The HN title/article is slightly misleading with its use of "root access"; the iOS Enterprise Root certs give increased data access outside of an app (e.g. decrypted SSL traffic, like what this app was doing), but not "root access" in the Unix sense.
You can play with them using mitmproxy to generate a Cert and intercept SSL traffic.
It is "root" in the sense of "root certificate"[0] which allows, potentially, the ability to MITM essentially any TLS connection transparently to the user.
Any non-pinned connection, since some apps employ certificate pinning on iOS and can't be intercepted without modifying their application binary. This is uncommon, though.
Agreed, I thought this must be Android then I saw Apple in the article and got really confused. I understood later when I got the root certificate but I've installed a number of those and would never call it "root access". This just allows them to MitM all traffic even TLS.
Ok, we changed the title to use representative language from the article, which is hopefully more accurate. (Submitted title was "Facebook pays teens to download research app with root access outside App Store".)
Indeed, for a second I thought Facebook had figured out a jailbreak and were paying people to try it out. That would certainly be very interesting news (and provoke even more divisiveness in the comments.)
Fortunately, the title has been edited now to remove "root access".
What is Facebook thinking?? Shouldn’t a company which is already getting bad PR for its handling of private data be extra careful about how much personal data it gathers and what it does with it?
I'm emphatically not defending them here, but it may make sense from their perspective. They live and die by ad targeting and maintaining their monopoly power over social networks, both which requires large amounts of personal data. Knowing what apps teenagers have installed and how often those apps are used is instrumental in detecting an up and coming social media rival.
Further, their only major competitor in the ads space is Google, which has access to this information via Android and its control over the Play Store.
Plus, what are the teenagers going to do about it? Facebook also owns Instagram. I guess they could use Snapchat...
Yeah it makes sense, but the problem for their shareholders is their business model will constantly turn them into a huge boogeyman and they'll never recover goodwill that keeps their users stuck to the platform when competitors appear. Mass user migrations happen, and they can happen VERY fast. Wait until a whole country goes off of Facebook.
When you have enough personal data to blackmail anyone who disagrees, you can go pretty damn far.
Eventually they'll encounter a hero, someone important enough who says "fuck it"
Its just speculation, that they're blackmailing anyone to make things happen, but anyone can see the incentive is there. Hard to imagine blackmail isn't just waiting to happen with that kinda data.
Why should Zuckerberg care? You know on the plane ride home from his visit to Congress, he was laughing about the old people who are so out of date they just don't get it. You know he was... He got a finger-waggin' from people he doesn't respect. He's not going to change.
The funny part is you always have those people that show up and say that we are "too hard" on Facebook, and that the NYTimes is just pushing too much and that it's just bad PR, not really bad actions.
And yet, after all this bad PR, Facebook keeps being a shitty company.
I mean Facebook does deserve the negative PR it's receiving, don't get me wrong. I finally deleted my account, too, since it's become too much. It does seem to me like it's very much in their interest of the media to keep attacking Facebook now that it's socially acceptable (Cambridge Analytica stuff and all), since Facebook's one of the companies that greatly influenced and interfered with their possibility to generate an income.
Generation Z and even some millennials are starting to ditch Facebook. The company is desperate to know what the kids are into now. This is what growth-at-all-costs gets you.
Being opt-in and getting compensated are the two things I've seen people want from usage of their data. No one should have an issue with this since it does both.
Regardless of whether Facebook was also trying to deceive users specifically—which we'll never know—they likely wanted to deceive Apple. I'm not going to blame any developer for attempting to bypass Apple's stupid restrictions.
Using intermediaries also allowed Facebook to technically not violate Apple's enterprise certificate contract (because the intermediaries were in violation instead).
> Using intermediaries also allowed Facebook to technically not violate Apple's enterprise certificate contract (because the intermediaries were in violation instead).
I actually though they would have done that, but it used the regular "iPhone Distribution: Facebook, Inc. (In-House)" cert, they didn't even create a shell entity and get a new one. Reports say Apple has revoked this cert, breaking all internal (legitimate) apps and possibly creating quite a bit of chaos for internal ops.{1} Their separate Apple Developer Program organization account, used to deploy TestFlight public and private betas and App Store apps, as well as local deployment to a small number of devices without Apple involvement for development testing, is not affected.
The intermediaries may or may not face consequences if they have separate agreements with Apple, but they did not use any Apple products to do their part and have not violated anything with Apple.
I harbor serious doubts that most of the 'volunteers' here know exactly what it is they're providing -- the sign-up sheet probably didn't say "we will know very specifically your porn-watching habits" e.g.
It was open to adults as well, but yes. However, they had no duty to specifically enumerate that particular case anyway lol. And technically that is a crime under US law to distribute porn to minors, but its not a crime for the users to view it, so if they connect to a website intended for and operating in another country without such laws, there is no legal issue.
I think that this is a fairly common when it comes to technology. The terms and conditions seem reasonable ("we collect some data to provide more relevant ads"), but when you look a bit more closely they build a personal file that contains who you communicate (email/text/call) with and how often, where you go, what you buy, which websites you visit, which videos you watch, etc to the extent that they are able. My mother is very smart, well-educated (she has a PhD), and relatively tech savvy (she works in scientific computing), but she was still floored when I told her about some of the tracking Facebook and Google perform. Google recording her location (which she technically agreed to, but did not realize) was enough that she asked me to help her migrate away from Gmail. She probably would have managed without my assistance, but the barrier would have been much higher.
"We will hold logs of you saying awful things to your girlfriend as you're breaking up in a file on you for the next 50 years" is more accurate. Privacy nihilism comes either from a lack of imagination, or a lack of perceived power.
This is a massive overreach. I would be pretty shocked if the people involved in this "research program" truly understood just how much access to their private data they were granting Facebook.
While I'm generally all for opt-in and free decision making I think some lines should only be crossed in special circumstances. Similarly to medical procedures that are only legal if the patient is very clearly informed about all potential risks (and that includes even those risks that are really not that probable) by an actual human being and not by just clicking on a button. In the case of Facebook they would in my opinion need to state very clearly that there is an albeit small risk of a breach and all collected data could be made public ("for example you employer might suddenly know which porn websites you are visiting or what people you have googled")
Big opt-ins require big explaining because people can only truly make free decisions if there is an actual effort to inform them about what is happening.
Edit: so maybe this is a bit extreme because I realize that this might similarly apply to (for example) phone manufacturers. I still think that actually analysing the traffic is a bigger risk than simply providing the phone/browser to generate the traffic because of the centralized target that is Facebook.
Maybe there wouldn't be an issue if they were being 100% transparent and explicit about what information they are collecting and how it will be used. However, the article seems to paint a fairly compelling picture that FB is not acting in good faith.
The fact that they're targeting kids makes it that much more unethical.
Yeah.. these are minors though. It may not be illegal explicitly but the fact that they are minors feels different than the perspective of an enlightened bargain.
It depends very much on what users are told they are signing up for. The ad in the article says a "paid social media research study", which couldn't be more vague compared to the level of access Facebook are granted through the root certificate.
Plus, the deliberate targeting of children that won't know better. And asking people to upload their Amazon order history! Pretty scummy.
> No one should have an issue with this since it does both.
Surely there's something to be said about age. There's a reason 14-year-olds can't enter into a legally binding contract.
Besides this, there's also the issue of how clear it is that the app is collecting private data. The article says:
"Facebook first got into the data-sniffing business when it acquired Onavo for around $120 million in 2014. The VPN app helped users track and minimize their mobile data plan usage, but also gave Facebook deep analytics about what other apps they were using."
which seems a lot like Facebook luring users into giving them their data without the users' knowledge.
Guessing that there are plenty of employers who would take the opposite view. There are surely companies who want employees who will do stuff without complaining about a bunch of annoying ethical implications.
Agreed. I'm curious if FB just doesn't have to play by the same rules? It would seem like the loss of FB Research's Enterprise cert would be a major pain for them.
Facebook, like every other large company, has a separate set of rules, though for something like this I can't imagine Apple looking the other way. My expected outcome is that the current certificate is revokes, and Apple has a talk with their team, tells them to not do this, and allows them to request a new enterprise account.
If they ruin this for the rest of us, I will never forgive Facebook. I hope Apple comes down on them like a bag of bricks instead of f'king up my beta testing.
Hard to forgive Facebook for undermining democracy, mass behavioural manipulation, privacy violation, monopolistic practices, and a gazillion other things.
Some of the highlights from Will Strafach, who did the actual app research for TechCrunch:
#1 "they didn't even bother to change the function names, the selector names, or even the "ONV" class prefix. it's literally all just Onavo code with a different UI."
#2 "the Root Certificate they have users install so that they can access any TLS-encrypted traffic they'd like."
My editorializing - I have been suspicious of Facebook getting the "submarine" treatment (1) but the insane scuminess of #1 above, which essentially is a big fuck you to Apple, pretty well supports the recent view that FB will essentially break any rule that serves to further their own ends.
Side note: This wouldn't get around cert-pinning? Even if a new trusted CA is installed on the system, an app implementing cert pinning still wouldn't trust this new CA. Seems that could be a wise move for Facebook's rivals that want to limit snooping.
Edit: on 2nd thought even if Facebook can't decrypt a particular app's traffic, just knowing how many requests it makes, how large they are, and how often, could still provide some useful insights into an app's usage.
As I've mentioned elsewhere in other threads, this app doesn't actually obtain root access (that is, it's not a jailbreak); the article/title is confusing a "root certificate" with "root access".
If the app is hard coded it shouldn't trust another cert. Note though that browsers, like Chrome, ignore cert pinning if the cert chains up to a locally trusted CA. So the answer is more "It Depends".
> Chrome does not perform pin validation when the certificate chain chains up to a private trust anchor. A key result of this policy is that private trust anchors can be used to proxy (or MITM) connections, even to pinned sites. “Data loss prevention” appliances, firewalls, content filters, and malware can use this feature to defeat the protections of key pinning.
EDIT: Spaced on the fact this is a phone app. While Chrome on Windows ignores certificate pins, I'm unsure if this also applies to Android / iOS root stores as well.
You can enforce certificate pinning in your own native app. You can even go as far as not trusting the hookable (on a JBen device) system libraries and link in your own OpenSSL or something similar.
I was under the impression Chrome was dropping HPKP support (it was deprecated in 2017), so I imagine this would be across all products - desktop and mobile.
Yeah, the idea is to remove pinning with frida and then your proxy will see all the traffic. There's some sample scripts here, and if you google around you'll find one for iOS: https://codeshare.frida.re/
Duh ;). FB isn't the only one... So many do this, your head would spin twice and it wouldn't even hurt. People need to see the bigger picture. FB is just one example.
I think the parent is implying that HTTPS encryption is a form of DRM. It's a reasonable question because AFAIK, the DMCA doesn't specifically call out DRM but rather any security/protection measures, so I can see how HTTPS would fall into that.
(However, upthread comments indicate that using certificates to see HTTPS traffic is a fairly common practice in enterprise setups)
No that is absurd, this is standard practice for almost all enterprise setups, as a central component in the deep packet inspection solutions used in network security. So the chance of it being illegal as the user has agreed to participate is absurd. The only thing that would make it so would be to lie about the functionality and intrusiveness.
Remember that in the case of the Facebook VPN, they were asking teens to install it -- which means the teens involved (according to US law) are a protected class: under adult age. Under age folks can't legally agree to participate in anything.
Keep in mind, just because everyone does it doesn't mean squat for is it legal or not. It means it hasn't been tested in the legal system, such that a judgement has been passed regarding legality.
If somehow, the practice were found to be a key part of circumventing some large industry's means of controlling something, it could realistically end up becoming illegal once subject to legal scrutiny.
Installing a root certificate is a major breach of privacy. This is what Fiddler does on windows when you need development access to a machine and want to view data being transferred between all websites including https.
By using a VPN they forced all traffic to go through their servers, and with the root certificate, they are able to monitor and gather data from every single app and website users visit/use. Which would include medical apps, chat apps, Maps/gps apps and even core operating system apps. So for users using Facebook's VPN they are effectively able to mine data which actually belongs to other apps/websites.
Imagine the malicious things someone could do with this level of access. And none of the usual mechanisms to, say, detect widespread compromise of a Certificate Authority would apply here.
They could drain your bank account, hiding the transactions and adjusting the balance whenever you viewed the mobile banking website or used your mobile banking app and adjusting any emailed statements.
They could send messages to your friends and family from your account asking them to send money to you in a certain way or donate money to a "charity", hiding the entire conversation from your view.
They could make some services you use slower or less reliable in subtle ways, to steer you towards the ones they want you to use— the ones that are easier for them to manipulate the traffic to/from.
They could make you think you're going insane, in any one of a variety of ways.
They could gather all of your private information, and then lock you out of your entire digital life all at once. Two-factor authentication wouldn't protect you; they could present you with a fake "re-confirm your settings" process to collect the information necessary to disable or replace the settings. (If you pay your rent using your phone, they could lock you out of your physical life too; they could prevent the payment from going through, show you a confirmation, and suppress notifications of unpaid rent and e-mails from your landlord.)
They could control which news you see, slowly shifting your views on things like privacy and security.
If you get suspicious about any of this, they could plant false information in your search results.
Apple should pull their entire developer program account! This is insane abuse of either Enterprise signing or developer signing - it could be either depending on the setup process.
Absolutely. If you were done it, you would get your account suspended and boiler-plate emails explaining why and that that's their final decision.
Since its Fuckbook, I am sure bunch of emails were exchanged with top-tier emps at Apple vs Facebook, bunch of apologies and life goes own. Wish Cook had balls and just pull the whole App out of AppStore.
The article is misleading; the app does not have root access, it has access to web traffic via a trusted root certificate. The app is distributed outside the App Store through the enterprise developer program.
Yes, I know what the enterprise program is for; this is a clear violation of those rules. But Facebook is not getting root access to your device, as the title of this post and the article claims.
To get a good idea of what they are doing, visit whatsmyudid.com and follow the instructions to use SuperUDID (you don’t need to go through with it, just read the steps).
Similar to SuperUDID, they installed a profile onto their device that provided special privileges for Facebook.
This is actually not quite true. They only installed a signing profile, which still requires a prompt to install each app and wasn't used to do anything but install the research app. The "keys to the kingdom" is the trusted root certificate, which coupled with the VPN, made them your ISP and gave them complete access to all traffic in all apps.
I was showing how they would go about getting the trusted root certificate on the phone, which can be packaged with MDM profiles installed similar to the method used above.
This all seems like a rerun of Uber - bad news on bad news compounding on bad news. Something is very rotten at Facebook and has been for a long time now.
Facebook's record is the best argument for banning dual share classes: if you want to keep control of your company, you shouldn't be able to do that at the same time as selling most of it off. If you are running a public company, you should be accountable to your shareholders.
I disagree, those shareholders know what they're getting into when they buy the stock. I do agree with just about 95% of criticism directed at Facebook, so this isn't me defending them specifically. I just don't see why dual share classes should be forbidden as long as people are properly informed when purchasing non voting ones.
If I offered you 10% of my bakery's profits but told you explicitly that you'd have no voice in how I run it, it could be a good deal for both of us and we'd both know what we're getting into.
It's not about whether it's a "good deal" for the investors: it is that as a society allowing unaccountable business dudes to run roughshod over society isn't working out so well.
I think the basic concept of what Facebook is as a company is just a rotten idea. This sort of monetized social network is a very dystopian concept and probably indicates a basic societal issue.
Would joining FB as a Privacy Czar or whatever be a job one should rightly wish on a highly competent privacy person, or is it a new form of torture in Hades alongside Sisyphus and others?
A tiger can't change its stripes. Self-regulation doesn't work [1], they will bypass any rules they create for themselves whenever it's convenient to do so. The US needs to pass a GDPR-style privacy law.
> Facebook first got into the data-sniffing business when it acquired Onavo [..] to learn that WhatsApp was sending more than twice as many messages per day as Facebook Messenger [...] and to spot WhatsApp’s meteoric rise and justify paying $19 billion to buy the chat startup
This makes a lot more sense now. At that time the tech sphere was surprised at the price tag which is expected as people outside Fb perhaps didn't have these metrics.
The fact that this exists makes me uncomfortable, but I'm having trouble pinpointing a reason why it's bad. People are opting into the data collection. Perhaps they don't know the full extent of what Facebook is tracking, but sideloading apps on iOS is not a one-tap process—anyone who used this had a sense of what they were doing.
And, $20 per month is pretty substantial compensation.
The way that Facebook is bypassing Apple's rules feels shady, but I've always felt those rules were user-hostile to begin with. I firmly believe that users should have control over their own devices, and that means letting users give information to companies if they so choose—especially if they're being financially compensated.
Really? I think I opened my first bank account when I was 10 or so. My parents had to co-sign but other than that were not involved in it. I don't think this was very unusual, the bank even promoted a special free account for young people. I had summer jobs from the age of 12, would you expect me to shove the money under my mattress?
Well your parents surely would be pretty involved with that, if their 12 year old son needs a ride down to the bank. It's not something that's going to be slipping under their noses.
Which brings us back to you falsely claiming anyone but you uttered that phrase, and your implied assertion that there is something wrong or odd with looking out for others, including children.
> This is not sideloading; this is enterprise app distribution. Users are not self-signing this app.
Just to be clear, that's the process I was referring to. I consider it a form of side loading, because the app is coming from an unofficial, non-Apple source.
Enterprise apps won't run until you manually go into settings and certify that you trust the developer. Far from the most onerous of tasks, to be sure, but significantly more involved than tapping a download button. I don't see how someone could be "duped" into running an enterprise app.
They weren't duped into running it, i.e. they knew they were downloading and installing an app from Facebook Research. They likely did not understand the effect of installing the VPN and trusted root provided by the app.
> They likely did not understand the effect of installing the VPN and trusted root provided by the app.
I'm just not convinced on this point. I think it's likely a lot of people did understand that Facebook could see all their internet traffic, and thought for $20 it was a fair trade. There's a HN user down thread (anonymous5133) who says he used the app and quite liked the exchange.
Now, it's possible these users did not think through all the consequences that sending this data to Facebook could have—but just how much responsibility does Facebook have here? Does Facebook need to say in big red type, "This data could be given to health insurance companies some day and used to deny coverage?" (I'm not even clear if that would be legal, but I bring it up as an oft-cited nightmare scenario.)
Recently, there was an HN thread of a Chinese man who sold his kidney for an iPhone at 17 years of age and 8 years later was bedridden for life because his remaining kidney failed.[1]
You could say the people who bought his kidney for an iPhone did nothing wrong. The kid had control over his own body and they made a deal the kid thought was good.
I think, though, that he wasn't properly educated of the risks that doing such a trade would leave him with, and that the people who offered him the deal very well knew them, but targeted him for being a naive child who wouldn't take them seriously.
I think this is the same case. People just don't understand or don't take the risks of this seriously enough, and companies like Facebook take advantage of that.
You're implying (perhaps unintentionally) that selling an organ is equivalent to selling information on what websites you visit. There's a reason selling organs is illegal, at least in the US.
I don't think personal information is so valuable that we need to outlaw its sale.
Impingement on quality of life by the seller of an organ can be, and is translated to a value statement. However, the paradoxical nature of human beings which relies largely on emotional responses dictates that while we can have people starving in the streets, because it would make society squeamish, they can't be allowed to sell their organs, for the sake of their own human dignity and quality of life, never mind that society stripped them of both anyway.
This isn't paradoxical at all, when both options are horrific there is little benefit to cover up one with the other and claim a solution.
Furthermore a short term windfall from selling organs will not provide the skills or assets required to prevent long term starvation and homelessness; so now the horror has been compounded: homeless, starving, and prone to debilitating illness.
The paradoxical nature is that being homeless and starving is horrifying but something humans have become accustomed to, and yet the idea of selling organs is embedded culturally as being shocking, even if the end result of being starving and homeless is relatively equivalent to being desperate enough to sell organs, so it's not allowed.
Also, how you mention as fact that money from selling organs won't prevent long term starvation and homelessness is surprising; you don't know that's the case one way or another but you're trying to pass off an opinion as fact. I can't argue either that it would help with a clear and definite metric, but the correlation of living conditions and money is clear. How real-life application of such legalization or organ selling, with quality of surgery and post-surgery care, legal predatory practices, and other factors are dealt with are potential problems, but those are issues that exist in all commercial domains.
I also never argued organ selling as a solution to a problem; as others mentioned, it is a potential band-aid to a problem that lies in wealth inequalities, but which I find interesting as a societal flashpoint that show how knee-jerk emotional responses can cause logical paradoxes.
Impingement on quality of life by the seller of an organ can be, and is translated to a value statement.
How much is a Jew's life worth vs a Christian's life vs a Muslim's life? Or would it make you squeamish to try and adjudicate that? Or are some things not worth putting a price on because of principles, because breaking those principles would have worse second and third order effects?
Well, the market as an aggregate dictates that. It's entirely reasonable to assume that from market to market, buyers have different value assessments for people of different religions, and place different values on each. On a personal level, I would pass judgment by objective quality of organ, but that's beside the point. The idea of employment already places value statements on people and mainstream moral perceptions mark discrete points that shift from moral to immoral, when in fact its all on a continuous scale and the point at which it shifts is arbitrary.
I’m led to believe a whole bunch of intellectual heavy weights agree that privacy is so important it needs to be heavily regulated fairly immediately.
I tend to agree with them.
Come to think of it, is there anyone making a strong case for weaker privacy protection? I’m prepared to put aside my existing assumptions long enough to read an article or two.
No, the point is that under GDPR you can't sell personal data because it remains the property of the person it was shared by. You can sell access to that data, but the purchaser inherits the terms under which that data was shared and can't use it for any purposes the owner did not already agree to -- plus that transfer itself has to be consensual.
Also under GDPR the consent can be revoked at any point and the data has to be deleted. Plus the owner has to be given exhaustive information about what data was gathered, what basis it was gathered on and who it was passed on to (recursively).
> equivalent to selling information on what websites you visit.
You make it sound like they're just obtaining a list of URLs, but that's not it. For $20, they get to impersonate you while you're in the VPN and after you leave (they have all your passwords and session cookies). They can also impersonate anyone you deal with. They have all decrypted information going between you and the rest of the internet. Not even your ISP gets that amount.
Even further problematic is the scale at which they can do this. This isn't just a concern we should see as individuals but also as a group. They can control a grand portion of information flow and authentication in the whole web.
This is actually a great comparison, because I think both boil down to (a lack of?) informed consent. I think there's nothing inherently wrong with selling all your data for $20 a month. If you know exactly what you're doing.
Very likely the kid didn't understand exactly all the risks and wasn't informed when selling his kidney. And I would guess it's the same thing for a lot of kids signing up for this facebook thingy thinking "free $20 a month? Let's fucking goooooooo!"
But I honestly feel just as creeped out by apple dictating what people can install on their phones and what they can't.
See, I felt like it was not a great comparison because a body part is a very different thing from web traffic. Since Facebook does not stand to gain anything from inflicting material harm on you, the expected value of giving them your data is at worst very slightly negative. They’re likely not even recording most of it. (What would they do with it?) The same can emphatically not be said of a mission critical singly-redundant organ.
They can’t run this program on a societal level because it would cost too much (>100B a year in the US alone, which is surely more than the value they derive from it). So we really only need to be concerned about whether this hurts the individuals involved, and whether Facebook plans to do anything unethical with the data.
The danger is judging informed consent by what we would find acceptable. It's conceivable that one could understand the risks yet not appreciate the probability involved, or have a value system skewed towards present gratification. The point is that the concept of informed consent in cases like this don't really add much information.
You're allowed to set your value system however you want, that's not my business. My issue is just that there is no details on their server-side security, and that the terms used to describe the effect of the root certificate are not nearly strong enough. But if someone truly is informed about who is collecting this then their's nothing wrong, other than FB violating their agreement with Apple which I trust Apple is seriously chewing them out for.
I think there's nothing inherently wrong with selling all your data for $20 a month. If you know exactly what you're doing.
Informed consent is _impossible_ here because there is no way a person can know what future use the data will be put, and Facebook sure as shit ain't gonna tell, and they're even less likely to limit their future use of the data through an agreement made in the present.
It comes down to informed consent. But that's a whole can of worms.
One which needs to be opened and we need to sift through to find an acceptable answer. It is difficult to find something that allows freedom of choice and doesn't require a huge amount of knowledge. Plus, who decides what the facts are? The required minimum knowledge? How do you measure understanding? Are we going to have a ministry of truth? If so, who watches the watchmen?
Whether or not you agree with Apple's rules, the fact that Facebook is willing to violate their Enterprise Certificate agreement with Apple is a red flag.
If Facebook is willing to break an agreement with one of the largest corporations on the planet, what reason is there to think that they will keep any promises they make to individual users?
Those two and the lack of a robust, documented framework for Facebook to delete the data it is not interested in analyzing and store what it is securely.
The biggest question I have is why they needed the root to analyze popularity of future competitors. Surely doing domain requested (visible even with TLS) and number/time of requests would be sufficient, and that would have greatly reduced the amount of private data gathered.
Many of the things they are spying on aren't just the business of the person who's getting the $20 either. If you message someone, do you expect them to turn around and sell that to Facebook? If you are one of Facebook's competitors, don't you deserve to not have them use their monopolistic power to scrape your data?
If there had been a hack of the data collected by this program, people could very easily and rightly have been fired or disciplined for exposing corporate data through a VPN. Even if most things are run through a corporate VPN or intranet, one sign in to your work account on Office 365 is game over for the company.
> I'm having trouble pinpointing a reason why it's bad … $20 per month is pretty substantial compensation
But Facebook's competitors did not consent to their traffic being spied on and had a reasonable expectation that their traffic would remain safe from this type of intervention on iOS devices. Ignoring the ethics of paying users for data and so on, this seems like a straight up case of industrial espionage. The article says that this is how FB spotted the rise of WhatsApp, and presumably informed the offer. They would have known exact usage information, this is espionage via surveillance.
Why do Facebook's competitors get a say in it? Facebook is only getting access to user-visible data; if the users decide to give that away (in exchange for compensation), it's their right. Amazon users aren't Amazon employees—they didn't sign an NDA and are free to share what they know.
At an individual level that may be so, but if they're doing it en-masse then they essentially had secret/sensitive competitor information when they made an offer to buy WA, daily active users, usage-by-demographic etc.
On top of that they would have had access to message formats, headers, encryption protocols and so on, things that are potentially trade secrets. This isn't user-visible data and app owners shouldn't expect that competitors can access it directly from a user's phone.
People are opting into data collection in a way that creates a severe security vulnerability. Not only have you given up confidentiality (of everything, including passwords), you've also sacrificed integrity and availability. You can no longer trust anything you do on your phone.
A hypothetical experiment Facebook might be interested in conducting: Do people use Facebook more if Twitter is slow and/or unreliable?
At what point does Apple pull Facebook's developer licenses? as people have mentioned, this appears to be a violation of the enterprise account program.
It's important to note that Facebook has at least two "licenses" here: one is used to push their apps to the App Store, and another to sign enterprise apps (like this one). Pulling one should not affect the other.
Children don’t have fully developed minds, can’t appreciate the consequences of their actions (especially in the long term) and are easy to manipulate with bribes ($20/mo).
This isn’t a bunch of adults deciding to sell their privacy. It’s children who have no hope of understanding what they’re doing.
To be fair, you could replace the word children with the word adult in your first paragraph and it would all still hold.
Adults might have fully developed brains from a biology perspective, and I recognise this is what you meant, but I believe there is a strong argument to be made that many adults, myself included, are heavily lacking in the development of mind department. Mark Zuckerberg surely is, either that or he’s actually Satan.
I definitely have an undeveloped appreciation of the consequences of my actions, and I’m easily manipulated. I’m rapidly approaching 40 laps around the sun!
My greater point here is that I don’t find your argument for why it’s worse because children particularly compelling. Or, perhaps, insufficient. So I’ll replace with my own:
Society at large has a long history of, and a cultural and biological evolutionary adaptation, to protect children more strongly than adults, because we are born vulnerable and take a long time to reach sexual reproductive age. We’ve only made it this far because we’re not descended from parents who let their kids stumble in to sabretooth tiger territory. (As an aside, I appreciate that the greatest threat to children’s health and development is their immediate family. But here we are).
The worrying thing is, now the sabretooth tiger is a guy who’s surname translates from the mother tongue, German, to English as candy mountain, Google translate actually says “pile of sugar”, and comes with a family friendly large blue thumbs up symbol. So the threat is difficult to discern.
I’d actually be more worried if I didn’t have a seizure like laughing fit every time I think about the whole scenario. It’s a coping mechanism I guess.
I mean, is this really happening? I wish Bill Hicks was still alive! Aaah, he lives on through those who carry the flame!
But on a more serious note, children don't necessarily understand the consequence of their actions, especially at a technical level. Mind you, plenty of adults don't either, but their acceptance of the terms of conditions of something or other is contingent on their being responsible enough to accept any negative consequences that may come; children are not in that position.
A culture that doesn’t have a strong child-protective drive, and a strong drive toward kindness and treading lightly, is likely to disintegrate and eventually destroy the each other and the world.
As evidence I present: the current state of affairs!
I don’t know how I feel about this. On the one hand Facebook is working around Apple’s terms and conditions, and enticing underage kids to compromise their phones. On the other hand, there’s no law broken here, Apple’s terms and conditions are not generally fair to users, and the kids know all of their data is being tracked for money ( and presumably are happy with it). Plus, freedom to use the personal device you bought as you see fit is preferred to Apple deciding what you can and cannot have on your phone. So, how should I feel about this?
> kids know all of their data is being tracked for money ( and presumably are happy with it)
Do they though? Do they really understand what it means? Do they understand that that nude they sent to their GF/BF is now on a FB server and FB has FULL rights to have and use that (obviously not publish it but still)? Do they just not care?
I really don't know, the last question kind of terrifies me TBH. My hope is they don't fully understand what they are giving up and "$20 is $20".
It’s hard to gauge how much they really understand, but it’s also hard to gauge how much it really matters. I mean most of the data coming out of them is noise, really. They’re not buying houses or making major financial transactions. If this is worth doing, then $20 may even be their primary source of income, and there may not be too many legitimate ways of earning that income at that age, especially passively.
Sounds like AllAdvantage.com (I had to look that up again) all over again. They tracked your internet usage and paid you money for it. My friends and I thought it was a good deal and had no compunctions about gaming it. I’m sure these kids are thinking the same thing, and our moral outrage is self-inflicted.
To me this is a reflection of society at this point. Monitoring & tracking of online activity was something to be avoided when I was young. I can only assume something like this would harm the reputation back then and people would go elsewhere. Although, $20 per month makes me wonder if my past self would have cared and all my info would be data mined. I doubt in the end I went unexploited in some way and likely I missed out on little money that's now being offered because of more secure devices.
Is it possible for Facebook to have good intentions that lead to positive outcomes, or is everything they touch toxic?
I think maybe we can have more than one opinion simultaneously. I really like some of Facebook’s features, and Apple has some good things going for it. And it’s definitely fair to criticise both for their shortcomings.
Good point. This _should_ be illegal. And there is definitely a need for better data protection legislation, to protect consumers against exactly this power imbalance.
> and the kids know all of their data is being tracked for money ( and presumably are happy with it).
Yeah, obviously, kids are very good at understanding the consequences of their actions. I mean, imagine if they didn't! We would need special rules in criminal law for dealing with young offenders or something!
Actually it's your reasoning that's faulty. All crimes are not equal. That's why society deems it appropriate to outfit different crimes with different punishments.
Let's not forget that until mid-20th century, adultery was illegal in most states...
He's making a reduction to the absurd to show why the reasoning he is replying to doesn't work. It's a good form of argument, quite similar to a proof by contradiction.
> the kids know all of their data is being tracked for money ( and presumably are happy with it)
Yes, and?
Kids (and some adults) frequently send demeaning nude videos of themselves to public web forums (and promptly get harassed IRL). Are they being defrauded? Or just act that way, because they are naive and can't read emotions and body language across the computer monitor? Either way, the incident described in article is a clear children rights violation. Whether parents properly understood and condoned it or were defrauded by Facebook, — does not really matter (I suspect, that if any of them faced a trial, they all would claim the later).
The group of people using this "App" by this can be broken up into 2 main groups:
1. Those who understand what they are signing away and need $20/mo more than they need privacy
2. Those who don't understand or don't understand fully what they are signing away and see it as free money
Preying on either group is disgusting and wrong. I'm really interested to see what Apple does here, they have taken a hard line on privacy and I don't doubt they will kill this app but if FB wants to play wack-a-mole they WILL win (see iOS sideloading scene), for me the big question is will Apple take down the FB apps?
We've seen Netflix, Uber, FB, Amazon, and more skirt the rules of the App Store in the past, they've barely gotten a slack on the wrist (in public at least). At what point does Apple take a real stand and say no? Cause so far $$$$$ has ALWAYS stopped them, I really do believe they care about privacy, I don't know know if the shareholders do.
Are we, as a society, ok with people being desperate enough to need $20 more than privacy?
Or maybe privacy isn't something we should care about or at least value as much as we do as a society. Maybe I'm wrong. I think I see the dangers down the road but maybe it's just a mirage and privacy will die and it won't be used against use by people in power or with money.
That's kind of what I was trying to get at, probably unsuccessfully. That maybe the anger shouldn't lie with FB or the fact this program exists but with the fact we are in place that people will accept that little for so much.
This is like saying child labor is a band-aid, not a solution, but that we shouldn't ban it because it helps children. The whole point is that it's an inherently exploitative thing that is a net negative for society even with people who need money getting paid.
Right, because installing spyware is the same thing as forcing young kids to work. What?
No questions, this is creepy. But nobody was talking about a ban. The post I replied to asked whether we should be okay with people who need $20 that badly.
The answer is no, we shouldn't be ok with it. But you're not solving the situation by banning this, you're making it worse if anything.
"We shouldn't be ok with people being homeless." "Okay, let's make 'being homeless' illegal. Problem solved!" "???"
And yes, this logic has been used before. It hasn't solved homelessness, btw.
We shouldn't be ok with people needing money that badly, and we also shouldn't be ok with creating an economic dependency on those people selling their privacy, the same way we've banned economic dependency on child labor. That is not at all equivalent to banning homelessness. It's more like banning hiring homeless people to fight lions with their bare hands for entertainment.
I don't have a good answer for you. My bad answer is I trust Google/Microsoft a little more when they say they aren't looking at your emails than I trust FB with Everything you do on your phone and no guarantee of what they are doing with it.
I probably misunderstood you. From the very beginning of Gmail, Google has been very upfront that they do look at your emails, each and every one of them. They use automation for that, is that what you meant? No fleshy humans physically reading with their own eyeballs?
nobody is judging the desperate person, we are judging the net effect of the rest of sociiety on them.
it's provably affordable to give everyone the average rent of the world which covers housing (rent of buildings), food (rent of farmland), energy (rent of space used for solar panels, windmills, ...), natural resources (rent of mines).
I'm not attacking them for taking it, I harbor no ill will toward either group #1 or #2 of my original comment. I'm asking if we are ok with this being necessary in the first place. I'm not ok with it.
I have the app installed on my phone. I have it installed because I want the $20 amazon. I don't know if I really "need" the $20 amazon but it is 100% passive once it is installed. You literally need to do nothing. Every month they send you $20. I would not uninstall it even given the privacy concerns.
If you guys are so concerned about it then create something that puts cash in my pocket. I'll gladly run whatever app you want on my phone if you pay me.
Perhaps. I notice in most societies we say there are all sorts of things that you can’t do for money with your own time and body, however desperate you may be. Selling your organs and selling sex being examples.
> and sex workers being abused by pimps and corrupt cops
I don't have a strong opinion either way, but my understanding is that it's very very far from proven that legalizing prostitution improves the lot of sex workers -- I am led to believe that trafficking becomes _more_ of a problem in localities where sex work is legal.
Further, and again no strong personal opinion on the matter, but I suspect you'd see a huge rise in coerced organ selling if it became legalized.
These are questions societies need to answer for themselves, and my central point was that there's already precedent for societies deciding that they don't benefit when some things are available for sale, even if an individual in the moment says they want to sell it.
I mean, do you think we should outlaw strippers? They sure give up more privacy than this for money. What about other things people sacrifice for money? Coal miners? Crab fisherman?
I agreed with TheSpiceIsLife, I don't see how those compare. Seeing someone naked is so completely different than having full access to what they do on their smart phone. In fact, on their smart phone there are probably naked pictures.
> For some people this money could be incredibly important.
So I took this to mean "desperate enough" as in there are scales/levels of "desperate"-ness. Maybe desperate is the wrong word and the "enough" modifier wasn't obvious in my meaning.
Maybe a better way to put it:
Are we, as a society, ok with people needing $20 more than their privacy?
I was trying to convey that I imagine I would have to be pretty desperate to give up my privacy for $20/mo.
First of all I doubt that most people who go into this have a feeling of desperation, especially not the teenagers that are targeted. (I do sort of have an issue with the targeting, though when I think about it, I bet that teenagers actually understand what they are giving up better than 50 year olds). So I would rephrase that as "are we, as a society, ok with people _wanting_ $20 more than privacy", to which my answer is yes. I guess I would have a problem if it were desperation, but then I don't think that in this sense being "desperate" for $20 off a smart phone plan is correct usage of the term.
> For some people this money could be incredibly important.
That's exactly the problem. In Human Subjects Research this might be considered a violation of Informed Consent in the form of undue influence. From the Belmont Report [1]:
An agreement to participate in research constitutes a valid consent only if voluntarily given. This element of informed consent requires conditions free of coercion and undue influence. Coercion occurs when an overt threat of harm is intentionally presented by one person to another in order to obtain compliance. Undue influence, by contrast, occurs through an offer of an excessive, unwarranted, inappropriate or improper reward or other overture in order to obtain compliance. Also, inducements that would ordinarily be acceptable may become undue influences if the subject is especially vulnerable.
Note the "especially vulnerable" part at the end there.
> > For some people this money could be incredibly important.
> That's exactly the problem.
I thoroughly disagree, and I feel like speaking up about this particular philosophy of consent.
If I buy a used iPhone for $100 from someone who would die if they didn't get the $100, have I acted unethically? Whereas if I bought it from someone who didn't really need the $100, I wouldn't be acting unethically?
This sounds not only wrong, but highly counter-productive to me, since the consequence of not entering into this trade, just because the seller really needs the money, is that the seller dies. How does that make any of us better off?
As a society, we should encourage trading with people who really need the money, not label it as unethical. Whether a trade is unethical or not can be determined solely from the trade itself, not how much either (or both of the parties) needs the proceeds from the trade.
Example illustrating the absurdity: imagine two people who both really need the proceeds trading with each other. Ouch! According to your philosophy, they are both acting unethically (when in fact they are doing the only reasonable thing).
Doesn’t this argument give us child labour and sweat shops? Fortunately most places have laws that set a minimum standard to protect society against those who have lower ethical standards.
> If I buy a used iPhone for $100 from someone who would die if they didn't get the $100, have I acted unethically?
In some cases, you have clearly acted unethically. For instance, if the iPhone is worth $800 and you have more money, but you're getting the $100 price because the man is dying now and there's nobody else around to offer him more than $100.
So say I don't buy the iPhone because I consider it unethical to pay only $100, but since I don't actually need a new phone, I'm not going to pay $200+. The seller dies because they were $100 short of some essential medicine they needed, or whatever. Is this really the outcome you want to see?
In an ideal world, I would just pay the person $100 and not take their phone—but, c'mon, this isn't the world we're living in. People die every day in the US—never mind the rest of the world—because they couldn't afford medicine/shelter/food/etc
You're contriving a situation where the seller doesn't have any other options AND you also don't have any ability to buy it to later sell at a profit (which would give the seller the ability to negotiate a better price than $100 with you while still allowing you a reasonable profit when you sell it).
I agree you can contrive a situation where the best ethical option is to pay the seller $100 for the phone but you really have to work on it (and the situation is pretty contrived to begin with)
And if I have enough money, work in tech and still value $20 more than the (additional) data I give up? Especially knowing what's already collected the difference isn't necessarily that big. Am I not allowed to give consent then?
The app in question monitors all private communication that you have with others, who most certainly did not consent to have their own privacy taken away. So no, it's not okay to steal someone else's private information and put it on sale, however desperate you may be.
It's even more unethical to encourage people to do so, like FB did.
Since they were also targeting children, 13 yo and up, they probably fit into both categories and is extra unethical...
As far as I know, when Apple discovered Uber doing some shady, but way less messed up things, they were flat out threatened to be kicked out. Problem is, this isn't Facebook's first rodeo, their previous app that did this was kicked off.
What if you simply don't care if some researchers have access to your data?
I'd honestly consider doing this myself, even though I am a highly paid software engineer, because it really does sound like "free money".
Although I probably won't, because I don't want to go through the hassle of sideloading an app on my phone (but if it was a 1 click thing, I'd seriously consider it).
You are leaving out group three. Those who want the money and will put it on a spare phone and game Facebook by using the phone for nonsense that has little to do with their personal life. As a similar example, just because I use Facebook doesn't mean I click "like" on things I actually believe in. Or click on ads of products I would be interested in. Quite the opposite.
This is fair, I know when I was younger we loved finding ways to game systems like this but we never were playing with the fire that is a monitored VPN. Yes a separate phone solves most the issues but this pales in comparison to shit like clicking on ads for pennies in high school to get paid.
I didn't mean to imply that group 3 includes kids. The targeting to kids I consider unethical. I agree with you that a monitored VPN is not something someone under legal adult age should be considered capable of consenting to. In fact I would say it's one of those cases that even the parents can't consent to. It might be comparable to a parent consenting to their child's phone line being tapped by a third party for a monthly payment. Clearly unethical, and probably illegal in a lot of places.
Tangentially related, but his leads to an issue I try to stress this to my students all the damn time, but they just don't care. Like, they all try to download any free VPN that'll connect so they can play Fortnite during school, without ever looking to see what they give away. Hell, I'm not convinced they wouldn't consent even if it was told, as long as they get their fix while at school. There's a huge problem nobody wants to try to fix.
From the students’ perspective, the reward is greater than the obscure potential consequence. I have certainly noticed this with adults, as well, so it seems like fairly basic human behavior.
The arms race between school administrators and people who wanted to connect to things they shouldn't has been going on for decades and is one of the major sources of sys admins. The problem here is that installing a VPN is far too easy and doesn't teach children where /etc/host is located.
At my school, they have default "teacher" for external events that use school facilities, usernames and passwords based on each school code that bypass all filters, but somehow no one has found it leading to insane workarounds. Sadly, people used to use web.archive.org as a workaround (like dude, just go home and look stuff up?) so they blocked it, which breaks a lot of research and sources on Wikipedia.
True, but as long as they don't install a trusted root as well damage is still far more limited. Still a major privacy issue (and huge shout out to you for passing this knowledge on to my generation, sadly many of us really don't care) though. With this, however, the possibilities are really limitless. For example, the simple act of filling out a job application online, common for students to do, gives FB your SSN and enough info to open a line of credit.
How was this data stored? Who at Facebook had access to the SSNs and nude photos and the like that was certainly collected with a program like this of any scale? Were the procedures to delete it? How were the systems secured? And while I doubt even FB would do this, a truly lawless bad actor could use those logins without tripping security alerts because you would have used one of their IPs to sign in before. Or an external actor, having access the data dumps, could sign up as a user and then make use of the VPN to easily pawn everyone's account.
The more I think about this, the more outrageous it is. They may as well put cameras in your house and photocopy all your papers.
467 comments
[ 2.6 ms ] story [ 323 ms ] threadYou can play with them using mitmproxy to generate a Cert and intercept SSL traffic.
[0] https://en.wikipedia.org/wiki/Root_certificate
Fortunately, the title has been edited now to remove "root access".
Which is complicated both legally and ethically when it's deliberately targeting teens.
What is Facebook thinking?? Shouldn’t a company which is already getting bad PR for its handling of private data be extra careful about how much personal data it gathers and what it does with it?
Further, their only major competitor in the ads space is Google, which has access to this information via Android and its control over the Play Store.
Plus, what are the teenagers going to do about it? Facebook also owns Instagram. I guess they could use Snapchat...
Eventually they'll encounter a hero, someone important enough who says "fuck it"
Its just speculation, that they're blackmailing anyone to make things happen, but anyone can see the incentive is there. Hard to imagine blackmail isn't just waiting to happen with that kinda data.
What will get them to stop is likely regulatory oversight.
I mean Facebook does deserve the negative PR it's receiving, don't get me wrong. I finally deleted my account, too, since it's become too much. It does seem to me like it's very much in their interest of the media to keep attacking Facebook now that it's socially acceptable (Cambridge Analytica stuff and all), since Facebook's one of the companies that greatly influenced and interfered with their possibility to generate an income.
As an organization they don't have another way to operate / seem incapable of doing anything else other than this scummy stuff.
They can't stop being what they are or they'd die so they just double down and double down.
Using intermediaries also allowed Facebook to technically not violate Apple's enterprise certificate contract (because the intermediaries were in violation instead).
I actually though they would have done that, but it used the regular "iPhone Distribution: Facebook, Inc. (In-House)" cert, they didn't even create a shell entity and get a new one. Reports say Apple has revoked this cert, breaking all internal (legitimate) apps and possibly creating quite a bit of chaos for internal ops.{1} Their separate Apple Developer Program organization account, used to deploy TestFlight public and private betas and App Store apps, as well as local deployment to a small number of devices without Apple involvement for development testing, is not affected.
The intermediaries may or may not face consequences if they have separate agreements with Apple, but they did not use any Apple products to do their part and have not violated anything with Apple.
{1} https://www.theverge.com/2019/1/30/18203551/apple-facebook-b...
Big opt-ins require big explaining because people can only truly make free decisions if there is an actual effort to inform them about what is happening.
Edit: so maybe this is a bit extreme because I realize that this might similarly apply to (for example) phone manufacturers. I still think that actually analysing the traffic is a bigger risk than simply providing the phone/browser to generate the traffic because of the centralized target that is Facebook.
* selected user's age;
* proper disclosure.
The fact that they're targeting kids makes it that much more unethical.
Plus, the deliberate targeting of children that won't know better. And asking people to upload their Amazon order history! Pretty scummy.
Surely there's something to be said about age. There's a reason 14-year-olds can't enter into a legally binding contract.
Besides this, there's also the issue of how clear it is that the app is collecting private data. The article says:
"Facebook first got into the data-sniffing business when it acquired Onavo for around $120 million in 2014. The VPN app helped users track and minimize their mobile data plan usage, but also gave Facebook deep analytics about what other apps they were using."
which seems a lot like Facebook luring users into giving them their data without the users' knowledge.
Unemployable.
I’d even go as far as blacklist anyone who continued working at Facebook after Cambridge Analytica.
Seems like a risky game to play, likely staking their appstore developer account at the same time. High stakes.
They seem to have broken the cardinal rule though. Namely the somewhat ambiguous "Don't use your Enterprise account to bypass the App Store."
But I agree, add this to the "unforgivable" pile.
#1 "they didn't even bother to change the function names, the selector names, or even the "ONV" class prefix. it's literally all just Onavo code with a different UI."
#2 "the Root Certificate they have users install so that they can access any TLS-encrypted traffic they'd like."
My editorializing - I have been suspicious of Facebook getting the "submarine" treatment (1) but the insane scuminess of #1 above, which essentially is a big fuck you to Apple, pretty well supports the recent view that FB will essentially break any rule that serves to further their own ends.
via https://twitter.com/chronic/status/1090394419902197761
(1) http://www.paulgraham.com/submarine.html
Edit: on 2nd thought even if Facebook can't decrypt a particular app's traffic, just knowing how many requests it makes, how large they are, and how often, could still provide some useful insights into an app's usage.
> Chrome does not perform pin validation when the certificate chain chains up to a private trust anchor. A key result of this policy is that private trust anchors can be used to proxy (or MITM) connections, even to pinned sites. “Data loss prevention” appliances, firewalls, content filters, and malware can use this feature to defeat the protections of key pinning.
http://www.chromium.org/Home/chromium-security/security-faq#...
EDIT: Spaced on the fact this is a phone app. While Chrome on Windows ignores certificate pins, I'm unsure if this also applies to Android / iOS root stores as well.
Source: https://bugs.chromium.org/p/chromium/issues/detail?id=779166
> OK, we're looking at removing dynamic PKP in M69. Static PKP will remain until further notice (we have no active plans to remove it right now).
Jailbreak required, of course.
Many apps do not do pinning currently.
Point out a few? This needs to be common knowledge.
- installing root certificate to access encrypted data (potentially of websites? including banking websites?)
- means bypassing security mechanism put in place to prevent people to access data send to a server (from a browser/app)
- means potentially bypassing DRM, too
=> isn't that illegal even if the user agrees to it? (at last in the US where some especially DRM related laws are strange)
(However, upthread comments indicate that using certificates to see HTTPS traffic is a fairly common practice in enterprise setups)
If somehow, the practice were found to be a key part of circumventing some large industry's means of controlling something, it could realistically end up becoming illegal once subject to legal scrutiny.
By using a VPN they forced all traffic to go through their servers, and with the root certificate, they are able to monitor and gather data from every single app and website users visit/use. Which would include medical apps, chat apps, Maps/gps apps and even core operating system apps. So for users using Facebook's VPN they are effectively able to mine data which actually belongs to other apps/websites.
They could drain your bank account, hiding the transactions and adjusting the balance whenever you viewed the mobile banking website or used your mobile banking app and adjusting any emailed statements.
They could send messages to your friends and family from your account asking them to send money to you in a certain way or donate money to a "charity", hiding the entire conversation from your view.
They could make some services you use slower or less reliable in subtle ways, to steer you towards the ones they want you to use— the ones that are easier for them to manipulate the traffic to/from.
They could make you think you're going insane, in any one of a variety of ways.
They could gather all of your private information, and then lock you out of your entire digital life all at once. Two-factor authentication wouldn't protect you; they could present you with a fake "re-confirm your settings" process to collect the information necessary to disable or replace the settings. (If you pay your rent using your phone, they could lock you out of your physical life too; they could prevent the payment from going through, show you a confirmation, and suppress notifications of unpaid rent and e-mails from your landlord.)
They could control which news you see, slowly shifting your views on things like privacy and security.
If you get suspicious about any of this, they could plant false information in your search results.
Since its Fuckbook, I am sure bunch of emails were exchanged with top-tier emps at Apple vs Facebook, bunch of apologies and life goes own. Wish Cook had balls and just pull the whole App out of AppStore.
But how? I didn't knew this is possible to do on iPhones except really old models. If it is I'd love to know how.
For example, we use them to distribute frictionless test builds internally.
I just wanted it to be clear to others that this is NOT the intended purpose of the Enterprise program.
Similar to SuperUDID, they installed a profile onto their device that provided special privileges for Facebook.
If I offered you 10% of my bakery's profits but told you explicitly that you'd have no voice in how I run it, it could be a good deal for both of us and we'd both know what we're getting into.
[1] https://theintercept.com/2018/11/29/google-china-censored-se...
This makes a lot more sense now. At that time the tech sphere was surprised at the price tag which is expected as people outside Fb perhaps didn't have these metrics.
How they heck is this fair?
And, $20 per month is pretty substantial compensation.
The way that Facebook is bypassing Apple's rules feels shady, but I've always felt those rules were user-hostile to begin with. I firmly believe that users should have control over their own devices, and that means letting users give information to companies if they so choose—especially if they're being financially compensated.
Children, specifically.
> Perhaps they don't know the full extent of what Facebook is tracking
…is this not bad?
> sideloading apps on iOS is not a one-top process—anyone who used this had some sense of what they were doing
This is not sideloading; this is enterprise app distribution. Users are not self-signing this app.
> And, $20 per month is pretty substantial compensation.
For a child who doesn't know any better, maybe…
So many of the comments in this thread are literally "Think of the children!"
Which brings us back to you falsely claiming anyone but you uttered that phrase, and your implied assertion that there is something wrong or odd with looking out for others, including children.
Just to be clear, that's the process I was referring to. I consider it a form of side loading, because the app is coming from an unofficial, non-Apple source.
Enterprise apps won't run until you manually go into settings and certify that you trust the developer. Far from the most onerous of tasks, to be sure, but significantly more involved than tapping a download button. I don't see how someone could be "duped" into running an enterprise app.
I'm just not convinced on this point. I think it's likely a lot of people did understand that Facebook could see all their internet traffic, and thought for $20 it was a fair trade. There's a HN user down thread (anonymous5133) who says he used the app and quite liked the exchange.
Now, it's possible these users did not think through all the consequences that sending this data to Facebook could have—but just how much responsibility does Facebook have here? Does Facebook need to say in big red type, "This data could be given to health insurance companies some day and used to deny coverage?" (I'm not even clear if that would be legal, but I bring it up as an oft-cited nightmare scenario.)
You could say the people who bought his kidney for an iPhone did nothing wrong. The kid had control over his own body and they made a deal the kid thought was good.
I think, though, that he wasn't properly educated of the risks that doing such a trade would leave him with, and that the people who offered him the deal very well knew them, but targeted him for being a naive child who wouldn't take them seriously.
I think this is the same case. People just don't understand or don't take the risks of this seriously enough, and companies like Facebook take advantage of that.
[1] https://news.ycombinator.com/item?id=18925780
I don't think personal information is so valuable that we need to outlaw its sale.
Furthermore a short term windfall from selling organs will not provide the skills or assets required to prevent long term starvation and homelessness; so now the horror has been compounded: homeless, starving, and prone to debilitating illness.
Also, how you mention as fact that money from selling organs won't prevent long term starvation and homelessness is surprising; you don't know that's the case one way or another but you're trying to pass off an opinion as fact. I can't argue either that it would help with a clear and definite metric, but the correlation of living conditions and money is clear. How real-life application of such legalization or organ selling, with quality of surgery and post-surgery care, legal predatory practices, and other factors are dealt with are potential problems, but those are issues that exist in all commercial domains.
I also never argued organ selling as a solution to a problem; as others mentioned, it is a potential band-aid to a problem that lies in wealth inequalities, but which I find interesting as a societal flashpoint that show how knee-jerk emotional responses can cause logical paradoxes.
How much is a Jew's life worth vs a Christian's life vs a Muslim's life? Or would it make you squeamish to try and adjudicate that? Or are some things not worth putting a price on because of principles, because breaking those principles would have worse second and third order effects?
I tend to agree with them.
Come to think of it, is there anyone making a strong case for weaker privacy protection? I’m prepared to put aside my existing assumptions long enough to read an article or two.
Europeans seem to disagree. Maybe your "reason" is just cultural bias?
Under GDPR, it should be perfectly legal to compensate a user for agreeing to share personal data with marketing companies.
Also under GDPR the consent can be revoked at any point and the data has to be deleted. Plus the owner has to be given exhaustive information about what data was gathered, what basis it was gathered on and who it was passed on to (recursively).
You make it sound like they're just obtaining a list of URLs, but that's not it. For $20, they get to impersonate you while you're in the VPN and after you leave (they have all your passwords and session cookies). They can also impersonate anyone you deal with. They have all decrypted information going between you and the rest of the internet. Not even your ISP gets that amount.
Even further problematic is the scale at which they can do this. This isn't just a concern we should see as individuals but also as a group. They can control a grand portion of information flow and authentication in the whole web.
Very likely the kid didn't understand exactly all the risks and wasn't informed when selling his kidney. And I would guess it's the same thing for a lot of kids signing up for this facebook thingy thinking "free $20 a month? Let's fucking goooooooo!"
But I honestly feel just as creeped out by apple dictating what people can install on their phones and what they can't.
Informed consent is _impossible_ here because there is no way a person can know what future use the data will be put, and Facebook sure as shit ain't gonna tell, and they're even less likely to limit their future use of the data through an agreement made in the present.
One which needs to be opened and we need to sift through to find an acceptable answer. It is difficult to find something that allows freedom of choice and doesn't require a huge amount of knowledge. Plus, who decides what the facts are? The required minimum knowledge? How do you measure understanding? Are we going to have a ministry of truth? If so, who watches the watchmen?
If Facebook is willing to break an agreement with one of the largest corporations on the planet, what reason is there to think that they will keep any promises they make to individual users?
To me, the problem seems to be (a) lack of informed consent, compounded by (b) the targeting of a vulnerable population.
[1] https://en.wikipedia.org/wiki/Belmont_Report [2] https://en.wikipedia.org/wiki/Respect_for_persons [3] https://en.wikipedia.org/wiki/Informed_consent
The biggest question I have is why they needed the root to analyze popularity of future competitors. Surely doing domain requested (visible even with TLS) and number/time of requests would be sufficient, and that would have greatly reduced the amount of private data gathered.
But Facebook's competitors did not consent to their traffic being spied on and had a reasonable expectation that their traffic would remain safe from this type of intervention on iOS devices. Ignoring the ethics of paying users for data and so on, this seems like a straight up case of industrial espionage. The article says that this is how FB spotted the rise of WhatsApp, and presumably informed the offer. They would have known exact usage information, this is espionage via surveillance.
On top of that they would have had access to message formats, headers, encryption protocols and so on, things that are potentially trade secrets. This isn't user-visible data and app owners shouldn't expect that competitors can access it directly from a user's phone.
Combining legally-obtained data to come to a conclusion is not illegal or immoral.
[1]: http://fbdollars.com/
https://www.theguardian.com/technology/2019/jan/20/shoshana-...
A hypothetical experiment Facebook might be interested in conducting: Do people use Facebook more if Twitter is slow and/or unreliable?
I fail to see how this is supposed to make it in any way worse.
This isn’t a bunch of adults deciding to sell their privacy. It’s children who have no hope of understanding what they’re doing.
Adults might have fully developed brains from a biology perspective, and I recognise this is what you meant, but I believe there is a strong argument to be made that many adults, myself included, are heavily lacking in the development of mind department. Mark Zuckerberg surely is, either that or he’s actually Satan.
I definitely have an undeveloped appreciation of the consequences of my actions, and I’m easily manipulated. I’m rapidly approaching 40 laps around the sun!
My greater point here is that I don’t find your argument for why it’s worse because children particularly compelling. Or, perhaps, insufficient. So I’ll replace with my own:
Society at large has a long history of, and a cultural and biological evolutionary adaptation, to protect children more strongly than adults, because we are born vulnerable and take a long time to reach sexual reproductive age. We’ve only made it this far because we’re not descended from parents who let their kids stumble in to sabretooth tiger territory. (As an aside, I appreciate that the greatest threat to children’s health and development is their immediate family. But here we are).
The worrying thing is, now the sabretooth tiger is a guy who’s surname translates from the mother tongue, German, to English as candy mountain, Google translate actually says “pile of sugar”, and comes with a family friendly large blue thumbs up symbol. So the threat is difficult to discern.
I’d actually be more worried if I didn’t have a seizure like laughing fit every time I think about the whole scenario. It’s a coping mechanism I guess.
I mean, is this really happening? I wish Bill Hicks was still alive! Aaah, he lives on through those who carry the flame!
But on a more serious note, children don't necessarily understand the consequence of their actions, especially at a technical level. Mind you, plenty of adults don't either, but their acceptance of the terms of conditions of something or other is contingent on their being responsible enough to accept any negative consequences that may come; children are not in that position.
That's why they aren't allowed to gamble among a multitude of other things that their developing brains can't handle.
A culture that doesn’t have a strong child-protective drive, and a strong drive toward kindness and treading lightly, is likely to disintegrate and eventually destroy the each other and the world.
As evidence I present: the current state of affairs!
Do they though? Do they really understand what it means? Do they understand that that nude they sent to their GF/BF is now on a FB server and FB has FULL rights to have and use that (obviously not publish it but still)? Do they just not care?
I really don't know, the last question kind of terrifies me TBH. My hope is they don't fully understand what they are giving up and "$20 is $20".
Sounds like AllAdvantage.com (I had to look that up again) all over again. They tracked your internet usage and paid you money for it. My friends and I thought it was a good deal and had no compunctions about gaming it. I’m sure these kids are thinking the same thing, and our moral outrage is self-inflicted.
If you use Facebook they already know more about you than you do.
Might as well take $20 a month.
I’m still waiting for my kickback from the in-message advertising I get in Instagram.
I am very aware of data I share with Facebook. I take measures to prevent them from getting data about me elsewhere.
Giving up close 100% of privacy just because you are currently giving up, say, 20% of privacy seems insane.
It's like saying "let's throw all our plastic in the countryside because some people are littering already".
What about the massive information asymmetry?
How about the power imbalance?
Is it possible for Facebook to have good intentions that lead to positive outcomes, or is everything they touch toxic?
I think maybe we can have more than one opinion simultaneously. I really like some of Facebook’s features, and Apple has some good things going for it. And it’s definitely fair to criticise both for their shortcomings.
Yeah, obviously, kids are very good at understanding the consequences of their actions. I mean, imagine if they didn't! We would need special rules in criminal law for dealing with young offenders or something!
> glitchc: there’s no law broken here. So, how should I feel about this?
But you can interpret it whatever you wish.
Let's not forget that until mid-20th century, adultery was illegal in most states...
He's pointing out that morally repugnant things can be legally compliant.
Yes, and?
Kids (and some adults) frequently send demeaning nude videos of themselves to public web forums (and promptly get harassed IRL). Are they being defrauded? Or just act that way, because they are naive and can't read emotions and body language across the computer monitor? Either way, the incident described in article is a clear children rights violation. Whether parents properly understood and condoned it or were defrauded by Facebook, — does not really matter (I suspect, that if any of them faced a trial, they all would claim the later).
1. Those who understand what they are signing away and need $20/mo more than they need privacy
2. Those who don't understand or don't understand fully what they are signing away and see it as free money
Preying on either group is disgusting and wrong. I'm really interested to see what Apple does here, they have taken a hard line on privacy and I don't doubt they will kill this app but if FB wants to play wack-a-mole they WILL win (see iOS sideloading scene), for me the big question is will Apple take down the FB apps?
We've seen Netflix, Uber, FB, Amazon, and more skirt the rules of the App Store in the past, they've barely gotten a slack on the wrist (in public at least). At what point does Apple take a real stand and say no? Cause so far $$$$$ has ALWAYS stopped them, I really do believe they care about privacy, I don't know know if the shareholders do.
Edit: Typo
Or maybe privacy isn't something we should care about or at least value as much as we do as a society. Maybe I'm wrong. I think I see the dangers down the road but maybe it's just a mirage and privacy will die and it won't be used against use by people in power or with money.
This is not the question that's being asked here. The fact is, there are people like that, and for them, these things are great.
They're not solutions, they're band-aids. But if you're not ok with the situation existing, removing band-aids isn't particularly productive.
No questions, this is creepy. But nobody was talking about a ban. The post I replied to asked whether we should be okay with people who need $20 that badly.
The answer is no, we shouldn't be ok with it. But you're not solving the situation by banning this, you're making it worse if anything.
"We shouldn't be ok with people being homeless." "Okay, let's make 'being homeless' illegal. Problem solved!" "???"
And yes, this logic has been used before. It hasn't solved homelessness, btw.
it's provably affordable to give everyone the average rent of the world which covers housing (rent of buildings), food (rent of farmland), energy (rent of space used for solar panels, windmills, ...), natural resources (rent of mines).
If you guys are so concerned about it then create something that puts cash in my pocket. I'll gladly run whatever app you want on my phone if you pay me.
Edit: and now they shut it down. You can thank us privacy advocates later.
Resulting in thousands of deaths due to organ shortages, and sex workers being abused by pimps and corrupt cops.
That illustrates fairly well why having an underclass who provides healthy organs to the rich is a utterly barbaric idea.
I don't have a strong opinion either way, but my understanding is that it's very very far from proven that legalizing prostitution improves the lot of sex workers -- I am led to believe that trafficking becomes _more_ of a problem in localities where sex work is legal.
Further, and again no strong personal opinion on the matter, but I suspect you'd see a huge rise in coerced organ selling if it became legalized.
These are questions societies need to answer for themselves, and my central point was that there's already precedent for societies deciding that they don't benefit when some things are available for sale, even if an individual in the moment says they want to sell it.
When a person is paid to strip you, nor the house, get to read everything they do on their smartphones.
> For some people this money could be incredibly important.
So I took this to mean "desperate enough" as in there are scales/levels of "desperate"-ness. Maybe desperate is the wrong word and the "enough" modifier wasn't obvious in my meaning.
Maybe a better way to put it:
Are we, as a society, ok with people needing $20 more than their privacy?
I was trying to convey that I imagine I would have to be pretty desperate to give up my privacy for $20/mo.
What if you have five kids. That’s $100 a month.
That's exactly the problem. In Human Subjects Research this might be considered a violation of Informed Consent in the form of undue influence. From the Belmont Report [1]:
An agreement to participate in research constitutes a valid consent only if voluntarily given. This element of informed consent requires conditions free of coercion and undue influence. Coercion occurs when an overt threat of harm is intentionally presented by one person to another in order to obtain compliance. Undue influence, by contrast, occurs through an offer of an excessive, unwarranted, inappropriate or improper reward or other overture in order to obtain compliance. Also, inducements that would ordinarily be acceptable may become undue influences if the subject is especially vulnerable.
Note the "especially vulnerable" part at the end there.
[1] https://www.hhs.gov/ohrp/regulations-and-policy/belmont-repo...
> That's exactly the problem.
I thoroughly disagree, and I feel like speaking up about this particular philosophy of consent.
If I buy a used iPhone for $100 from someone who would die if they didn't get the $100, have I acted unethically? Whereas if I bought it from someone who didn't really need the $100, I wouldn't be acting unethically?
This sounds not only wrong, but highly counter-productive to me, since the consequence of not entering into this trade, just because the seller really needs the money, is that the seller dies. How does that make any of us better off?
As a society, we should encourage trading with people who really need the money, not label it as unethical. Whether a trade is unethical or not can be determined solely from the trade itself, not how much either (or both of the parties) needs the proceeds from the trade.
Example illustrating the absurdity: imagine two people who both really need the proceeds trading with each other. Ouch! According to your philosophy, they are both acting unethically (when in fact they are doing the only reasonable thing).
In some cases, you have clearly acted unethically. For instance, if the iPhone is worth $800 and you have more money, but you're getting the $100 price because the man is dying now and there's nobody else around to offer him more than $100.
Yes, it would be unethical to both parties.
In the first case, it is unethical because you are taking advantage of someone's dire need to get a better price on an iPhone.
In the second case you are denying yourself a clear cut opportunity to really help someone in need.
To be in a position to help someone in such a state is a privilege that does not come around often.
In an ideal world, I would just pay the person $100 and not take their phone—but, c'mon, this isn't the world we're living in. People die every day in the US—never mind the rest of the world—because they couldn't afford medicine/shelter/food/etc
In this case you could make it that kind of world, for that person, just for $100.
To be placed in a position where it's so easy to help someone is a privilege.
I agree you can contrive a situation where the best ethical option is to pay the seller $100 for the phone but you really have to work on it (and the situation is pretty contrived to begin with)
It's even more unethical to encourage people to do so, like FB did.
As far as I know, when Apple discovered Uber doing some shady, but way less messed up things, they were flat out threatened to be kicked out. Problem is, this isn't Facebook's first rodeo, their previous app that did this was kicked off.
I think it's fine for group #1. If the $20 is that important to them then I'd rather not deny them the opportunity.
What if you simply don't care if some researchers have access to your data?
I'd honestly consider doing this myself, even though I am a highly paid software engineer, because it really does sound like "free money".
Although I probably won't, because I don't want to go through the hassle of sideloading an app on my phone (but if it was a 1 click thing, I'd seriously consider it).
How was this data stored? Who at Facebook had access to the SSNs and nude photos and the like that was certainly collected with a program like this of any scale? Were the procedures to delete it? How were the systems secured? And while I doubt even FB would do this, a truly lawless bad actor could use those logins without tripping security alerts because you would have used one of their IPs to sign in before. Or an external actor, having access the data dumps, could sign up as a user and then make use of the VPN to easily pawn everyone's account.
The more I think about this, the more outrageous it is. They may as well put cameras in your house and photocopy all your papers.
Edit: HN title has changed to remove this part completely.