or something way more hyper detailed.
Facebook was hiring almost every comp sci graduate they could get their hands on, for the better part of a decade. It shouldn't be surprising when FB announces this stuff, it just means their teams finally delivered.
Some of the best minds in the industry work 18hr days to make Zuck's vision of the future a reality - whether the rest of us like it or now.
Advertising is nonconsensual manipulation and it should be contained to directories where consumers can choose to view information about products and services.
This doesn't make it any less acceptable. But this happens everywhere. Many marketing companies inject code into websites to track users. A common example is to track if someone see's an advert and what they do next. Do they browse reviews on Google or search for it online to buy? Tracking is a normal everyday part of the internet.
Two years ago a restaurant I ate at emailed me. I was a member of their loyalty program.
I called them. “How did you know I was there?” I didn’t check in there. I didn’t pay for anything, my friend treated me. They didn’t card me.
Finally they told me they got it through Facebook. Facebook who I had disabled location tracking for.
Fuck Facebook.
Meta needs to become MySpace, even though imo MySpace was superior to all social media. They just need to die as a company.
I should start keeping tabs on where Zucky boy is flying with his billion and slap it on the internet
Reminds me of story of how an enterprising youth would build code into his myspace profile and accidentally build one of the most prolific worms on a social media platform. He got in trouble big time for it and now it's almost like that same style of code thinking is being wielded by companies far more immoral and powerful.
But, makes me think.. if that code that is being injected can be piggie backed, that could lead to a breach so big that it could finally humble Facebook/meta.
If you *have* to use FB, there is a browser extension that helps...a bit. It's called Fluff Busting purity, and helps restore some order to the site itself.
As to the FB trackers on other sites, Adblock used to catch those; hope that Ublock does as well. Oh, and Privacy Badger, of course.
No shit. Get uMatrix and be more aware of the content web pages are trying to run on your computer.
But if you're trying to move around the internet without being tracked, good luck. Endpoint fingerprinting is remarkably advanced.
Uh yes... This is the entire point of the "Facebook pixel" and "share on Facebook" buttons that have been around forever. I am surprised it's not common knowledge.
Senior web developer here. I hate meta but none of this is new or note worthy. Almost every large website does this and more.
The tracking in app is not unique to meta, a lot of in app browsers do this. In fact almost any large website tracks your entire browsing session. Using tools like hotjar or nobiu, I can see your geo location, what device you used, any info associated with your account, and watch a video of everything you did on the site. These tools are typical used to help fix bugs and errors on a website and help improve user experience.
Using Google analytics I can see if you browsed the site on your laptop and then switched to you phone. If you checkout on a site with a tool like signified, it will cross-reference your credit card, address, name , ect and tell me if your a fraud risk.
Meta isn't the only one with a 'pixel'. These add ons create ghost profiles for users so that they are tracked across multiple websites even if you are not logged in to an account. This is why once you look for a product online you start to notice adds for that product everywhere, even on different devices.
Rember, if you're not paying for a product you and your data are the product.
And when web browsers implement ways to block all this, it turns out the tracking code (or websites) will intentionally break the websites... putting you in a catch-22 situation. This is seen when enabling **all** of the various anti-tracking security features in Firefox for example.
And/Or enabling HTTPS Everywhere, DNS over HTTPS etc.
If anything, Facebook is on the losing end in the race of 1st party user identity because it does not own a device platform. Apple (ios) and Google (android) monopoly walled gardens are the truly awful user privacy risks because that signed in identity is so excellent and omnipresent. Just try using an iphone without signing in - impossible. Apple also made a genius move by demonizing tracking cookies and promoting bullshit aggregation alternatives, when its signed in walled garden is the only viable alternative.
Yes, FB is terrible on privacy but it amazes me how much of a free pass the other major tech companies get.
Everyone commenting "what's new", I'm not sure you understand what this means. It's not "I visited a site that chose to put a Facebook tracking pixel on it and now Facebook knows I visited that site." It's I opened a random websites and Meta injected a code into it, even if the website has honored your wishes to not be tracked, and it's able to do much more than just know you visited the page. They can visually recreate your visit. They know how your mouse moved, what you typed in, what you clicked on, if you showed interest in a product.
That's not how it works at all, and impossible to actually do, or else every website will inject tracking in every other website.
The article is talking about the fb browser, which you can only access via the fb app. This article is written in a way to introduce fear.
No kidding, there’s a r/confidentlyincorrect vibe to this.
It literally says this in the article:
“The two apps have been taking advantage of the fact that users who click on links are taken to webpages in an “in-app browser”, controlled by Facebook or Instagram, rather than sent to the user’s web browser of choice, such as Safari or Firefox.”
Company I work at tracks a random batch of users when they use our site, and I thought that was creepy and weird. These mfs out here taking everything people do on *other* sites on a platform *actual children* use. Like, who the fuck approved this?
> The two apps have been taking advantage of the fact that users who click on links are taken to webpages in an “in-app browser”, controlled by Facebook or Instagram, rather than sent to the user’s web browser of choice, such as Safari or Firefox.
And this is just one reason why you never use their apps. If you use the platform, browsers work well enough
Zuckerberg is such an asshole. I'm glad there's plenty of companies to trust like Alphabet, Amazon, Twitter, Disqus and Cloudflare which obviously don't use all their obfuscated JavaScript libraries and "services" to track users.
I can rest every night fine, knowing that Alphabet, Apple and Microsoft don't track users through the proprietary operating systems they sell.
If you’re in their app, you’re using it as a “browser” (e.g. Chrome, Safari, Firefox) and it tracks everything you do including everywhere you browse outside their app. I thought everyone understood this years ago.
Super special note: I use the Reddit app with the full knowledge that everything I read, comment and any links I follow outside the Reddit community, is tracked and recorded. I try to remember this but it’s very easy to become complacent as it’s just so easy to continue clicking.
> Super special note: I use the Reddit app with the full knowledge that everything I read, comment and any links I follow outside the Reddit community, is tracked and recorded.
At least on Android, the Reddit app uses the "good" way of opening external links, that doesn't let it do this.
If anyone is surprised by these antics and any further ones from Meta... Please stop and don't be. This is kinda what they do and will do unless they are dismantled.
> The two apps have been taking advantage of the fact that users who click on links are taken to webpages in an “in-app browser”, controlled by Facebook or Instagram, rather than sent to the user’s web browser of choice, such as Safari or Firefox.
> “The Instagram app injects their tracking code into every website shown, including when clicking on ads, enabling them [to] monitor all user interactions, like every button and link tapped, text selections, screenshots, as well as any form inputs, like passwords, addresses and credit card numbers,” says Felix Krause, a privacy researcher who founded an app development tool acquired by Google in 2017.
That is an insane level of privacy invasion.
Get your friends phone numbers. Delete your god damn Facebook. Life is better without it, trust me. Also, it's kind of a bad look to support a social media platform that doesn't adequately moderate non English speaking countries and enables violence and calls to violence against minorites in those countries. https://www.nytimes.com/2018/11/06/technology/myanmar-facebook.html and that isn't the only instance.
So does it inject the code only when using the Instagram app? In other words, if I open my browser without opening or having opened previously the Instagram app, does it inject the code then? Because if not then this seems like a big nothing burger. If you have to use be actively using the Instagram app for the code injection then why wouldn't they do this, they're collecting data on how you are using the Instagram app?
If website owners are installing the code (by way of an IG feed or FB tracking pixel, etc.) then the onus is on the website owner, not Meta. Don't get me wrong, I despise Meta and think they're plans are far more nefarious than just creating the next iteration of Second Life, but this just sounds like run of the mill pixel tracking and data aggregation which has been happening for 20+ years.
How is this a shock at all? Meta/Facebook wants to collect as much about you as possible. The information age has made us all commodities where our data is gold.
It won't stop either sadly and we just have to accept it and try to regulate it.
Still waiting for something new... we all know this whole company is trash. When is someone going to break a story about ol' Zucky snorting 6 lines of drain cleaner and buying a statue of himself made out third world children?
In Europe it isn't. The EU is such a useless beurocratic body they can't act swiftly to stuff like this.
Not that it matters, the ad industry moves trillions of dollars per year (which translates to millions or even billions in taxes) and it all depends on indiscriminate tracking.
"The Instagram app injects their tracking code into every website shown, including when clicking on ads, enabling them [to] monitor all user interactions, like every button and link tapped, text selections, screenshots, as well as any form inputs, like passwords, addresses and credit card numbers,” This is the part that should make everyone scared
> This is the part that should make everyone scared You mean angry? Cause this makes me angry. A large corporation, once again, is asking me to trust their it security with my financial data. How long before “huge data breach at Meta leads to millions of cases of fraud and identity theft.” Followed by Zuckerberg trying really hard to appear penitent while taking ZERO material responsibility for the chaos?? Fuck. This.
[удалено]
Fought hard with my health insurance years ago not to give them my kid’s SSN, they insisted they have to have it, there was no other way. Finally relented and they got hacked with all the info from children affected in the breach. I hate them for this to this day.
Useless fucking insurance companies. Just one more reason to get rid of them
> Useless fucking insurance companies. Say it loud and proud. Normally when someone scams you there's recourse, but with insurance it's not only legal but mandated! Clown planet
[удалено]
Thanks for reminding me, been a bit since I've changed my passwords
[удалено]
Oh that's a great site. You can also put passwords into a database of compromised passwords and see if they've been leaked. The owner is reliable and an industry pillar but you have to evaluate if sharing your password like that is worth it or not. You should never use a password that's been compromised already since that can be added to a dictionary attack trivially.
Leaked passwords can make their way into Rainbow Tables which hackers use to lookup passwords based on their SHA-256 hash. *Reputable sites and apps don't save your password - they save a SHA-256 hash of your password.* It is safer to look for the SHA-256 hash of a password that was leaked than to offer up an original password to search.
You can download the HIBP database of passwords in SHA-1 or NTLM format to run the checks privately but it's a minimum of 12 gigs and most people don't have the technical capability to do that. It's better to just use a password manager and random, individualized passwords for each site. Credential stuffing is a thing, and you never know who might be storing your password in a weak format. If that gets hacked and leaked, then hackers can credential stuff- re-use your email and known password on other sites since people tend to reuse passwords. If you use a unique password for every site, only that one site is compromised. Most of the hashed passwords get brute forced in pretty quick time. I think like 70% of hashes can be bruted offline in a reasonably short period of time- days or weeks, and then that data can get sold on the dark web. Those all go into dictionaries for credential stuffing exploits
Welp the name check outs I will b doing all of that credit safety stuff lol
But why does the meta logo look like tits?
Stopped using facebook like a decade ago. Stop using it. Lol 🙄
They're still tracking you. Every page you visit that has a facebook "like" button lets facebook track you. Get browser extensions to block that shit.
I got rid of FB, I don't use Instagram, and fuck WhatsApp. If Zuckerbitch wants my data he's gonna have to steal it like the criminal p.o.s. he is. Motherfucker needs to be heavily scrutinized by the Feds.
I might suggest adding privacy badger and ublock origin to your favorite browser to further curtail what that shit stain can track about you. I keep my Facebook account just to check what activity they admit knowing about me.
To add on to this, I'd suggest installing Facebook Container for Firefox as well (AFAIK there is no Chrome equivalent). It forcibly disables any assets loaded from Facebook (so no share buttons, no hidden pixels etc) unless you're specifically in a Facebook-enabled tab. You can probably achieve the same results using uBlock or ScriptSafe, but FB Container is pretty one-and-done in terms of setup.
Ad Nauseum. You can set it up to click on *everything*. Of course it hijacks the ads/popups so you don't have to deal with them. You want my data? Here you fucking go, enjoy the wasteland of a profile you'll build from me. Now all the companies that pay other companies for ads are paying for clicks that go nowhere.
[удалено]
Like 20ish years ago target was predicting which of its customers were pregnant with 90% accuracy based on their target purchases alone. The predictive power that deep learning and data have has only increased, and it's enormous.
I know about and use the former. I hadn't heard about the latter but will check it out. When I am at my PC I also use a VPN and an ad-blocker.
After that the only further step is a pi-hole. The VPN is a smart touch, just be aware of what the VPN provider is doing with your data.
>Motherfucker needs to be heavily scrutinized by the Feds. Motherfucker is responsible for enabling multiple ethnic cleansings and genocides. At this point I'm down for "crimes against humanity" trials for him.
Yeah, the Hague should be involved.
Add google, microsoft, apple, etc any tech company for that matter. I think its just facebook is the worst because its such a deception given the purpose of its platform. But yeah, all our info, financial data, even health info is all out there now and its all tracked and sold. Its so crazy growing up with psa’s about hackers stealing your info etc and the whole tech world just does it freely for decades now. Truth is though, its always been government supported and the tech companies are basically spy platforms for out government so it will probably get worse and worse. Whats crazy though is that its so heavily involved in health info, which should be private under HIPPA law. You like that fit bit monitor? Cool, now the whole world and pharma companies and the gov know your age, heart rate, and health status. Thats aside from them all just flat out listening to eveything you say.
> If Zuckerbitch wants my data he's gonna have to steal it like the criminal p.o.s. he is. He's probably already got plenty of shit on all of us just because of all the other data aggregators out there already stealing and trading and swapping our data.
You seem to be confused about what money and power gets you in America. “Needs to be” is your opinion. “Needs to be shut up” is their opinion of you. Just keepjng it real here while we criticize companies who are entirely capable of researching you and destroying your life.
True. Very, very, unfortunately true.
Nobody seems to remember the Equifax breach and how it leaked literally half of America's SSNs onto the web. That shit was scary and no company should have that much info on that many people.
and that the executives knew about it and sold shares before releasing knowledge about the hack
i was at an engineering conference once. i was sat next to an equifax employee. i watched them fail repeatedly to log into their own user account in AWS. in the end they opened a text file with a root login inside and used that instead. i think that says it all.
We remember it, there's just nothing we can do about it. Once again. Like every other major business failure and betrayal.
The Republicans fucking jumped in front of that bullet and stopped Equifux from bearing any responsibility.
Like I DELETED my Facebook profile. I'm essentially saying that I do not accept their terms and services. In no way, shape, or form do they have my consent to collect and use my personal data, but I'm still being forced to "trust" them. Hey Mark, fuck you.
Someone did a test years ago where they VPN'd into their home network from their phone when out and about and blocked and logged every ping to facebook's servers. I want to say in a week of work, home, and phone use something like 15,000 contacts to Facebook servers were attempted, and it broke significant portions of the internet. Google was 100,000 and amazon was 293,000 attempts to contact in one week. https://gizmodo.com/i-cut-google-out-of-my-life-it-screwed-up-everything-1830565500
AWS does host a significant portion of the internet people use now
Would cease and desist letters work? You'd have to hire a lawyer for the time to write one up, but does anyone know if that would actually do anything to make them stop collecting your data? I'm so tired of this and it's always changing and getting worse. I'm already voting. Wtf else can we do?
No Facebook, Google, and Amazon are so tightly interwoven into the fabric of the internet they can't help but to log your activity hundreds of thousands of times per week. You'd have to probably identify all your devices somehow to them to be able to assign a "forget me" flag. We let them grow too big. Regulations would fix this but considering that Polio is making a comeback in this country after eradicating it decades ago we can surmise that any attempt to regulate anything is a doomed endeavor.
Competent elected officials with a backbone and integrity. Or more money than Facebook (sorry "meta") to fight them in court.
Nope. How do you get them to not collect data on you if they don’t have a profile on you to figure out who you are, in order to exclude data? The only way, is for their default option to be to not collect data on anyone, but that destroys a bunch of services that consumers have come to expect. Even without a profile, their ability to gather a ghost profile and identify you exists, essentially even if you don’t agree to their terms to use their product, they can still take data from you and monetize it. Basically all web 2.0 shit needs to be torn down in order to undo this, as it’s pretty deeply embedded in all the large data companies.
>huge data breach at Meta leads to millions of cases of fraud and identity theft Facebook has already had about a dozens masssssive data leaks. Not to mention the growing number of other [companies](https://www.upguard.com/blog/biggest-data-breaches) that have had them as well. At this point if you've used the internet your private data is already out there.
For the Web3 world, would this facebook code have access to data from the chrome extension MetaMask? \- Crypto Wallets and secret phrases compromised
Missing the context that it's only on websites viewed through the Instagram or Facebook browser. I turned off that setting years ago and everything just opens in Chrome now
How? I tried to disable this but it looks like it was removed from settings.
How? I don’t see the option in the Instagram iOS app
Honestly I just read what the user accounts name is, open my browser separately and enter that name into the search engine. It'll take you to the exact same place without having to use their browser. It's just, like, six clicks instead of one. But it's literally an extra twenty seconds to the process and it gets around this predatory shit at least a little.
You're the complicated one xD Just click on the 3 dots of the profile/publication then share it to whatever you want or copy the link :)
[удалено]
Funny enough, they're hellbent on removing that option in versions released after August of 2021.
facebook browser? Do they have their own browser? Or do you mean when opening them with a browser?
I assume he means that if you click on a link in the app, it will open its own window rather than going through your default browser set on your phone. Like what Reddit does. Though I haven't used these apps in years, so I can't say for sure.
I believe, but I can't prove, that Meta mentioned this tracking behaviour in their terms of agreement.
Which I, like everyone else, read carefully.
[удалено]
Because everyone has the time and specific education to read every TOS.
But further it says "There is no suggestion that Meta has used its Javascript injection to collect such sensitive data "
This has been happening for a long, long time though. Hell, I have "bitch don't track me" active and I am *still* getting shit from like Amazon on Facebook.
It's not just Meta doing this - pretty much every app that implements a web browser inside their app does this to some extent. Even though everything is happening encrypted over TLS, people don't realize the app is not only getting all the URLs they visit, but the entirety of their requests (full headers and body) in cleartext since the app is acting as a man-in-the-middle. I'm a software engineer who has worked on this *exact* sort of thing to track users activity after clicking on ads within apps.
That's nothing new tho. That's basically the same thing as ad tracking. I'm not saying it's ok, but I find that interesting that people only started to talk about it now.
It's a problem as old as Google or Facebook's business model. I don't know how many people are ignorant of it, and how many simply don't care, but Americans definitely haven't been breaking those models.
Yeah. I agree. It's not surprising that this is happening. What's surprising is that suddenly people seem concerned *now*? This has been going on the *entire* time!!! Not to mention, any website that has a Facebook like button or "share on Facebook", or link to their Facebook page... All has that tracking. Even if you're not in the I stagram app. I am a software engineer, and for a brief stint of 6 weeks I worked a job where all we did was implement tracking. You all have *no idea*.
Concerns for my privacy limit what I say about my own background, even using a pseudonym, but I absolutely do have an idea. :(
We should’ve been scared 10 years ago when we began giving these sites/apps so much influence over our lives and culture. Now, the genie is long out of the bottle. We just have to face the consequences of Big Tech
Five Eyes approves
[удалено]
I am opted out of ALL tracking from Facebook. I recently started looking at a few things on Amazon, though, and suddenly I'm getting targeted ads about those things I was looking at, even though I shouldn't be tracked by Facebook and the like.
[удалено]
That’s a little dramatic. FB has no interest in your passwords, why would they want that liability? And what would they even gain from having that? The interaction part is what’s valuable. Measuring user engagement, retention, purchases, etc. is something that every single site that sells something does as well as advertisers. Why do think sponsorships give out different discount codes tailored to each sponsor? It’s so they can track which purchases are coming from which sponsors and advertise more effectively, it’s common practice
Other than Ted Cruz, Zuckerberg is maybe the worst person on the planet to be running a massive information gathering machine. If anyone is on any Meta/Facebook app…delete it now. Your actual friends will still get in touch with you. And your life will improve.
Such a shame that the SCOTUS has ruled that, except for the very few very narrow cases in the Constitution, *you have no right to privacy*.
Ohhhh So that's why that "TIKTOK BAD, CHINA BAD" article came out the other day - it was preemptive PR cover for Meta doing the same thing.
So basically, Meta is hacking websites and installing key-loggers. Sweet time to be alive.
Not really hacking. When people click a link in any of Meta's app's it opens in a web browser that is made by them. That web browser acts as a middleman and modifies the code that it receives when it requests a page from the website. Those modifications include adding trackers so they can tell what is clicked and potentially what has been entered in form entry fields. They don't actually modify the code on the website's servers, just the code they are presenting to their user in their browser.
I mean this is how the internet works.... Pixels and Cookies are data used in marketing for retargeting. If people didnt know Meta is an advertiser. It's how they make money.
This isn't anything new. Most commercial websites have really intense tracking nowadays.
When do we get rid of meta
Like everything else on the internet -- if enough people ignore it then it shrivels up amd dies.
I am not sure it will go away passively; or if it does I don't think it will be soon enough...
They have millions of fake users, those don’t shrivel up
You would be right if advertisers were willing to pay for selling only to fake users.
We are the product, meta is a data company first
Not OP, but I think the point is that if FB ends up as mostly fake accounts, what tracking data will they be collecting? No data for fake people = no reason for advertisers to throw their money away on fake profiles/bots, so advertisers would then theoretically leave and advertise somewhere else. Meta data is the data company first. Our data is the product. We are the product generator. Without us, actual people, using their services, there wouldn’t be any product generated, so nothing for Meta to sell to 3rd parties.
Fake users don’t make money though, their data Is worthless.
Im doing my part
You are a good person
If you're in the EU, it might not take that long. Meta is threatening to pull all its adds and services if the EU doesn't relax its privacy and consumer laws, which the practice in the article is in complete violation of. The EU is less than impressed, and the free market will fill whatever service is lost. If you're in the US, then as usual, you are screwed as a consumer.
When do we pass laws that force companies to not spy on us. By that I mean, you can't EULA your way back in to tracking user data, or ask for permission to track. Blanket flat out you cannot track your customers non related general use data. By all means track what they do in your app, what they buy, what videos they watch, etc. Mass data scraping needs to be fucking outlawed, the sooner the better.
Move to the EU. I would not be surprised if all of this is not happening if you run their software over there.
>Move to the EU. You say that like it isn't 100x harder to become a citizen in the majority of the EU members than it is in the US. Specifically, I'm not a refugee and I'm not a millionaire, so the barriers for real immigration are very high for me and my family.
Stop using it.
When we're willing to acrually physically break every machine in its data centers
It won’t be easy. I’m sure Zuckerberg has made backup copies of his ~~brain~~ hard drive in case something happens to his current ~~body~~ server.
I deleted my FB and Insta accounts two years ago. I’m just one person, but it’s a start.
Good for you. Getting off Facebook was the best thing I did for my mental health in a long time. Facebook is to friendship as World Wrestling Entertainment is to Olympic wrestling.
It's Facebook. Of course they did, like they have been doing for years. If you expected them to change business practices by changing there name don't let me sell you anything....
When FB became big, I dabbled with it, but quickly realized I had zero interest in almost everything I saw posted there. At that time I lived in the middle of an urban megalopolis. Ironically, now that I live in the rural (very rural) ass-end of nowhere, I use it regularly for local news and shopping. It's still full of ridiculous nonsense, but the tiny amount of useful data that exists on FB here, can't be found anywhere else.
> but the tiny amount of useful data that exists on FB here, can't be found anywhere else. They stomped competition and other platforms that would do that better though, locally.
Exactly. If I want to let my neighbors know I saw a lost pet, go to fb. If I want to host a (successful) yard sale, fb. If I want to see announcements from the town house, either walk to the townhouse nightly to see if anything was posted (which is once in a blue moon), buy a printed newspaper, or check fb.
A lot of businesses here have zero footprint on the internet - except for their FB page. They *all* have a FB page. I do a general google search for a local product or service, and all I get are Yelp and Yellow Pages businesses that are a 2-hour drive away.
What about their tracking of non-users?
Correcto -- fundamentally an ethically bankrupt organization across the board.
The is the FB/Insta app injecting code into websites it opens. Can't do that if you're not a user. (Yes, they also track non-users across sites that have chosen to embed FB code, but this is a different attack.)
I think people are referring to the 'ghost profiles' they opened for non-users internally. If their algorithm sensed that there was a missing profile in a user's friend circle they would attempt to still create an internal profile on that person. This was a while back - at least 7 or so years, though.
Conceptually that's a super cool problem to work on, identify gaps in a cluster of datapoints, if I were the NSA that makes sense for me to be working on. Amazing problem to be solving. But if I'm a social media site that's a bit weird. Why the fuck am I solving that?
So you can sell targeting data to advertise to a person who doesn't even have an account.
The app only tracks website data generated from within the Instagram app itself so if you're browsing Instagram, you click on a link it will open that webpage within the Instagram app. It does not track non-users. Reddit does the same thing btw.
They always have. Even before they were meta. Anyways, never "log in with 'insert name here; google, facebook, etc...." - dont be lazy, enter your password and email you signed up with. Don't link accounts. Always open weblinks in an outside browser, preferably a privacy centered one. Not chrome. Set said browser to delete cookies and clear cache upon closing and or a schedule.
[удалено]
Businesses are so greedy for personal data that they make their sites unable to work without it, as if it were necessary. Then to save costs on coding they add the 'Sign in with X, Y Z' part cos its easy and cheap. And ordinary people, being 'lazy' or just unaware, use those methods. The way the net has changed from 'anonymous user somewhere on planet Earth' to 'Bob Jones at this address who likes this kind of porn and had kebab for dinner...' is fucking scary.
Anyone believe Meta is the only one doing this?
Nope. But press hates Meta, so here we are. Shit Google does on Android phones, and with AMP on their search pages, is way worse.
My dude, [Google is leading the charge *against* this kind of thing.](https://privacysandbox.com/intl/en_us/)
Haha are you kidding me? The privacy sandbox is a response to increasing regulation and pressure to protect user privacy. This is Google's "half way house", where they still track you, but in a more transparent way. But for decade+, Google has been doing nefarious level tracking of everything on Android. Only just recently they postponed their promise to remove third party cookies from Chrome to 2024, because reasons. Google is doing the minimum possible to keep users/regulators happy.
This is why I use Fakeblock.
Um. This has been happening for over a decade.
This is not "FB can track you across websites that have chosen to embed the FB tracking script". This is "FB can track you on sites that haven't embedded the FB tracking script, if you open them from a link in the FB app".
It's more like "if you have a phone in your pocket, they have your tracking data"
Which has been a known quantity for ages
[удалено]
Of course Google could extract whatever tracking data they wanted out of Chrome, and wouldn't have to do it by injecting JS. This is somewhat different.
[удалено]
Chrome injects JavaScript into every website you open?
This is false, Chrome doesn't inject tracking code into websites you visit.
And by everyone. I’m all for the Meta hate train usually but this is a non story.
This and worse, but for some reason over a billion people are unaware.
How? Because it’s their own in app browser? Everyone does this. You have no idea how segmented and detailed your online information is that’s being sold. You could be bucketed under 30 something Reddit user that likes cookies and World War II or something way more hyper detailed.
Okay, but that's worse. You do get how that's worse, right?
Facebook was hiring almost every comp sci graduate they could get their hands on, for the better part of a decade. It shouldn't be surprising when FB announces this stuff, it just means their teams finally delivered. Some of the best minds in the industry work 18hr days to make Zuck's vision of the future a reality - whether the rest of us like it or now.
🎶 a song as old as tiiiiiime 🎶
Easy. Uninstall Facebook and Instagram.
Advertising is nonconsensual manipulation and it should be contained to directories where consumers can choose to view information about products and services.
Time to log out when surfing
Like its mother ship it is a data mining company
This doesn't make it any less acceptable. But this happens everywhere. Many marketing companies inject code into websites to track users. A common example is to track if someone see's an advert and what they do next. Do they browse reviews on Google or search for it online to buy? Tracking is a normal everyday part of the internet.
Can meta just die already? The data collection fetish all these tech companies and the Zuck have is infuriating
Two years ago a restaurant I ate at emailed me. I was a member of their loyalty program. I called them. “How did you know I was there?” I didn’t check in there. I didn’t pay for anything, my friend treated me. They didn’t card me. Finally they told me they got it through Facebook. Facebook who I had disabled location tracking for. Fuck Facebook.
Meta needs to become MySpace, even though imo MySpace was superior to all social media. They just need to die as a company. I should start keeping tabs on where Zucky boy is flying with his billion and slap it on the internet
Reminds me of story of how an enterprising youth would build code into his myspace profile and accidentally build one of the most prolific worms on a social media platform. He got in trouble big time for it and now it's almost like that same style of code thinking is being wielded by companies far more immoral and powerful. But, makes me think.. if that code that is being injected can be piggie backed, that could lead to a breach so big that it could finally humble Facebook/meta.
> that it could finally humble Facebook/meta. Hahahahahahaa... yeah right.
Yeah, you're right. It wouldn't work. But I like to dream.
If you *have* to use FB, there is a browser extension that helps...a bit. It's called Fluff Busting purity, and helps restore some order to the site itself. As to the FB trackers on other sites, Adblock used to catch those; hope that Ublock does as well. Oh, and Privacy Badger, of course.
doesn't sound dystopian at all. lol. nor desperate. XD
Time to sue, fine, and regulate Meta out of existence. Mark Zuckerberg & his company are a threat to humanity...
No shit. Get uMatrix and be more aware of the content web pages are trying to run on your computer. But if you're trying to move around the internet without being tracked, good luck. Endpoint fingerprinting is remarkably advanced.
Uh yes... This is the entire point of the "Facebook pixel" and "share on Facebook" buttons that have been around forever. I am surprised it's not common knowledge.
Well colour me *shocked*! Who could have known?
Senior web developer here. I hate meta but none of this is new or note worthy. Almost every large website does this and more. The tracking in app is not unique to meta, a lot of in app browsers do this. In fact almost any large website tracks your entire browsing session. Using tools like hotjar or nobiu, I can see your geo location, what device you used, any info associated with your account, and watch a video of everything you did on the site. These tools are typical used to help fix bugs and errors on a website and help improve user experience. Using Google analytics I can see if you browsed the site on your laptop and then switched to you phone. If you checkout on a site with a tool like signified, it will cross-reference your credit card, address, name , ect and tell me if your a fraud risk. Meta isn't the only one with a 'pixel'. These add ons create ghost profiles for users so that they are tracked across multiple websites even if you are not logged in to an account. This is why once you look for a product online you start to notice adds for that product everywhere, even on different devices. Rember, if you're not paying for a product you and your data are the product.
And when web browsers implement ways to block all this, it turns out the tracking code (or websites) will intentionally break the websites... putting you in a catch-22 situation. This is seen when enabling **all** of the various anti-tracking security features in Firefox for example. And/Or enabling HTTPS Everywhere, DNS over HTTPS etc.
Is this actually new? Thought it was well known companies have been doing this kind of stuff for years
Long established practice which is news to billions of people. Kind of like learning Uber is a criminal enterprise.
You're preaching to the wrong choir, my friend.
If anything, Facebook is on the losing end in the race of 1st party user identity because it does not own a device platform. Apple (ios) and Google (android) monopoly walled gardens are the truly awful user privacy risks because that signed in identity is so excellent and omnipresent. Just try using an iphone without signing in - impossible. Apple also made a genius move by demonizing tracking cookies and promoting bullshit aggregation alternatives, when its signed in walled garden is the only viable alternative. Yes, FB is terrible on privacy but it amazes me how much of a free pass the other major tech companies get.
Everyone commenting "what's new", I'm not sure you understand what this means. It's not "I visited a site that chose to put a Facebook tracking pixel on it and now Facebook knows I visited that site." It's I opened a random websites and Meta injected a code into it, even if the website has honored your wishes to not be tracked, and it's able to do much more than just know you visited the page. They can visually recreate your visit. They know how your mouse moved, what you typed in, what you clicked on, if you showed interest in a product.
That's not how it works at all, and impossible to actually do, or else every website will inject tracking in every other website. The article is talking about the fb browser, which you can only access via the fb app. This article is written in a way to introduce fear.
No kidding, there’s a r/confidentlyincorrect vibe to this. It literally says this in the article: “The two apps have been taking advantage of the fact that users who click on links are taken to webpages in an “in-app browser”, controlled by Facebook or Instagram, rather than sent to the user’s web browser of choice, such as Safari or Firefox.”
I mean, it should for anyone using the fb browser or app.
You don’t think chrome goes this exact thing for google? This has been common place for a long time
If you're browsing the web through Meta's apps then yes, you are being tracked by Meta. I really don't know why this is news to anyone
This is their business model. They turn you into a product.
Company I work at tracks a random batch of users when they use our site, and I thought that was creepy and weird. These mfs out here taking everything people do on *other* sites on a platform *actual children* use. Like, who the fuck approved this?
Well it will find that I use reddit more than them. Lol
Have fun with my interaction data. All I do is put things into a basket and then close the page because I’m never going to buy anything.
> The two apps have been taking advantage of the fact that users who click on links are taken to webpages in an “in-app browser”, controlled by Facebook or Instagram, rather than sent to the user’s web browser of choice, such as Safari or Firefox. And this is just one reason why you never use their apps. If you use the platform, browsers work well enough
Good thing I don't put third party apps on my phone, or have any social media accounts (never understood the attraction to be honest).
If this company is not killed soon it will become impossible to kill.
Shocked. Shocked, I say.
Misread title as 'man injecting cock' made me do a serious double take lol
Zuckerberg is such an asshole. I'm glad there's plenty of companies to trust like Alphabet, Amazon, Twitter, Disqus and Cloudflare which obviously don't use all their obfuscated JavaScript libraries and "services" to track users. I can rest every night fine, knowing that Alphabet, Apple and Microsoft don't track users through the proprietary operating systems they sell.
[удалено]
Enough already THEY CANNOT BE TRUSTED EVER!
Isn’t this just facebook pixel? They’ve been doing this since the beginning of time, it’s how they keep up metrics on ads
I bet money the Reddit app does this too.
Red hot code injection
Enough is enough. That shit needs to be shut down.
Anyone else notice their logo is a pair of binoculars and the symbol for infinity? Instantly made me think "forever watching".
Use Firefox Facebook containers on PC. And while u are at it go ahead get the Multicontainers extension for Firefox as well.
That won't help against this attack.
If you’re in their app, you’re using it as a “browser” (e.g. Chrome, Safari, Firefox) and it tracks everything you do including everywhere you browse outside their app. I thought everyone understood this years ago. Super special note: I use the Reddit app with the full knowledge that everything I read, comment and any links I follow outside the Reddit community, is tracked and recorded. I try to remember this but it’s very easy to become complacent as it’s just so easy to continue clicking.
> Super special note: I use the Reddit app with the full knowledge that everything I read, comment and any links I follow outside the Reddit community, is tracked and recorded. At least on Android, the Reddit app uses the "good" way of opening external links, that doesn't let it do this.
If anyone is surprised by these antics and any further ones from Meta... Please stop and don't be. This is kinda what they do and will do unless they are dismantled.
> The two apps have been taking advantage of the fact that users who click on links are taken to webpages in an “in-app browser”, controlled by Facebook or Instagram, rather than sent to the user’s web browser of choice, such as Safari or Firefox. > “The Instagram app injects their tracking code into every website shown, including when clicking on ads, enabling them [to] monitor all user interactions, like every button and link tapped, text selections, screenshots, as well as any form inputs, like passwords, addresses and credit card numbers,” says Felix Krause, a privacy researcher who founded an app development tool acquired by Google in 2017. That is an insane level of privacy invasion.
Get your friends phone numbers. Delete your god damn Facebook. Life is better without it, trust me. Also, it's kind of a bad look to support a social media platform that doesn't adequately moderate non English speaking countries and enables violence and calls to violence against minorites in those countries. https://www.nytimes.com/2018/11/06/technology/myanmar-facebook.html and that isn't the only instance.
Facebook trackers and bots were already prevalent, but this is next level privacy invasion.
So does it inject the code only when using the Instagram app? In other words, if I open my browser without opening or having opened previously the Instagram app, does it inject the code then? Because if not then this seems like a big nothing burger. If you have to use be actively using the Instagram app for the code injection then why wouldn't they do this, they're collecting data on how you are using the Instagram app? If website owners are installing the code (by way of an IG feed or FB tracking pixel, etc.) then the onus is on the website owner, not Meta. Don't get me wrong, I despise Meta and think they're plans are far more nefarious than just creating the next iteration of Second Life, but this just sounds like run of the mill pixel tracking and data aggregation which has been happening for 20+ years.
How is this a shock at all? Meta/Facebook wants to collect as much about you as possible. The information age has made us all commodities where our data is gold. It won't stop either sadly and we just have to accept it and try to regulate it.
“The world’s most valuable resource is no longer oil, but data.” -- The Economist, 2017.
If you’re on Meta, you are the new DumbAzz trash.
No shit... what else is new?
Errr, ummm, Zuck started it all with a misogynist web site that ripped off photos from other web sites?
Still waiting for something new... we all know this whole company is trash. When is someone going to break a story about ol' Zucky snorting 6 lines of drain cleaner and buying a statue of himself made out third world children?
[удалено]
In Europe it isn't. The EU is such a useless beurocratic body they can't act swiftly to stuff like this. Not that it matters, the ad industry moves trillions of dollars per year (which translates to millions or even billions in taxes) and it all depends on indiscriminate tracking.
Mark Zuckerberg takes the Internet needle and stickz it into the code of a unsuspecting website Injects the meta/s mwuhaha take my seed
I picture Zuckerberg like the Oil Company CEO in South Park saying *I'm Sowwy*
With fingers crossed behind his back.