Meta tried to gain a competitive advantage over its competitors, including Snapchat and later Amazon and YouTube, by analyzing the network traffic of how its users were interacting with Meta’s competitors. Given these apps’ use of encryption, Facebook needed to develop special technology to get around it.
Facebook’s engineers solution was to use Onavo, a VPN-like service that Facebook acquired in 2013. In 2019, Facebook shut down Onavo after a TechCrunch investigation revealed that Facebook had been secretly paying teenagers to use Onavo so the company could access all of their web activity.
After Zuckerberg’s email, the Onavo team took on the project and a month later proposed a solution: so-called kits that can be installed on iOS and Android that intercept traffic for specific subdomains, “allowing us to read what would otherwise be encrypted traffic so we can measure in-app usage,” read an email from July 2016. “This is a ‘man-in-the-middle’ approach.”
A man-in-the-middle attack — nowadays also called adversary-in-the-middle — is an attack where hackers intercept internet traffic flowing from one device to another over a network. When the network traffic is unencrypted, this type of attack allows the hackers to read the data inside, such as usernames, passwords, and other in-app activity.
I must be way out of the loop, cuz I had no idea this was possible. So does this mean the Facebook app on my phone has permission to view all of my network traffic? Why do Android and iOS allow this? Shouldn’t that be a special permission that can only be granted explicitly?
This is why tiktok shouldn’t be banned it will only benefit zucck
Nah. Ban these companies or don’t, we need user privacy protection laws.
And people want to let these parasites integrate into the fediverse
honest question: why does it matter? all data in any fediverse project is public anyways
Please tell me what governing body exists for the fediverse that would let us deny them access?
Diaspora allows for whitelisting visibility of posts to certain users(and servers… depending on where users are hosted)
How is this a relevant question? Nobody said anything about some governing body. There have been discussions on many instances about whether to federate with them or not, and it’s accurate to say that some people think we should.
For example, I’m personally of the opinion that instances should be allowed to federate until they prove themselves to be bad actors, but in Meta’s case there’s a lot of existing evidence that shows they shouldn’t be allowed to federate in the first instance.
Who do you imagine is (or should be) making these rules for the Fediverse?
Every instance gets to decide on its own, there’s no set of rules governing the whole thing. That’s why I stated this is my opinion, not some hard and fast rule.
You stated it very much as a set of rules that should exist. Twice.
For example, I’m personally of the opinion …
Are you replying to the correct person?
This is blatantly circumventing encryption and a violation of the DMCA but lets see the DoJ do fuck all about it.
Right, Biden? Facebook, Good, Tiktok, bad?
Two things can be bad at once.
What Meta did/is doing here is unbelievably shitty (but not that shocking).
That in no way diminishes the incredibly serious implications of TikTok being wholly owned and operated by a PRC-based company, which comes with the implicit but very real and crucial caveat of the CCP will tell you to do just quietly things with your company sometimes, and if you don’t do it, you go to jail indefinitely.
I’d only accept the TikTok argument when it gets applied to all social media companies in equal measure.
We don’t need one-off bans that let the worst offenders get away with exploiting people’s personal data. We need a bill of privacy rights.
So your argument is if the regulation isn’t perfectly applied to every possible instance of a potential violation simultaneously, then it should never be applied? How does that make any sense?
