The problem is not really related to the OS but the libraries used in the apps.
Android is often used in research since it is easier to analyse an open system but I suspect the same issues are also found in iOS apps.
There are of course some differences. For example it is (was) easier for apps to run in the background on Android. It is also easier to detect and block them.
> Facebook is able to track you because Android developers of 3rd party apps (example: Indeed Job Search) implement Facebook’s Software Development Kit (SDK).
Shadow profiling isn't new and Facebook has been doing this for years. Perhaps for those who are seriously on the brink of 'tinfoilism' of avoiding these creatures who just can't stop tracking us, we need a Ad-blocker-like component that blocks the FBSDK embedded in other apps and is enabled OS-wide. (Like a Privacy Firewall)
uBlock Origin has done this for Firefox, Safari and Chrome, we an equivalent for these apps. Facebook will stop at nothing to connect everything even if you don't have an account.
Discounting someone's complaint because "This isn't new" isn't helpful. It doesn't need to be new to be a problem - Writing an article about it to raise awareness is a good idea.
Calling this tinfoilism is also not constructive. The author points out that data is being shared, in ways that even people who try to be privacy conscious may not be aware of, or have good ways to stop.
2. Set it to block all traffic to Facebook with two pre-filters:
*.facebook.com:*
facebook.com:*
There are probably more domains that can be added to this list, please suggest them.
3. Enable the firewall, use your apps and notice which ones contact Facebook in the 'Access Log' section.
4. And the most important part, do something about it. Either complain to the app developer/business or remove the app from your phone and never install it again. This is also the most difficult part as it requires you to put in the effort, or sacrifice some convenience, but if you are unwilling to stand up for your own principles then who will?
5. Spread the word, teach others how to do the same, and make the world a better place (just don't be pushy, nobody likes that). Try to lead by example, don't make others do something you haven't tried yourself, and explain the tradeoffs as unbiased as you can possible be, you'll get more credibility this way.
6. Long term, maybe vote for politicians that propose legislation to make such practices illegal? It's the only thing I can think of that has the potential to improve the situation for everyone. Otherwise companies will follow the money, and there is a lot of money to be made from surveillance in the advertising industry, plus free analitycs tools save time since businesses want the functionality, without needing to develop it themselves.
note that this may cause delays with whatsapp in sending/receiving messages. it also sometimes delays placing/receiving calls. you can temporarily disable noRootFirewall for critical times.
I don't know how whatsapp uses the facebook domain. It clearly needs the facebook domain to work optimally, but it is not critical.
Last year parts of fbs service went down. What's interesting is that WhatsApp, Instagram and Fb all broke in the same way in that people were unable to send or receive photos.
On Android 9 and above, you can also use the Private DNS with a DNS provider that blocks certain domains from resolving, like NextDNS.
The advantage is that it doesn't require an additional app, and doesn't require a on-device VPN (which always felt hacky to me, and prevents the use of a real VPN).
Possible disadvantage is that I've seen private DNS break connectivity on certain connections like captive portals (though I've now learned if my phone claims to have no internet access when connected to networks, its pretty much always this private DNS thing).
On Android 10 the default behavior is Block All and I need to enable every single app individually for wifi and cellular.
There's no popups for allowing connections on demand.
Further, turning this on breaks all network connectivity _except_ *.google.com. It's not compatible with Android 10/Q, I guess, per the warning at startup
A question to the HN crowd reporting with app development: what are the benefits of using the Facebook SDK? Do you consider these outweigh the privacy concerns?
To everyone else: be sure to watch the CCC presentation by Privacy International
At least in my language, Muslim & Islam have been used interchangeably; like Muslim Religion v/s Islam Religion like Christianity Religion, in Punjabi from India. Muslim person is called Musalmaan, like Christian Person.
17 comments
[ 3.0 ms ] story [ 46.2 ms ] threadhttps://getublockorigin.com, https://github.com/gorhill/uMatrix
Android is often used in research since it is easier to analyse an open system but I suspect the same issues are also found in iOS apps.
There are of course some differences. For example it is (was) easier for apps to run in the background on Android. It is also easier to detect and block them.
Shadow profiling isn't new and Facebook has been doing this for years. Perhaps for those who are seriously on the brink of 'tinfoilism' of avoiding these creatures who just can't stop tracking us, we need a Ad-blocker-like component that blocks the FBSDK embedded in other apps and is enabled OS-wide. (Like a Privacy Firewall)
uBlock Origin has done this for Firefox, Safari and Chrome, we an equivalent for these apps. Facebook will stop at nothing to connect everything even if you don't have an account.
Calling this tinfoilism is also not constructive. The author points out that data is being shared, in ways that even people who try to be privacy conscious may not be aware of, or have good ways to stop.
1. Install 'NoRoot Firewall' from the Play Store: https://play.google.com/store/apps/details?id=app.greyshirts... (unfortunately it is not available on FDroid, maybe somebody can suggest a FOSS alternative please).
2. Set it to block all traffic to Facebook with two pre-filters:
There are probably more domains that can be added to this list, please suggest them.3. Enable the firewall, use your apps and notice which ones contact Facebook in the 'Access Log' section.
4. And the most important part, do something about it. Either complain to the app developer/business or remove the app from your phone and never install it again. This is also the most difficult part as it requires you to put in the effort, or sacrifice some convenience, but if you are unwilling to stand up for your own principles then who will?
5. Spread the word, teach others how to do the same, and make the world a better place (just don't be pushy, nobody likes that). Try to lead by example, don't make others do something you haven't tried yourself, and explain the tradeoffs as unbiased as you can possible be, you'll get more credibility this way.
6. Long term, maybe vote for politicians that propose legislation to make such practices illegal? It's the only thing I can think of that has the potential to improve the situation for everyone. Otherwise companies will follow the money, and there is a lot of money to be made from surveillance in the advertising industry, plus free analitycs tools save time since businesses want the functionality, without needing to develop it themselves.
EDIT: formatting
The way I wrote them above is how they are displayed after successfully submitting the form.
note that this may cause delays with whatsapp in sending/receiving messages. it also sometimes delays placing/receiving calls. you can temporarily disable noRootFirewall for critical times. I don't know how whatsapp uses the facebook domain. It clearly needs the facebook domain to work optimally, but it is not critical.
[] https://github.com/StevenBlack/hosts/blob/master/alternates/...
The advantage is that it doesn't require an additional app, and doesn't require a on-device VPN (which always felt hacky to me, and prevents the use of a real VPN).
Possible disadvantage is that I've seen private DNS break connectivity on certain connections like captive portals (though I've now learned if my phone claims to have no internet access when connected to networks, its pretty much always this private DNS thing).
There's no popups for allowing connections on demand.
Further, turning this on breaks all network connectivity _except_ *.google.com. It's not compatible with Android 10/Q, I guess, per the warning at startup
To everyone else: be sure to watch the CCC presentation by Privacy International
If the author(s) lurks here: her religion is Islam.