Meta tried to gain a competitive advantage over its competitors, including Snapchat and later Amazon and YouTube, by analyzing the network traffic of how its users were interacting with Meta’s competitors. Given these apps’ use of encryption, Facebook needed to develop special technology to get around it.
Facebook’s engineers solution was to use Onavo, a VPN-like service that Facebook acquired in 2013. In 2019, Facebook shut down Onavo after a TechCrunch investigation revealed that Facebook had been secretly paying teenagers to use Onavo so the company could access all of their web activity.
After Zuckerberg’s email, the Onavo team took on the project and a month later proposed a solution: so-called kits that can be installed on iOS and Android that intercept traffic for specific subdomains, “allowing us to read what would otherwise be encrypted traffic so we can measure in-app usage,” read an email from July 2016. “This is a ‘man-in-the-middle’ approach.”
A man-in-the-middle attack — nowadays also called adversary-in-the-middle — is an attack where hackers intercept internet traffic flowing from one device to another over a network. When the network traffic is unencrypted, this type of attack allows the hackers to read the data inside, such as usernames, passwords, and other in-app activity.
I work in IT so you might think I might be more into the topic and thus more careful with my data. There are a lot of colleagues of mine that don’t care one bit. Some even jokingly call me paranoid.
Sure, I use GrapheneOS, a de-googled Android OS, made the switch from Gmail to Tuta (formerly tutanota), a privacy ans security focused mail provider and use my own domain for mailing.
Then there are some other measurements in place like AdGuard and Pihole to block ads and trackers. I think that’s the bare minimum, especially if you’re working in IT. It doesn’t cost much, the setup is straight forward and the benefits are huge. I haven’t had any ads in my network for years.
I’m currently switching from windows to Linux as daily driver. There are some issues with getting some games to run, but as soon as they do I’m switching for good.
There are some easy thing one can do, even without any expertise in IT. There are even things you can do that aren’t finicky (like linux troubleshooting). People are just way to comfortable.
Maybe they should watch the documentary about Edward Snowden, Citizenfour. That might change their mind.
I watched that. Didn’t surprise me one bit.
The overreaching government apparatus doesn’t inherently bother me, but we’re really placing a lot of power and trust in those people, and that does concern me.