This is an OS privacy bug, and isn't specific to Facebook. If an app does not have location permissions, it should not receive the geolocation portion of photos' EXIF metadata.
Well of course, but we all know Facebook isn't a responsible company and Apple shouldn't assume that every app in its store is made by a responsible company.
They're currently in court arguing about how they make users safer by curating the available software. Issues like this don't reflect well on that argument.
They could fix the problem regardless of whether the app was downloaded from the app store, a third party store, or just sideloaded, so I don't see what you're getting at.
It sounds like you are saying this issue is irrelevant to the App Store.
So how can it reflect badly on their case?
The way it reflects well, is to notice that this is a small hole in their privacy measures which can easily be fixed, and the only reason we are talking about it is that for the most part their privacy controls work well. I.e. it demonstrates their seriousness about privacy.
Because these privacy violations are happening despite their locked down App Store.
> The way it reflects well, is to notice that this is a small hole in their privacy measures which can easily be fixed
Sure, it reflects well on Apple as a whole, but not on the app store. This issue is just as easy to fix for sideloaded apps because it's related to OS level permissions which sideloaded apps would still be subject to.
> Because these privacy violations are happening despite their locked down App Store.
That’s an obviously false comparison. You are comparing against a perfect world, not against the real world.
A valid comparison is against what privacy violations would be happening without the App Store.
As a simple example, we know for certain that Facebook would be a doing a lot more tracking without the App Store, because they have told us in public that they would.
Therefore the App Store is in fact protecting users against large categories of privacy concerns, and this easily corrected hole doesn’t change that.
> That’s an obviously false comparison. You are comparing against a perfect world, not against the real world.
No I'm not, I'm comparing against a world where Apple allows sideloading, and this privacy issue exists in both.
> because they have told us in public that they would.
Source? Apple's new add tracking opt-in thing is on the OS level the same way this location tracking issue is. It would still work if the Facebook app was sideloaded from what I understand.
> Apple's new add tracking opt-in thing is on the OS level the same way this location tracking issue is.
This is a complete misunderstanding of how it works. Apple provides a mechanism for apps to use to identify users who opt-in.
The only thing preventing developers from just ignoring this and using fingerprinting or other identifiers is the App Store rules. A whole bunch of apps have been banned or otherwise forced to stop doing this.
€ It would still work if the Facebook app was sideloaded from what I understand.
No. If the app were sideloaded, Facebook would just implement a fingerprinting solution or provide their own identifier, and ignore Apple’s mechanism.
I could not find any quote like this..not sure why you think it's so trivial to find.
> No. If the app were sideloaded, Facebook would just implement a fingerprinting solution or provide their own identifier, and ignore Apple’s mechanism.
You mean like how they ignored Apples location sharing mechanism and maliciously opened your photos to read metadata?
Or the one a few years back about playing silent audio tracks to stay open in the background?
> I could not find any quote like this..not sure why you think it's so trivial to find.
You won’t find a ‘quote’, but it it’s trivial to educate yourself on this mechanism. E.g. Apple’s documentation. Various articles about ad tracking transparency, etc.
If you haven’t read the technical materials about the subject, why do you claim to understand it?
> You mean like how they ignored Apples location sharing mechanism and maliciously opened your photos to read metadata?
There is no rule against reading the metadata. Yes it’s malicious, but Apple doesn’t currently have grounds for removing the app. The correct solution is to stop leaving the metadata in the file.
> Or the one a few years back about playing silent audio tracks to stay open in the background?
That one was indeed solved by a rule change.
But why do you mention these?
Presumably to support your claim that sideloading would be no different from the App Store when it comes to privacy.
If you understood the mechanisms, you’d know this was false.
You come off as making an ad hominem attack, saying that this information is trivial and if the replier can’t find it then they shouldn’t be commenting on the subject.
If it is true that iOS’s permission model is done on the App Store level and not the OS level, which I doubt by the way, then that is a flaw on Apple’s part and should be fixed.
Otherwise we are relying on arbitrary App Store rules to protect our privacy and security, instead of baked in constructs in the OS. I’m skeptical that Apple would do something so shortsighted.
> You come off as making an ad hominem attack, saying that this information is trivial and if the replier can’t find it then they shouldn’t be commenting on the subject.
It’s not an ad hominem. The commenter made a false assertion about how the mechanism works, which is easily checked.
I’ve pointed to where they can check it. The App Store rules, and apples tech docs. There are also other articles with background.
> If it is true that iOS’s permission model is done on the App Store level and not the OS level, which I doubt by the way,
So you don’t know how this works.
> then that is a flaw on Apple’s part and should be fixed. Otherwise we are relying on arbitrary App Store rules to protect our privacy and security,
That’s exactly what many of the App Store rules are for.
> instead of baked in constructs in the OS.
They don’t rely on the App Store rules ‘instead’. They rely on them in conjunction.
It’s not as easy as you think to rely on baked in constructs in the OS.
A trivial example is that such constructs cannot detect text that lies to the user about why a permission is granted.
Another example is that such constructs can’t prevent an app from communicating with a fingerprinting service or using a
These have to be done by policy.
> I’m skeptical that Apple would do something so shortsighted.
Not really sure what to make of this comment, since you don’t present an accurate model of what Apple is actually ‘doing’.
>> because they (Facebook) have told us in public that they would
They have.
>> You can trivially check this yourself.
You can.
>> You won’t find a ‘quote’
You won’t find a ‘quote’ - that was your word. We’re talking about a technical and legal mechanism here. You will find documents. I’ve told you which ones.
> You're backpedalling
Clearly not.
> and it's really unclear what you're talking about,
That’s because you haven’t taken the steps needed to understand.
> leading me to assume you're making it up or misrepresenting something.
That’s and unfortunate and incorrect assumption. You can check but you choose not to.
Perhaps it’s not trivial for you to check this. Maybe you are unable to make sense of technical and legal documents for yourself. If so, I am sorry to have assumed that you could.
> If it's so trivial to find why can't you produce it?
I have told you where to look. It doesn’t seem like you want to. Perhaps you are unable.
Any bug/feature Facebook uses is also technically available to other apps on the platform, Facebook does not have privileged or first party access to the platform after all.
The only difference is their size and capability to retaliate as compared to any other App developer.
I don’t think that’s a sufficient fix though. E.g. many people may enable location sharing to messenger for legitimate uses like meeting up with friends in public places, and for a “15m of location shared to friend” feature they would need to turn location sharing up to at least the “allow while app is running” setting, but people doing that would surely not also intend for the app to also get the location of every photo they send to their friends (including photos that the OS(?) automatically tags with the current location when they are saved)
I'm not a privacy engineer, but the way I would expect it to work is that if you turn on location sharing for "while the app is running", then the app should get EXIF location data only for pictures you take while the app is running.
Beginning to think the reason security is so difficult is because ostensibly "good" companies do everything an attacker does and worse, but under the guise of EULAs.
Here's a thought experiement: If Facebook were malware, could you get rid of it?
Malware is any software intentionally designed to cause damage to a computer, server, client, or computer network. A wide variety of malware types exist, including computer viruses, worms, Trojan horses, ransomware, spyware, adware, rogue software, wiper and scareware.
Most advertising behaves like spyware for targeting purposes. It would be fine if it was consensual, but it's basically never the case.
> scareware
This is more about the ad's content than the concept of advertising itself, but online advertising is essentially the wild west and advertising platforms happen to get away with serving misleading ads that use scare tactics to get the user to do something against their best interests (sometimes even downloading actual malware).
You can remove it ‘for the user’ using ADB. This basically disables it unless you factory restore the phone. I believe you have to use ‘pm list packages’ and grep for anything with Facebook or Katana.
The problem isn't that data is being harvested when they use Facebook, it's also that data is being harvested behind their back with FB stalking everything they do online (since the majority of websites and apps include FB malware) and linking it back to their user profile.
Clearly most people aren't aware of that (nor are they happy with it) given that some people even have the impression that Facebook is literally listening to conversations.
For me it's not that I don't care, but I reason the data stealing as their form of payment for providing a free useful service to me. I try to limit the data I give them, but I still see the data gathering as their win in our nonzero (win win) game.
> but I reason the data stealing as their form of payment for providing a free useful service to me
In this case, they could very well be transparent about it, and comply with local laws/regulations (such as the GDPR).
When companies comply (or Apple forces them to - like with App Tracking Transparency), it's clear that the majority of people do not consider this a fair deal and opt-out.
Not sure you'd need everyone, it would be a product.
Apple has been aiming to become that product, because I've said before that Apple is primarily a privacy company with a bunch of entertainment features. It also means that competing with Apple isn't about design, it's also mainly about providing privacy. Their whole recipe is the complementary packaging of the two orthogonal concepts of entertainment and privacy.
Looking forward to 2060 when you can't participate in society any more unless you connect your brain to a cloud run by a facebook subsidiary, giving them access to all your thoughts, memories, etc. Everyone is connected to it. What's your problem?
Geez, even the author of this piece is "Founder/CEO of Digital Barriers, which develops advanced surveillance technologies for frontline security and defence agencies as well as commercial organizations in the US, Europe and Asia. The company is at the forefront of AI-based surveillance."
i use jailbreak to control my location better - i can more easily de/activate it and spoof my location.
Now, I noticed a weird behaviour. I am not sure if its a 'bug' due to jailbreak, or if it shows how apps can access location.
The setup is as follows: location services are completely deactivated system-wide. a spoof location is set.
This means, I am not able in any way to access/share my location, neither the real nor the spoofed one.
However, when someone shares a location with me, upon displaying it on a map, instead of the location shared the spoofed one will be displayed along the correct address of the shared location.
ok, i dont know how iOS manages location services. still it is not nice at all to see that somehow an app can access a location, even if its spoofed and by error.
regarding the article: you can tell your phone not to give fb any location data. but why would you take a picture with location data and upload it to facebook? its so obvious and straight-forward that the user simply undermines his own privacy.
It's not obvious. You are uploading a photo to send to a friend, you don't know or expect that where this photo was taken is automatically used by Facebook to target you. Hell, most people wouldn't even know that the EXIF has the location.
Slight tangent, but Relay for reddit[0] (an Android reddit client) has fixed this problem, in my opinion.
Whenever a video comes up that could play audio, it is automatically muted and a UI element appears for the user to unmute it. This means that I know if a video has audio along with it, even if my phone is on silent. It has the added bonus of not embarrassing me in public if a loud video comes on.
I'm not sure if this feature is turned on by default, but it's just a neat solution to this problem that I think it should be.
Imho there is kind of a responsibility to the user to know what he is doing and what his actions do imply.
If you take an image with a GPS enabled camera, yes that information along others can be saved as metadata.
Sure, tech companies try to abstract the functionalities, making it more difficult to see and understand. Still, this can not be an excuse to just do things not unknowingly.
To be fair, this is more of a legal and ethical problem than a technology problem.
Photo geolocation metadata has legitimate uses, the problem isn't that the metadata is there per-se but that it's being used for nefarious purposes without the user's knowledge nor consent.
Technology could help out here, though. It would be nice for there to also be an explicit switch in device settings allowing the user to choose whether the GPS data should be included when the camera takes a photo. This would be separate from location services being enabled.
> why would you take a picture with location data and upload it to facebook
You could argue that most people don't know the location data is there. But at the same time, if you're doing something you want to keep secret, you probably shouldn't be uploading pictures of it to Facebook anyway.
Unfortunately it's not that simple for everyone. I personally would lose contact with a lot of people if I delete Messenger or Whatsapp. On all my contacts, I have two on Signal, zero on Matrix.
It is though. It's astonishing how little people are willing to sacrifice for their ideals.
If you don't have an issue with Facebook then disregard and continue using their services. If you do have a problem then try being the change you want to see. Tend your garden. You cannot control other people but you can control yourself.
"Be the change you want to see" doesn't really work for society level collective action problems. My concern with Facebook isn't that they have too much information about me, it is that they know too much about my country's citizens in aggregate (and thus can manipulate them). Whether I opt out has a real impact on me, but zero impact on whether they can run disinformation campaigns and swing elections.
>Whether I opt out has a real impact on me, but zero impact on whether they can run disinformation campaigns and swing elections.
Being the change you want to see doesn't automatically mean the world changes. It just means live with principles regardless of external factors. You don't like Facebook? Then don't use Facebook. It's as simple as that. Others can take it or leave it.
I just see it as people complaining about Facebook while continuing to use Facebook so it must not be a very big deal to them.
The two actions people can take are:
1. Delete Facebook apps, Whatsapp and IG. This can have low to high utility loss for you, but has negligible effect on Facebook. It would have a bad effect for me, who has many family members and friends connected on whatsapp and needs whatsapp to connect to anyone whom I meet in my country.
2. Lead a movement to switch away from these apps. This has an insanely high overhead, and requires significant organisation of people and a large individual commitment. This would have a significant effect on Facebook.
This is how I view the problem. This is not an example of people being unwilling to act on their ideals. It's a situation where acting on their ideals would cause them a significant burden with no effect, and causing the intended change would require ridiculously large effort.
Facebook makes it easier, but it is not like friends did not keep in touch before Facebook. I regularly send SMS/ email friends I make it point to spend writing and replying to mails regularly.
Sure, occasionally people get frustrated that you are not on these platforms, however I ended up being lot more responsive and attentive to non social media forms of communication. Social media is usually low effort, I rather have one person wishing me with personal email on my birthday, rather than hundreds of meaningless FB posts.
It was actually harder for business contacts than personal, customers want to chat in whatever works for them, harder to say no to someone paying you. However Teams/Slack has helped a lot and dose of compliance reasons which customers find easier to go along with.
I deleted all social about 5 years ago I did notice a narrowing of my friend circle. However, I also noticed a net uptick in my own personal happiness. There will be tradeoffs that you have to consider and figure out what is best for you. I personally believe that social media in general is responsible for a lot of the problems in our society, so take my opinion with appropriate grains of salt.
I believe that forcing such companies to respect privacy better is the right solution.
Deleting the Facebook owned applications from my phone would achieve close to nothing positive. I may convince a few family members and good friends to use another application only for me, but I will lose a lot of relations and Facebook wouldn't care. However I also did work in small research studies to expose to everyone the bad practices of some companies about privacy. It's not much but it helps when our governments make laws such as the GDPR.
I stopped using Facebook and just started phoning and texting people a few years ago. Almost all the contact you have with people on Facebook is fake, it’s mostly sharing memes and news. It’s more personal to do that over the phone. I think I’m closer with almost everyone since leaving Facebook. Most of my contacts have installed signal of their own accord at some point too which is weird but pleasant
This probably works ok if all of your friends live in the same country as you (and that country still widely uses SMS). However it turns out that international calls/texts are still an expensive minefield, and folks who move around internationally don't have stable phone numbers (since those are tied to country). And as a result, WhatsApp/Messenger is the only viable communication method for a lot of folks.
If all your friends use WhatsApp/Messenger sure that works. However if you have friends in China you need WeChat, in some places Line is the main platform. Some people tend to use Google Hangouts or FaceTime only . A lot of friends do not want use any FB products and will use Signal/Telegram etc
Even if SMS is expensive, email is still quite free. It works almost like SMS/messaging on phone, you get push notifications on your phone and you respond.
I move around about countries every few months, keeping a VOIP/Skype phone number as the number anyone can reach you at works for me, while my local number is more for getting an internet connection and occasionally for signups to local apps (like rideshares, food delivery etc) that reject some VoIP numbers .
This doesn't provide end-to-end-encryption for WhatsApp so I'd actually call this worse than just using WhatsApp in the first place. Facebook gets all the data and your messages are stored somewhere (either at Beeper or on your own server) as plaintext.
But it frees you from having to have on your phone sketchy closed-source software from a an evil tech empire for whom you are the product. That's worth a lot. And you can self-host matrix bridges that will do this.
Facebook doesn't have access to WhatsApp messages. WhatsApp uses the same end-to-end encryption protocol as Signal. We know this is true because the app has been extensively reverse engineered to create these third party clients among other reasons.
WhatsApp is closed source, so you have no idea what it's doing. And they can push an update doing whatever they wish to you at any moment. You have to rely on Facebook pinky-swearing that it is what they say it is. And I promise you it isn't what they say it is.
Being open source isn't necessary or sufficient to be able to audit a piece of software. Software can be audited even if it's closed source (for example by reverse engineering, although it's more difficult), and even if it's open source it might still be impractically difficult for non-experts to audit.
WhatsApp client is made by Facebook. It must see plaintext so it can put it on the screen. If it doesn’t send it anywhere yet, good - but it’s borrowed time.
Yes, they very publicly state that they do not have access and I have yet to see a reason to not believe them in that regard.
All big Facebook data leaks and hacks have just exploited not very well known APIs or badly set privacy settings. But nothing that was secret.
Q: Why would Iran block Signal but not WhatsApp if they actually use the exact same protocol?
A: Because Facebook has cut a deal with the regime to give them access to things they could not get access to with Signal
I suppose it could be that blocking WhatsApp would cause too much disruption, so the Iranian regime tolerates it for now, but I put much more weight on Facebook just rolling over.
There are other instances of WhatsApp being allowed and other allegedly as-secure platforms being banned. It could be chance or network effects, but my guess is that Facebook has built in tools to comply with those regimes' spying demands. Perhaps they even push locale-specific versions of the app.
Law enforcement has access to a list of people who forwarded particular links or media.
This indicates that e2e has some bypasses or exceptions. It would be pretty much impossible to unearth the details though.
Use the web-app version on Firefox with the "Facebook container" extension, and just add an icon to the home-screen that links to it. (Note this is for fb not WhatsApp, in which case you'd have to consider alternatives like Telegram and Signal)
With respect, I don’t understand your comment. You’re saying Facebook provides you utility. Well, FBs business model is they provide you a service in exchange for your data. You have the option of engaging in that transaction — using their service in exchange for your data. Or you have the option of not using their service.
Legally, I’m not sure how you can have it both ways, aside from either FB offering a paid tier (you pay cash instead of providing your data), or we shut FB down entirely.
What exactly do you believe is the solution?
Personally, I think social media is more harm than good. I don’t want to ban or control social media companies (my local officials aren’t even capable of keeping drugs and homeless addicts off school grounds, let alone dictating internet regulation). My personal choice is to not use it.
The point f6v was making (I think) was that the same argument above, against using something else, was used by the email users of the day ("everybody is using email, why should I use ICQ or MSN etc."). But then eventually the tide changes. It's just difficult and lonely to be the first :)
People used to send writing on paper in an envelope. Some still do. Perhaps one thing that’s not being said is the degree we each care about communication relative to how we communicate; this is a very personal topic. I am one who deleted all social media (except HN; joined recently because the stress of it is lower and I still like to share) and one who is comfortable with the slow pace of letters and email-as-letters. I’m of the Star Wars generation, growing up with computers and still knowing what is was like to place orders by calling on a rotary phone the number on the back of the catalog.
I really hate it when people say “just delete Facebook apps”. I would lose touch with almost everyone I know. They either use Facebook or WhatsApp, I can’t justify deleting either.
Actually these type of situation show who are your friends. Your friends will call you, text you and arrange meets. And There’s FaceTime if your far from friend. Stop relying on Facebook to connect you…
Excuse me, but what? My friends text and call me through WhatsApp or Facebook. If anything, me ditching those two services would justify them not reaching out, because it implies I’m the difficult one. Me making it difficult to be reached does not mean they’re not my friends.
EDIT:
> And There’s FaceTime if your far from friend. Stop relying on Facebook to connect you…
I'm not even sure to describe how ignorant this comment is. Even if I stop relying on Facebook to connect me. Now I'm relying to Apple to connect me? Am I supposed to tell me friends that because I don't use Facebook, they should all buy an iPhone to connect with me?
>Me making it difficult to be reached does not mean they’re not my friends.
Is phone and SMS considered 'difficult' now? Everyone I know simply uses SMS and phone calls.
I suppose if you have globally distributed friends groups, this could be difficult, otherwise I don't see why. You give up a few features and it's not the most secure but it's a viable alternative almost everyone has access to.
Well, I live abroad, my family and friends have various group chats on WhatsApp and Messenger. I can’t blame them for not wanting to include me, since it would cost them quite a bit of money to text or call me.
Plus, phone calls are quite different from general text messages. Messages allows anyone to reply on a time they’re free for it.
So in general, yes, SMS is considered difficult, in my situation.
The main thing that WhatsApp and Messenger gave me was the ability to stay in touch with anyone I knew, wherever they lived. SMS just doesn’t cut it; huge fees and no groups. There’s really no alternative.
Doesn't email and mailing groups not exist any more ?.
It is kind of funny as every Andriod or iOS phone user effectively gets an email account as part of their access to the platform so it not like this generation doesn't have email.
Also everyone uses email for app registrations, bank accounts and for some formal communication so it not like they don't know how to use either.
It seems we have forgotten that we did live abroad and kept in touch via tools with no vendor lock twenty years ago, telecom (SMS/phone) was lot more expensive then as well.
Ultimately use what you like if you find WhatsApp more useful sure, however forcing a vendor locked in platform on to others I find is incredibly rude.
I am not forcing you to lock into a vendor when I call/SMS/email you.
Email does exist, but it just doesn’t feel the same. I don’t feel like I’m having a real time conversation when using email. Email is not instantaneous, so making plans can take a couple of hours, compared to a couple of minutes.
I haven’t forgotten the days of SMS/email, it’s just that instant messaging made things a lot easier.
I just don’t understand those arguments. It’s like agreeing to carpool with a group of friends, then suddenly you decide to move to another town. They’re not bad friends for not wanting to pick you up, it’s just not convenient anymore.
You’re seriously twisting things to somehow make a point. I don’t understand why you have to respond with such a demeaning comment in the first place.
Over the last 5-10 years I’ve established quite a few chatrooms with multiple friends. Me somehow now demanding they switch over and respect my privacy is ridiculous.
And yes, I already use Signal and Telegram with people who use it. I just don’t go around demanding every single person I know switches over, just because I say so.
The feature exists but the overall quality and variety just aren't the same. For whatever reason, people get comfortable with the familiar and even a cosmetic change creates a barrier.
> I can't even figure out how to use it from my mobile device without installing an app.
I believe that's deliberate. The mobile web version of Facebook used to support personal messaging. In 2016 they removed it in an effort to push people onto the app.
> Your Page's Inbox is not currently available in the
> Facebook app or mobile web browsers. You can access
> your messages through a desktop browser, or by
> downloading Facebook Business Suite or Messenger
> from the app store.
In one comment on HN[0], a user suggested:
> You may need to access the page by clicking a link
> from another mbasic page in order to have some kind
> of checksum in the URL.
Another user replied that they were able to get access to the page with that method[1], but I haven't been able to replicate it.
Messaging was still available for a long time through mbasic.facebook.com up until very recently.
They removed that feature at the time their last big messenger outage happened.
messenger.com still works on Android Firefox as long as you switch to desktop mode.
Not sure for how long though, as it looks as if they are constantly sabotaging their platform. ..and it shows: Facebook Messenger feels far less relevant than maybe ten years ago.
In my German peer group everyone now uses either WhatsApp or Signal for private and Teams+email for work related communication.
not a single day goes by without the company taking a crap in some corner.
my proposal is more radical. rally to ban FB in that country. incentivize local companies to come up with alternative solutions.
zuck and his comrades have no business poking their noses into foreigners medical data anyway. it would also avoid less taxes being lost on facebooks Double Irish tax evasion. treat them like the cancer they are. don't celebrate FB engineers and call them out for the useful idiots they are.
> incentivize local companies to come up with alternative solutions.
Living in a country where local social networks are more popular with general population than foreign ones (Russia), I'd rather prefer FAANG. "Local companies" may sound good because the word "local" has some nice connotations, like your "local store" or "local coffee shop". But in reality, "local companies" do all the bad stuff that Facebook does, and also go above and beyond to cooperate with the state against the protesters or any political dissidents. And they're also not as good at writing software, so these networks have significantly worse design and a lot more bugs.
There are millions of example where people want to solve a problem, think that they will be able to do it with government regulation, and end up with a situation that is much worse. But even among them, this is a case where it could only make situation worse. And much, much worse.
To "see exactly what's going on", you would need to be sure of what's happening on the server, and I don't know how to do that for sure except for the blockchain.
Meanwhile, here in the real world, let's stick to the better one of the bad choices we have.
You're making a good point. We can, however, write software that makes certain guarantees on the client side. If I'm the only one with the encryption keys, does it really matter what the server does?
This is the basic idea behind zero-knowledge systems using homomorphic encryption to do very cool things.
Or ban it from iPhone for one or two versions so they stop this one tracking. Then repeat often enough that people start thinking it is uncertain that FB/WA be available, and don’t require WA to book a doctor’s appointment.
No, you can’t. If you call them they won’t answer and will just write you on WhatsApp to ask what you wanted. If you SMS, no reply or they will reply on WhatsApp.
One reason is because a lot of phone plans include few or no calls/SMS but include unlimited Whatsapp. When one app is completely ubiquitous in a society and free, people will simply not understand why you want to do something a different way and will often wonder if you’re trying to scam them.
I don't know about Facebook but here in Sweden we have several systems where you need to use Google, and of course accept Google's terms in order to do that.
One example is the health care centers and hospitals that uses Google Maps. Another example being the schools that forces the students to use Chromebooks (and apps like GMail, Google Classroom, Google Docs, etc), and Google forms for requesting information about the kids need for after school care.
I do not like that Google get to know when I need to visit the hospital, or collect information about my children's activities in school. But currently we do not have an option.
It would be pretty infeasible to live in Spain without WhatsApp. Many phone plans here don't include unlimited free SMS and calls, so quite a few folks just don't receive them. Instead they send messages and short voice memos back and forth over WhatsApp.
that's exactly i was hoping for : no answer. <relief>
we 'd be truly screwed if crappy WA would be adamand for such in any given country, even Putinocchio's, Xi's or KJU's. that country 'd be even more crappier than WA, and all FB-associated, which in turn would be quite an achievement on quite a, literally and metaphorically, negative scale in its own right
It occurred to me after posting that there are likely places where healthcare is mostly private companies / practicioners and most would have no enforced accessibility requirements.
Yeah. This is not particularly a Facebook problem. And it certainly is not an iPhone exclusive one. I would be willing to bet my 2¢ that Apple photo backups store your photos with exif data. Should be trivially easy to strip this info and "track" you as well. Am not seeing anyone crying over this.
I love the location data. I couldn’t live without on my iPhone / iCloud. It’s great for pulling up pictures of which you remember the place but not the time for example.
> Should be trivially easy [for Apple] to strip this info and "track" you as well.
The issue is that you are telling Facebook to not use your location data for marketing, then they are finding out your location via another method and then using it for marketing (based on a loophole in their privacy agreement).
None can be trusted. Doesn't matter what either party claims to sell/not sell. Google started off with "Do no evil" as a motto at some point in its history.
“Do no evil” is idealism. “Don’t undermine our marketing to grab data assets that don’t align with our business model” is cold self-interest.
I have much more faith in a company staying true to the latter. Not 100% faith, because their assessment of what business model to pursue can change, but it’s certainly not comparable in flakiness to corporate idealism.
I mean, if you’re backing your phone up, you’re basically giving them free reign over your life. Of course there’s location data, and there’s every conversation you’ve ever had on there too.
It’s a matter of expectations: You’re handing your data over to Apple for them to back it up; You’re sending photos via Facebook to share it with friends, and location data isn’t shown anywhere.
Apple explicitly uses the EXIF data in their Photos app by displaying and organising the photos by location. I do not believe that it’s used for more than user-facing features (and training said features).
In what way is having valuable exif data that I use for tracking hikes and vacations being stored safely in my online backups the same as Facebook scraping that exif data to invade my privacy?
The false equivalencies in this thread are almost overwhelming.
>“Facebook marketing is generally dominated by iOS,” one ad industry article laments, “it’s pretty safe to assume Facebook has lost at least half their data, arguably the most valuable half.”
That's surprising. Facebook has a global reach and can run on damn near anything with a screen. I'm surprised iOS makes up such disproportionate part of its revenue.
This would make sense if Facebook's business model was selling communications services to people, in which case people would just pay and indeed it wouldn't really matter whether they're running an iPhone or something else.
The problem is that Facebook's business model is to sell out their userbase to the highest bidder, and the bids are significantly higher for iOS users who are considered good marks for ads compared to some generic feature-phone users.
A user can disable geo-tagging or the better(?) disable precise location in Settings.app > Privacy > Camera.
Like mentioned in the article, there a lot of EXIF strips in Appstore too but I’m not sure if a regular user would take the road of take photo > go to exif stripper > delete exif on photo > save the photo > go to facebook > upload to facebook
You lose useful features like finding photos based on location if you don't remember the date it was taken.
I think the better option is:
(1) Make it obvious when location data is being included with a photograph, and exclude it by default - especially if the app doesn't already have Precise Location access.
(2) Apps that manage your entire photo library and all its EXIF data (think Amazon Photos / Google Photos, or an app to bulk import photos from a DSLR camera or something) should have to apply to Apple to get that specific entitlement- and social media apps should not qualify. But in this case, they shouldn't need Precise Location access to get access to all the EXIF data.
Personally, I use a Shortcut to be able to share photos without metadata. It works very well. It's the one included with iVerify, but there are free ones in the Shortcuts library.
Yes, the iOS photo library API should really strip out the EXIF data before passing to apps unless the user has let them have access to it - I bet this will be added at some point.
Facebook would like to access your photos:
Select Photos
All Photos
Strip location and other metadata
The issue with tying metadata access to the Location permission is genuine Photo Library apps (eg. from Amazon / Google) typically are not given Precise Location access. There are some edge cases that need to be considered carefully, but there has been a lot of inaction from Apple on this issue - for years!
That is a very useful feature to have though - for personal use. As a privacy nut I always make sure it is turned on.
Then again, I don't use facebook and I do strip exif if I want to upload a photo somewhere I don't want to share my location. (and I can do this with termux and the same tool I'd use this on my PC, just run exiftool -all= foo.jpg)
I get that it is not a sensible solution for the average user. But the problem is not exif-tags. It is facebook and the current ad ecosystem.
On android a file-picker that could optionally remove exif-data when a file is chosen seems like an easy workaround for the time being.
I think the more obvious option is for Apple to fold in a privacy setting to each app for photos, alongisde the one that controls which photos are avaialble, so that you can choose on a per-app basis whether the OS strips exif data prior to making those photos available to the app.
It exists : when the sharing panel appears, there is little blue « Options » (or maybe Settings in English) link on the top of the screen. There you can choose to share the picture without location.
Maybe I misunderstood your message. I tried to share a photo from my iPhone to a whatsapp chat and I could not find any way to remove location data.
On the other hand, this article says that you can do that when you start from the photo album and ask to share to someone else. Is this what you meant?
You have to uncheck the inclusion of location data every single time though. Really annoying and easy to forget. It also requires you (naturally) to prohibit apps like WhatsApp from accessing your photo library.
If you’re concerned about this, you can stop Facebook getting this data by sharing from the Photos app. It gives you the option to strip EXIF data in the share sheet.
With all of the complexity of tracking technology, protocols and data laws I'm wondering whether these findings are also revelations to FB.
I'm not shilling for them but just wondering whether some of these results are a direct consequence of the nature of the systems rather than nefarious design
Some set of developers wrote code to extract the location metadata and feed it to their tracking system for advertising purposes. How can that be just some emergent property? Actual human beings held meetings about it and worked long hours getting it done. It's hard to see your claim as not "shilling" for them.
This is likely the truth, code blindly extracts metadata from the photos without being aware of the privacy permissions. Doesn’t excuse it but outlines that a developer can have good intent but bad outcomes.
I'd love to see a detailed analysis / reverse engineering that targets how 'legitimate interest' settings really works in these forms. This form in particular pre-selects all 'legitimate interest' switches and requires me to click them all, one by one. Does it really change anything? What does it change? What if I left them selected?
A quick look at their privacy policy [1] brings up:
> Forbes may also process certain user information on the basis of the following legitimate interests, provided that such interests are not overridden by your privacy rights and interests: delivering and continuing to develop and improve the Site, learning from your behavior on the Site (e.g., analyzing traffic) to better serve you and other Site users, helping us modify or enhance the Site and its content, receiving insight as to what users do (and don’t) like about our Site or aspects thereof, and providing a stable, consistent, and secure user experience in connection with the Site.
I understood this as 'unless your privacy rights and interests prohibit us, we'll process your data' (TINLA). Still, would be nice to know how do they check for an individual's privacy rights.
Yeah, it's a dark pattern, illegal under the GDPR, and I'd love to see a prosecution under it. It's making the entire consent form a farce, because they do not obey the "No, I do not give consent". You actually have to go through and say "Not only do I not give consent, but I also object to you doing it against my consent".
I wouldn’t be celebrating WA->Telegram as a great win, telegram is not encrypted end2end and stores the plaintext on their servers. So folks have switched from giving Zuck metadata, to giving Durov their messages.
- back when I started moving groups WhatsApp wasn't E2E-encrypted
- one of those (Zuck and Durov) is a known bad guy and it isn't Durov. The other might or might not be a bad guy, but if he is he is truly hiding it well for now.
- also once I have managed to get people to understand that multiple messengers exist I hope much of the work is done already and the first groups have already been on Telegram so long that I might start to push them towards Matrix without triggering any bad feelings. (Yep, possible: the oldest one I've seen jumping from WhatsApp to Telegram with no issues at all must have been well over 80.)
My large, extended family and many of my friends are all on Facebook, keeping update to date during COVID. Sharing baby photos and other life events, starting businesses as they lose their jobs, sharing grief and support as my uncle nears his end.
But sure, let's continue to victim shame and blame here.
Maybe I’m just not as social as others, but when I stopped using Facebook I never really missed those things. If some life change happens for someone I’m not talking to regularly via other means anyway, not learning about it on Facebook doesn’t really impact me. And, for people I do talk to regularly, I hear about it the next time we connect on a call, text, or in person. I actually end up with more to talk about because I haven’t passively consumed information about them.
When my grandmother passed due to COVID, my family called and texted each other and offered support in plenty of ways outside of Facebook, despite most of them being heavy users.
Everyone’s situation is going to be different, but it may be be as impactful as you think to drop Facebook. It’s addictive to read about people’s updates all day but it may not actually add much to your life and you may find the connections you have with people instead more meaningful as I have.
m.facebook.com works just fine, as does the good old browser on the computer. No need to install their spyware on your phone.
I'll admit I use messenger because some people will try to contact me there, and it's necessary to be able to respond quickly if you're using Marketplace, but the main app? No way.
The GDPR makes it opt-in, and this behavior is absolutely in breach of it.
Two problems:
* there's a lot of misinformation around the GDPR even in the tech community
* some of this misinformation is most likely distributed intentionally, either to derail the GDPR itself or to continue profiting off nefarious things (marketing, etc) while pretending to comply and getting business via that (the majority of "GDPR compliance solutions" are absolutely not compliant, and yet companies pay for them)
* some GDPR criticism is clearly in bad faith by vested interests who currently make a lot of money from breaching it (including on this community)
* the regulators have been absolutely incompetent or unwilling to enforce it.
This would absolutely not comply with the GDPR. Under the GDPR, consent for non-essential data processing purposes should be granular, so people should be able to opt in selectively.
You have to specifiy any app to access Photos. By default, that access of through a non-Photos app should strip any location data. If this is not true, then I feel less tin hatty about my decision to not allow any apps access. I also feel that copying a photo from Photos should also strip location data.
Sorry if my point wasn't clear enough. You have to allow the browser permission to access Photos too. If you are allowing a browser access to Photos, then it's a pretty good bet you are sharing the photo. Strip the location data.
Sure, but then it's less specific. Maybe I want to upload photos with EXIF to my Dropbox but without EXIF to Facebook. There's no way configure the OS or the browser that way.
TL;DR: facebook stores exif data. however it strips it out for display to the public. This includes geodata. Its unclear what they do with it after, and how you have control over it.
Interesting nugget: the author repeats the lies that apple doesn't collect/store/index your data.
I think the scepticism of facebook is a good thing, however I really wish it would be applied equally to every big company. Especially when they so clearly abuse privacy like Apple and Google.
The article states that FB all but confirmed that it is used for advertising purposes.
> the author repeats the lies that apple doesn't collect/store/index your data.
Where's the proof/evidence of this? Apps/OS have been found to leak/send some 'personal' data to Apple servers, but they say they don't track outside of apps (so app store ads use data from your app store usage etc), for them to do so without admitting it would be a huge commercial risk for very little gain (advertising revenue is still a small % of their total revenue).
> Apps/OS have been found to leak/send some 'personal' data to Apple servers,
This isn't about leaks, its about actual design. The itracker system scans your local area for tags, and reports back their IDs and your location. This was rolled out without consent.
By default apple collects "significant locations", which is then accessible to the itracker system ostensibly to warn you about tracking devices.
We accept this because apple are "trusted".
What if Apple are only trusted because they understand how to PR their way out of a bad narrative?
By default all your photos are sent to icloud. They are indexed and processed to give you faces, locations and other (useful) metadata tools.
In one of the OS upgrades, OSX uploaded all my passwords saved in my laptop keychain to icloud, without consent or warning. Not only that it shared them with my phone. My phone didn't at the time have a strong password set.
Just imagine the sheer breathless indignity if facebook, tiktok, or similar tried just one of these actions. However apple(and google) has impunity to do all.
That's my point, if we do care about privacy, then we need to apply the same level of criticism to _all_ companies.
Go into settings and turn off iCloud for photos, keychain and any other app you don't want it to work with.
The difference of all of these things is that Apple is doing it to improve its apps for YOU, uploading photos from your phone to iCloud so you can see on other devices, or face recognition to group your photos, keychain copying is used across devices that you've enabled it for. FB is using the data to create targeted ads, Apple isn't. If you don't like Apples cloud processing of your photos or passwords turn it off.
The data may be in Apples iCloud but is 'private' - it's probably as secure as your home or the phone in your pocket and at least as private as the information the phone companies have about your phone location.
if facebook did that, we'd all be up in arms, and if that was their answer to one's privacy concerns we wouldn't buy it (see tracking opt in).
I get what your saying, but the difference is trust. We trust apple to be private. We don't trust facebook. People are ambivalent to google.
> Apple is doing it to improve its apps for YOU
I mean yeah, you could argue that Facebook are doing the same thing. After all, if engagement decreases, so does advertising revenue. Much as my opinion is unpopular, I doubt facial recognition of photos has much advertising benefit, especially when the social graph is already mapped out for you.
All I'm asking is that we apply the _same_ level of scrutiny of features from apple as we do to facebook. Don't buy the narrative about Apple being friendly, they are a corporation that will deploy the lawyers at any opportunity.
This seems subjective; other companies could claim the same. E.g.: FB says they're trying to show YOU more relevant ads.
> The data may be in Apples iCloud but is 'private'
This seems more objective to me and a better indicator of actual privacy. Still, we should keep in mind that Apple's goals may change in future and that they might change their approach.
> The data may be in Apples iCloud but is 'private'
But how do we measure that?
Apple went into differential privacy a while ago, which really isn't about privacy, its about anonymisation. Which is not the same thing. Private means that no one else but you[1] can see your stuff
Anonymous means that people can see your stuff, but they don't know who you are. This is different.
I think one of his main points is that he explicitly indicated not to collect that data, and the FB app itself indicates that the functionality is 'switched off'.
Also:
"I suggested to them that this data is used for advertising purposes, and that this is “regardless of the privacy settings selected by the user within the Facebook/Instagram app on their phones.” Facebook told me it was fine to proceed with those assumptions."
FB stance seems to be that the user has the option to strip EXIF data before uploading to FB. On the same token, can't strip your IP, guess that means a proxy.
> FB stance seems to be that the user has the option to strip EXIF data before uploading to FB.
Which is pretty poor. I'd be interesting to see what twitter, tiktok and snap do with similar data.
Although people seem pretty chilled with other companies doing it. We already know google indexes by location. That's how they do the real time busyness graphs.
> Interesting nugget: the author repeats the lies that apple doesn't collect/store/index your data.
I always wonder why the bias is always against facebook and apple. As if people don't realize that all the privacy smoke and mirrors was just about being able to compete with the Ad Industry. Apple Ads now does the same, in a non-blockable manner. I mean, it clearly was about business tactics all along.
> iOS 14.5 is also fairly new—the impact is still being assessed. And so we’ll need to wait and see what workarounds the data giants find to keep tracking our web and app activity.
6th paragraph. However, I‘m not sure whether Apple or Facebook is „the data giants“.
The reason why I say that image is a brazen lie is this:
It says that there are only four things linked to you when you use imessage.
one of those is "device id". It doesn't say thatit ties you to your icloud account. From that your location, passwords, icloud tabs, photos, purchases, etc, etc, etc are all indexable.
>I think the scepticism of facebook is a good thing, however I really wish it would be applied equally to every big company. Especially when they so clearly abuse privacy like Apple and Google.
The difference between Apple and Facebook is that Facebook's entire business model is built on abusing the privacy of it's users.
So is google's, and all the ad tech companies, a bunch of medical tech companies, most of TV. But we don't give them as much introspection.
but, apart from cambridge analytica, where actual data was leaked, what privacy abuses are unique to facebook?
Its not like they drove around harvesting your wifi to geolocate you, or deliberately hid breaches to protect it's "good name", or sells your location data to any and everyone who asks is it?
All big companies have done shitty things, but why do we let them off? shouldn't we hold them to account as well?
