Another day, and another new data breach on two of the biggest social networks. This time around, the main problem is due to two bad actors, and not the platforms themselves. Facebook and Twitter announced on Monday that the companies were notified about malicious software development kits (SDKs) that allowed certain apps to collect users’ data from the apps without their permission.
iPhone owners, beware. It appears Facebook might be actively using your camera without your knowledge while you’re scrolling your feed. (...)
Maddux adds he found the same issue on five iPhone devices running iOS 13.2.2, but was unable to reproduce it on iOS 12. “I will note that iPhones running iOS 12 don’t show the camera (not to say that it’s not being used),” he said.
The findings are consistent with our own attempts. While iPhones running iOS 13.2.2 indeed show the camera actively working in the background, the issue doesn’t appear to affect iOS 13.1.3. We further noticed the issue only occurs if you have given the Facebook app access to your camera. If not, it appears the Facebook app tries to access it, but iOS blocks the attempt.
Update November 13, 7:20AM UTC: Facebook has confirmed the issue, calling it a bug (who would’ve guessed, right?).
“We recently discovered our iOS app incorrectly launched in landscape. In fixing that last week in v246 we inadvertently introduced a bug where the app partially navigates to the camera screen when a photo is tapped,” Facebook VP of Integrity Guy Rosen tweeted. “We have no evidence of photos/videos uploaded due to this.”
Facebook CEO Mark Zuckerberg flirted with the idea of getting into the online dating business in 2014 — but instead gave Tinder and similar apps access to user data, leaked documents show.
The leaked documents were released Wednesday and are a part of an ongoing lawsuit between Facebook and Six4Three, a long-defunct app that scraped Facebook data to find photos of women in bikinis.
(...) The piles of leaked documents, which directly reference the company's questionable position on competition, are likely to be extremely helpful to the dozens of entities currently investigating Facebook on antitrust grounds. California, however, is conducting a privacy investigation. (...)
(...) Facebook wielded its control over user data to hobble rivals like YouTube, Twitter, and Amazon. The company benefited its friends even as it took aggressive action to block rival companies' access – while framing its actions as necessary to protect user privacy. (...)
(...) Facebook executives quietly planned a data-policy "switcharoo." "Facebook began cutting off access to user data for app developers from 2012 to squash potential rivals while presenting the move to the general public as a boon for user privacy," Reuters reported on Wednesday, citing the leaked documents. (...)
(...) Facebook considered charging companies to access user data. Documents made public in late 2018 revealed that from 2012 to 2014, Facebook was contemplating forcing companies to pay to access users' data. (It didn't ultimately follow through with the plan. (...)
(...) Facebook whitelisted certain companies to allow them more extensive access to user data, even after it locked down its developer platform throughout 2014 and 2015.TechCrunch reported in December that it "is not clear that there was any user consent for this, nor how Facebook decided which companies should be whitelisted or not. (...)
(...) Facebook planned to spy on the locations of Android users. Citing the documents, Computer Weekly reported in February that "Facebook planned to use its Android app to track the location of its customers and to allow advertisers to send political advertising and invites to dating sites to 'single' people. (...)
Facebook discloses that as many as 100 software developers may have improperly accessed user data, including the names and profile pictures of people in specific groups on the social network.
Highlights from two hours of leaked audio from recent Q&A sessions with Facebook’s CEO.
[...] The Verge obtained two hours of audio from the meetings, which include extended question-and-answer sessions between Zuckerberg and his employees. In language that is often more candid than he typically uses in his public comments, Zuckerberg seeks to rally the company against Facebook’s competitors, critics, and the US government.
After the Cambridge Analytica incident, Facebook started an internal investigation in March 2018 which resulted in the suspension of “tens of thousands” of apps that were associated with about 400 developers.
Hundreds of millions of phone numbers linked to Facebook accounts have been found online. The exposed server contained more than 419 million records over several databases on users across geographies,
[...]
But because the server wasn’t protected with a password, anyone could find and access the database. Each record contained a user’s unique Facebook ID and the phone number listed on the account.
Facebook Inc. has been paying hundreds of outside contractors to transcribe clips of audio from users of its services, according to people with knowledge of the work.
Hyp3r used four key tools to scrape data from Instagram users. First, it utilized an Instagram security hole that allowed it to “zero in on specific locations” and collect all the posts made from those locations. Second, Hyp3r “systematically saved users’ public Instagram stories,” again utilizing that location data. Third, it “scraped public user profiles on a broad basis, collecting information like user bios and followers, which it then combined with the other location information.” Lastly, Hyp3r used image recognition software on user posts to analyze that the images included. The result was a database detailing a plethora of information about Instagram users.
After months of negotiations, the Federal Trade Commission fined Facebook a record-setting $5 billion on Friday for privacy violations, according to multiple reports.
If approved by the Justice Department's civil division, it will also be the first substantive punishment for Facebook in the US, where the tech industry has gone largely unregulated. But Washington has taken a harsher stance toward Silicon Valley lately, and Friday’s announcement marks its most aggressive action yet to curb its privacy overreaches.
On May 15 2019, Facebook’s Head of Public Policy for the Netherlands spoke at a round table in the House of Representatives and stated: “You can now only advertise political messages in a country, if you’re a resident of that country.”
Dutch Digital Rights NGO Bits of Freedom quickly proved that this was completely wrong. It was no problem at all to boost a political posting to a German target group from a Dutch Facebook account and pay for it from a Dutch bank account, and vice versa.
According to a confidential document the Intercept had access to, Facebook gives away information about your phone that is used by your mobile phone carrier.
Facebook’s cellphone partnerships are particularly worrisome because of the extensive surveillance powers already enjoyed by carriers like AT&T and T-Mobile: Just as your internet service provider is capable of watching the data that bounces between your home and the wider world, telecommunications companies have a privileged vantage point from which they can glean a great deal of information about how, when, and where you’re using your phone. AT&T, for example, states plainly in its privacy policy that it collects and stores information “about the websites you visit and the mobile applications you use on our networks.” Paired with carriers’ calling and texting oversight, that accounts for just about everything you’d do on your smartphone.
A vulnerability found in Facebook's owned messaging service WhatsApp, allowed a spyware to be installed allegedly linked to the NSO group.
Note: the funny part here is that nothing in the release notes of the update mentionned the vulnerability when the dev team was aware of it.
Facebook plans to install an on-phone AI content moderation algorithm that would flag a post and prevent it from being sent if a user attempts to send a rules-violating post via encrypted WhatsApp message.
Facebook is facing a multi-billion dollar fine for accidentally storing millions of people's passwords in plain text.
Ireland's Data Protection Commission (DPC), which is the default privacy regulator for Facebook in Europe, said on Thursday it had launched a "statutory inquiry" into the social network after it admitted to the error.
Black people who openly discuss experiences of racism or call out white privilege often have their Facebook accounts suspended, according to a new report by USA Today.
Given the terrible run of form it’s been on over the last year, it probably shouldn’t be that surprising that Facebook waited until the highly anticipated report on Russian interference in the 2016 US presidential election to deliver some bad news.
Facebook late last month revealed that the social media company mistakenly stored passwords for "hundreds of millions" of Facebook users in plaintext, including "tens of thousands" passwords of its Instagram users as well.
Facebook says it 'unintentionally uploaded' 1.5 million people's email contacts without their consent
Scandals. Backstabbing. Resignations. Record profits. Time Bombs. In early 2018, Mark Zuckerberg set out to fix Facebook. Here's how that turned out.
Facebook’s leaders seriously discussed selling access to user data — and privacy was an afterthought.
Le tribunal de grande instance de Paris condamne Facebook à verser 30 000 euros à l’UFC-Que Choisir, en raison de 430 clauses d’utilisation jugées illicites. Le réseau social modifie ses CGU, à la demande de la DGCCRF et de la Commission européenne.
Material discovered on Amazon cloud servers in latest example of Facebook letting third parties extract user data
Facebook confirms it took down Elizabeth Warren's ads about Facebook, but is in the process of restoring them. FB spox: "We removed the ads because they violated our policies against use of our corporate logo. In the interest of allowing robust debate, we are restoring the ads.”
Imperva, a cybersecurity company, on Thursday detailed a flaw with Facebook Messenger that allowed potential attackers to learn who you were talking with on the chatting service.
The security bug didn't show the content of the messages, but just knowing who you were in touch with has the potential to harm your privacy, said Ron Masas, the security researcher who discovered the vulnerability.
Order follows report that Facebook may access highly personal information including weight, blood pressure and ovulation status
Desperate for data on its competitors, Facebook has been secretly paying people to install a “Facebook Research” VPN that lets the company suck in all of a user’s phone and web activity, similar to Facebook’s Onavo Protect app that Apple banned in June and that was removed in August.
Facebook orchestrated a multiyear effort that duped children and their parents out of money, in some cases hundreds or even thousands of dollars, and then often refused to give the money back [...]
The 18 December 2018, the New York Times reveals that Facebook had given extended access to user data, on a much wider scope that it has previously disclosed.
On the 14 December 2018, Facebook announces throught a blog post that they discovered a bug in their Photo API that allowed a broader access than usual for 12 days.
In 2014, Facebook filed a patent application for a technique that employs smartphone data to figure out if two people might know each other. The author, an engineering manager at Facebook named Ben Chen, wrote that it was not merely possible to detect that two smartphones were in the same place at the same time, but that by comparing the accelerometer and gyroscope readings of each phone, the data could identify when people were facing each other or walking together. That way, Facebook could suggest you friend the person you were talking to at a bar last night, and not all the other people there that you chose not to talk to.
Starting next month, the millions of Facebook “Like” and “Share” buttons that publishers have added to their pages and mobile apps will start funneling data on people’s Web browsing habits into the company’s ad targeting systems.