How apps on Android share data with Facebook...
At least 61 % of apps automatically transfer data to Facebook the moment people open the app, whether they have a Facebook account or not, or whether they are logged into Facebook or not.
Privacy International gave a talk at #35C3 about that :
Thanks @personanonduvda for the link!
SON OF A BITCH!
@rick_777 Who?... 🧐
@skynebula "We also found that some apps routinely send Facebook data that is incredibly detailed and sometimes sensitive. Again, this concerns data of people who are either logged out of Facebook or who do not have a Facebook account. ... "KAYAK", which sends detailed information about people’s flight searches to Facebook, including: departure city, departure airport, departure date, arrival city, arrival airport, arrival date, number of tickets (including number of children), class of ticket."
@June That's sick... -_-
@Zach @skynebula i presume the investigation effort included analyzing network traffic on a device that had a custom SSL certificate installed and trusted so they could look through the data packets destined for Facebook's URLs. I am not a security researcher and don't have any advice for you on mitigation strategies, though.
I don’t know if there’s an easy way to edit that file on an unrooted phone or if Android’s resolver honours it. And anyway, the app could bypass that. Much better to block it at the network level, but once again, I don’t know if there’s a way to do it without rooting the phone.
What I’d like to see is something like Docker for apps. Wrap all of the APIs to optionally mimic offline and empty.
@skynebula i would be interested to see whether this also happens on iOS.
i'm very disappointed in Clue in particular, they always seemed like a v trustworthy app to me.
@xyzzy Why? They're not?
How can you find out what the bad apps are?
@erosdiscordia You can check the full report here
or the apps analysis here
Just lost where this was shared from, but, thank you. Looks like we will just have to go PureOS way eh! 😔
@personanonduvda Ah cool! Thank you for the video!
@skynebula good post but what in the world is surveillance capitalism?
Server run by the main developers of the project It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!