Facebook has been at the forefront of social media user and privacy abuse for years. Being caught out in the Cambridge Analytica scandal was not an isolated event.
Newly unsealed court documents from a private antitrust lawsuit detail abuses of trust that are cynical and unethical at the very minimum.
The following screenshot of a document from the lawsuit describes Project Ghostbusters which was allegedly setup to decrypt “man-in-the-middle” style Snapchat traffic to copy it for Facebook’s own purposes.
In essence, Facebook worked together with Onavo (a public VPN provider) to insert man-in-the-middle capabilities into SnapChat communications for competitive advantage. The following are some internal Facebook emails, detailing the exchanges between FB staff and including Mark Zuckerberg himself.
“exploit financial reward as value exchange” – this is as cynical as it gets and a complete erosion of user trust. The phrase “if you’re not paying for something, you’re the product” rings loudly here.
The project spreads much further than Facebook and Onavo though:
“The lawsuit allegations are Netflix was one of the companies where Facebook backed off competing in exchange for data to boost its ad targeting signals”
One needs to strongly reconsider the privacy and protection provided by public VPN providers – Onavo’s actions here are are beyond reprehensible. And it’s a well known fact that most public VPN providers will share data with 3rd party private companies and law enforcement. So the value of VPN Providers is limited.
Another aspect of this is that Facebook pushed a custom certificate to endpoints for the purpose of MITM attacks – that certificate only expires in 2027 and may still be on many devices. Any encrypted traffic from those devices would be viewable by anyone with the CA that signed that certificate.
A thread on the topic from @jason_kint:
https://threadreaderapp.com/thread/1772459601356583268.html?utm_campaign=topunroll
Google Strikes back!
Meta are not alone in their abuse of user trust. Google just this week past, admitted to the blatant tracking of user data in Chrome’s privacy mode Incognito, where anybody would normally expect, you know, privacy.
Google agreed to destroy or de-identify billions of records of web browsing data collected when users were in its private browsing “Incognito mode,” according to a proposed class action settlement filed Monday.
The proposed settlement in Brown v. Google will also mandate greater disclosure from the company about how it collects information in Incognito mode and put limits on future data collection.
And Googles shenanigans don’t end there: a recent article by Cory Doctorow details Google’s “enshittification” of Search, essentially Google’s looking the other way to let advertising revenue drive the quality of search results. The result of which is shit results …
Google’s search results are terrible. The top of the page is dominated by spam, scams, and ads. A surprising number of those ads are scams. Sometimes, these are high-stakes scams played out by well-resourced adversaries who stand to make a fortune …
Doctorow goes on to detail his (and pretty much everyone else’s) poor experience with Google Search. Once upon a time, Google’s motto was “do no evil” – those days are well and truly gone.
For those interested in a scam/spam-free search solution, you can try a commercial product called Kago, or run your own solution using SearxNG or Woogle.
Leave a Reply