Android apps leaking data to Facebook

    • Android apps leaking data to Facebook

      I’ve been thinking a lot about this since I read the article and findings over a week ago. It’s probably old news by now, but just in case it’s been missed:

      Privacy international have used a MITM proxy to see what a collection of popular android apps are doing without user knowledge. They found that a lot of them send data to Facebook as soon as the app is open (over 60%), regardless of if you have a Facebook account. I verified this using a popular firewall app and some of the apps mentioned - on opening the app tries to communicate with a FB server using the Facebook SDK. This obviously presents a massive breach of the GDPR for EU users, but more importantly a massive failing on part of FB and a concern for all worldwide.

      The findings are here: privacyinternational.org/campa…ractions-facebook-android

      Leaked information ranges from the ‘benign’ such as your google ad ID (to track non FB users outside of the platform) to how many times you’ve opened and closed apps and what they are, and in the case of some apps, they communicated with FB how many children you have and your flight departure and destination info. Nice one FB...


      Sent from my iPhone using Tapatalk
    • Privacy? In the US telco providers even sell your location to everyone: motherboard.vice.com/en_us/art…-microbilt-zumigo-tmobile

      Some insights into why those companies are interested in collecting every information they can get of us to store infinitely: medium.com/s/story/the-complet…e-tracks-you-3c3abc10781d

      And we all help them by using Google DNS which provides the missing link to be able to track us across devices and generate insights about entities like households or who is a colleague of whom and so on...

    • Correct me if I am wrong, but you can disable Google tracking on an Android device for the most part. I think the reason the FB study is so interesting is because it does a lot of it without users or developers even being aware. You can choose to use a different DNS server, you can choose to not use Chrome and Google search... Firefox and DDG and disable all the Google privacy stuff in Android for example. Yet, this does not affect the FB SDK. I suppose it's very easy to misconstrue my post as "Oh my god! There are these big bad companies that track you!" when infact, what I am getting at is that the FB SDK findings take things to the next level. Users are unaware, not asked (GDPR) and there's no way to turn it off unless you just don't use the app. This is not the same kettle of fish as Google. It's close, but not the same.

      Oh, and Tapatalk banned me for that first post. Please could you unban me? :)

      The post was edited 1 time, last by _ellnic_ ().

    • I didn't adopt the "Smart Phone", or other android devices, because it was damxed obvious to me that they'd be impossible to secure. When they first came out, it was as if security wasn't even a consideration and no one appeared to be concerned in the least. I couldn't believe it.
      In any case, with current day integrated GPS device tracking, studies have been done for European cell phone companies in "human engineering". Given positioning data from a smart phone and a sufficient data sample, it's possible to predict where the phones' owner will be, on any day of the week and at a given time of day, with close to 80% accuracy. (With this kind of data available, "they" don't have to find you. They know where you're going to be.) And this unbelievably granular level of snooping has nothing to do with an app. All that's needed is for the phone to be "on".
      _____________________________________________________________

      Given the shenanagans of Google, ISP's and other DNS providers, I moved to running a recursive DNS server - "unbound". Pi-hole connects to it.
      Once entries are cached, unbound is faster than any public provider, bar none.

      But, there are plenty of other hooks out there for logging personal info and habits.

      Video Guides :!: New User Guide :!: Docker Guides :!: Pi-hole in Docker
      Good backup takes the "drama" out of computing.
      ____________________________________
      Primary: OMV 3.0.99, ThinkServer TS140, 12GB ECC, 32GB USB boot, 4TB+4TB zmirror, 3TB client backup.
      OMV 4.1.13, Intel Server SC5650HCBRP, 32GB ECC, 16GB USB boot, UnionFS+SNAPRAID
      Backup: OMV 4.1.9, Acer RC-111, 4GB, 32GB USB boot, 3TB+3TB zmirror, 4TB Rsync'ed disk
    • Users Online 1

      1 Guest