Although completely believable and in-line knowing Meta/Facebook's history, is there any evidence to support this claim? I'm sure it's, unfortunately, just as easily deployed to specific targets so it may be hard to replicate, but this is pretty huge.
Anyone have any links/sources?
I agree. Multiple apps bind to the keypress event to inject functionality. Binding to such event does not automatically imply nefarious intent.
Facebook keylogs anything, even outside of FB in all pages with FB APIs (any page with an FB share button), if you don't block it with an half a dozen extensions and scripts. For Example with
- https://www.ftc.gov/policy/advocacy-research/tech-at-ftc/2023/03/lurking-beneath-surface-hidden-impacts-pixel-tracking
My main goal on year 2018 was delete facebook. Unfortunately im still using whatsapp just because everyone uses it and i have no other place to talk with my friends and family.
I think (do correct if wrong!) the EU has approved an interoperability law for big tech companies? So it should be just a matter of time until you can switch messaging app and still be able to communicate with people on wa and big messaging apps
Ofc if your friends all use whatsapp zuck will still be able to read all your messages and get your phone number via your contacts... so it's only a partial solution. Still better than nothing tho.
That link you added is being very very negative about it and even after reading it I really don't understand why....
The source article from a security researcher Felix Krause:
https://krausefx.com/blog/announcing-inappbrowsercom-see-what-javascript-commands-get-executed-in-an-in-app-browser
Holy shit, that should be illegal. I say should because I know there's no way that it currently is.
Microsoft do the same with Windows and as far as I know, they haven't got fined for it.
I use all social media in browser to give them less access to my device. I clear cache / cookies after use every time. Hopefully that gives them far less personal data.
The Facebook mobile webapp works just fine nowadays. Pretty sure it's even possible to enable notifications in most web browsers. I still don't get why people are willfully installing apps instead of just pinning web browser bookmarks.
This is especially nefarious paired with their other practices. Many phones stock ROMs also ship with preinstalled bloatware including TikTok and Facebook crap.
I had to use Android developer tools (ADB powershell commands) to remove multiple facebook and tiktok packages from a friends new phone because they can't be removed any other way. There was no "user visible" FB app but several packages were present and makes me think FB crap may run as "background" by default on several vendors stock ROMs. Irritating and deceiving to the consumer.
I also blacklist all their domains using PiHole so nothing on my home network can covertly back channel any data to their mothership. (Currently using Developer Dan's lists from GitHub - the Facebook list alone has almost 30,000 hosts on it)
These big tech surveillance bros can get clapped.
