The Zuck suck is in full swing.
The Zuck suck is in full swing.
In the few short hours since I started using #Threads, #DuckDuckGo has already blocked over 200 data tracking attempts. These include things like "headphone status" and "screen density."
I started using #Threads
Ah, I see, there's the problem.
Shit, did your phone extend a needle for a blood test?
There's a reason it's not allowed in the EU.
What I don't understand is why people wound even want to use this app...
What possible appeal could it have?
Using Threads knowing it's a product of Zuck, is like voting for Trump in 2024 cause he wore a different style suit.
"Okay so it's basically Twitter, but with like... Facebook features..." Is literally a joke I have made about annoying app ideas people have when you tell them you're a software developer.
I have made this joke a few times, because it killed every time.
I'm stunned. Out of material, and stunned.
Had a dude tell me he wanted to 'disrupt' social media by creating a LinkedIn alternative that allowed posting videos.
He just needed a couple 'techies' like me to get it off the ground.
Haven't heard from him in a while. I hope rehab worked out for him.
I'd guess you have to like Twitter in the first place to understand the appeal. Some people like it, some don't, but the Twitter format has been pretty popular over the years, and this comes at at time when Elron has been making twitter dramatically worse for anyone who doesn't share his political views. Meta gives the appeal as "having a platform that is sanely run, that they believe that they can trust and rely upon for distribution". At this point, even if I thought Elron was a great guy I sure wouldn't invest much in building my twitter account as the future of the site seems shaky. Also though, on the other hand, who knows if this will be a success for Meta and whether they'll still support it 3 years from now.
the sad truth seems to be that vast majority of people just don't care about the threats.
Social media fomo
Even if you don't have Threads app installed. Meta is still a privacy threat for fediverse users. If there are fediverse instances that remain federated with Meta. And there are already millions of people who joined Threads in just a day.
Ross Schulman, senior fellow for decentralization at digital rights nonprofit the Electronic Frontier Foundation, notes that if Threads emerges as a massive player in the fediverse, there could be concerns about what he calls “social graph slurping." Meta will know who all of its users interact with and follow within Threads, and it will also be able to see who its users follow in the broader fediverse. And if Threads builds up anywhere near the reach of other Meta platforms, just this little slice of life would give the company a fairly expansive view of interactions beyond its borders.
https://www.wired.com/story/meta-threads-privacy-decentralization/
It works, unlike this place.
That tracks about everything it possibly can just for the sake of it. I despise Meta so much...
The list is just a list.
The VPN just blocked requests to Facebook domains and it says that it might have contained that data. But it has no idea what data was inside. Maybe was filled with tracking or maybe it was just requesting something else
I mean here is a screenshot of the data the Threads iOS app collects:
This checks literally every vector the app could collect data from.
I am also trying DDG app tracker out. This is what I got after opening Simcity Buildit. Not really surprised, because Fuck EA, but some of the requests might be the linking of account. Still, 930-- damnnnnn.
Not sure why anyone would install that garbage. Even a one off install to check it out means it will upload lots of data.
Some people simply do not care.
Is it really that hard to understand that some people like the idea of participating in a community with all their friends and favorite content creators, and find the idea of getting access to this for free at the cost of some privacy that they don't hugely value to be an acceptable enough trade?
It's easy to missjudge how much of our society are just mindless drones.
At this point I think it would be more informative to simply display the data they don't collect. My guess is "nothing".
Thank you EU!
Holy crap are you kidding? Mastodon IIRC requires zero priviliges/personal information to run.
Also, what the hell does it need "headphone status" for?
Bluetooth headphones have unique identifying information. Another data point for apps that the headphone jack doesn't provide.
Determine if you're a candidate for headphone ads.
Could just be another piece of data that can build a more unique fingerprint for you.
A lot of that stuff is pretty standard if you're doing logging and metrics on your service (which you should if you want to resolve outages). From the IP address and user agent you get rough location, os info, and network info. A few other things can be used for optimization (faster load times), and a Meta-scale, I wouldn't be surprised if they do that.
That’s insane, well I know one thing. This is making me want to go download the DuckDuckGo browser.
In the same week switching to DDG browser and to Lemmy. God dayum I wish there was a good alternative for Gmail.
Protonmail is pretty great!
I tried Proton but it's so limited. Fastmail is much better, has free email addresses for masking, and a good (searchable) calendar.
I switched to protonmail. It's especially good if you have your own domain name like [email protected] because you can tie that to your protonmail account.
I like it a lot so far.
🦆
Why in the first place do you want to use that garbage?
Agreed.
This is why I use Privacy Badger
Not only does it show you what and where it blocks, but you can also whitelist blocking in case you play browser games.
I've been using Chrome with Privacy Badger and uBlock Origin for eons, now. Listening to youtube playlists without getting interrupted by ads is a real treat...
You'd LOVE Sponsor Block then.
It uses AI to cut out all sponsorships from within YouTube videos. Anything AI misses, the users can cut out.
So no more Raid Shadow Legends or Nord VPN interruptions. Just pure entertainment!
Nice addon, I've just installed it.
Orientation? Why would Facebook need to know if my phone is gay? Jk, I know they really want to know my phone's political orientation. Joke's on them, my phone voted for Megatron.
It also wants to know how stupid my screen is for some reason??
In the name of Vectron I bring you greetings, ambassador. May the power of Vectron bring prosperity unto your house.
Why did you download threads in the first place? Just scanned the app in exodus and the list of trackers is worse than all meta apps combined
Perhaps to inform us all? Recon style self infection and inflitration of the brainwashed megacorp corps.
Meta is still a privacy threat for fediverse users, if there are fediverse instances that remain federated with Meta.
Ross Schulman, senior fellow for decentralization at digital rights nonprofit the Electronic Frontier Foundation, notes that if Threads emerges as a massive player in the fediverse, there could be concerns about what he calls “social graph slurping." Meta will know who all of its users interact with and follow within Threads, and it will also be able to see who its users follow in the broader fediverse. And if Threads builds up anywhere near the reach of other Meta platforms, just this little slice of life would give the company a fairly expansive view of interactions beyond its borders.
https://www.wired.com/story/meta-threads-privacy-decentralization/
I thought they were browsing the threads website via duckduckgo.
Damn, just straight up stealing other people's content. Very cool
Original post: https://writing.exchange/@kreig/110664764474921792
Original poster: https://writing.exchange/@kreig
- The name of your first crush.
- Your religious beliefs.
- Your innermost fears.
- That thing you did in June of 2007 that you must never speak about.
You just reminded me of the random surveys that used to sometimes come in the mail for my Mum back before the internet was a thing. I flipped through a couple and it asked things like if you have a pet and what brand of cat food you gave them and all this totally random shit. I wonder what benefit to the home owner there was for filling such a bullshit survey in.
These days, Facebook would probably just use some AI to scan your photos and figure out if you have a cat and what brand of food it eats. You'd never know, and you gave away any defence the moment you uploaded the image.
I've recently started taking a lot of international flights for work.
Now the ad algorithms thinks I'm some international jet setter and I get ads for luxury boats.
Hey shut up about the spaghetti incident
It’s unbelievable that an app which collect this many data points, including voice, is legally allowed. Insane. Yes, people should not use it and should care, but come on… this is just mass surveillance and collection.
Well, that's how Cambridge Analytica scandal happened
Ross Schulman, senior fellow for decentralization at digital rights nonprofit the Electronic Frontier Foundation, notes that if Threads emerges as a massive player in the fediverse, there could be concerns about what he calls “social graph slurping." Meta will know who all of its users interact with and follow within Threads, and it will also be able to see who its users follow in the broader fediverse. And if Threads builds up anywhere near the reach of other Meta platforms, just this little slice of life would give the company a fairly expansive view of interactions beyond its borders.
https://www.wired.com/story/meta-threads-privacy-decentralization/
including voice
how else would facebook live and such work?
i mean some of these makes sense
but its also a question of ... does the app use all these things, all the time?
do we know?
On my mac i have to allow discord to record my voice etc. if i dont, i can still use the app but i cant talk in a voice call, and such.
i'd like if apps did similar, on phones. they'd work but some functions would just be unavailable
i'd like if apps did similar, on phones. they'd work but some functions would just be unavailable
Both Android and iPhones let you do this last I checked
That's your fault for using threads
Meta is a threat to the privacy of fediverse users, if there are fediverse instances that remain federated with Meta.
Ross Schulman, senior fellow for decentralization at digital rights nonprofit the Electronic Frontier Foundation, notes that if Threads emerges as a massive player in the fediverse, there could be concerns about what he calls “social graph slurping." Meta will know who all of its users interact with and follow within Threads, and it will also be able to see who its users follow in the broader fediverse. And if Threads builds up anywhere near the reach of other Meta platforms, just this little slice of life would give the company a fairly expansive view of interactions beyond its borders.
https://www.wired.com/story/meta-threads-privacy-decentralization/
absolutely wild, was going to (naively) give it a go, but I work on telemetry for a big platform and cannot in good faith use this product.
Genuine question: what made you work on that if you see telemetry as a threat?
If I based my concerns off of what I worked on, I'd actually probably be cool with it. Things are generally taken very seriously and the general discourse around how things are handled (at least to my knowledge) are wildly exaggerated. However, knowing just how things work end to end and how Meta tends to handle things, I think accepting something like the terms they lay out will give them freedom to do whatever they want with whatever they want.
That might seem obvious to most folks but I guess it's more just be saying yeah they'll take as much as you can give them.
Remind me of that scene in The Dark Knight when Lucius Fox has all the screens with all the data from every smartphone around.
The only way I'll use Facebook nowadays is in a browser sandbox. And before you ask, it's pretty much Events and Marketplace nowadays; the main feed is unusable and horrifying nowadays, and everybody I know has moved on from Messenger.
Hermit browser does a good job of sandboxing random apps like that. Wish it had more than 5 sandboxes though, it severely limits its usability.
Run it in a Sandboxie sandbox. It can run any application in a Sandbox.
Or just spin up a lightweight VM. Could even run it in a Docker container.
That’s insane
200 in a few hours sounds like a lot (well, it is) but is small compared to some apps I use. Revolut tried to make tens of thousands of requests in an hour last time I looked! I expect that particular app is coded badly so when it gets rejected it just endlessly tries to repeat the request.
I highly recommend everyone installs something like the DuckDuckGo android app because it blocks tracking attempts in all apps. It's a bit horrifying to see how often, how much, and what type of data all our apps are requesting.
From what I've heard the number gets so high because duckduck blocks the app from gathering data. The apps keep pushing requests since they're not getting any response. In reality the non-blocked requests are less frequent. Don't quote me on this, just a thing I read on reddit.
But yeah I have duckduck as well and it freaks me the F out seeing what apps are trying to gather. It's sickening.
Tidal is the worst for me. Made 1000+ attempts in less than an hour.
I didn't know DuckDuckGo had the app tracker feature. It was just a browser the last time I gave it a go. Thanks for the tip! I've been using NextDNS for my Private DNS on Android for awhile. I had to temporarily disable it for DuckDuckGo to identify the trackers. It looks like NextDNS was doing a good job blocking them.
It might be surprlus to your requirements then, I've seen in a few discussions on here there's lots of alternatives. Some apps it 'breaks' so I just disable it for that app. Nuts though the level of tracking that's going on in our pockets all day!
What is the app called? Are you referring to their browser?
Yes, it looks like there is an App Tracking setting in it.
People here complaining about Threads and TikTok (Chinese owned) being the defacto social network for an entire generation over there without outrage, and when it's outrage about it people just say "at least is not the US" what kind of defense is that?
I'm so tired can you re explain what you trying to say
Post complaining about Meta collecting too much data from its users but Tiktok which has much more users than Threads and almost the same as FB doesnt get the same amount of complains, and when it does people shrugged off saying "at least is not owned by an US company" implying some would rather give their data to a chinese company.
I usually don't like these types of comments but here we go: Because in TikTok america bad memes are really popular. And TikTok is owned by the Chinese. What a coincidence.I don't understand how TikTok is being defended here, its basically propaganda.Wasn't there a case of like a huuge amount of videos critizising the chinese goverment removed?
And then they'll need another permission to access your photos, contacts, text messages... They'll grab and run with everything what's in your phone. Before your 1st day is over, they'll know everything about you, your friends and family. It's just another massive privacy/data grab. Fuck them (and fuck u/spez ofc).
Looking at the data collection categories in the ios app store for Threads is terrifying. Similarly, mastodon collects nothing. General population doesn't seem to care though given the number of signups that Threads has received in the last few days. People are happy to give their information away.
Mother fucking mother fuckers
The latest in data collection technology also happens to have some social features.
And if it's anything like Twitter was, it won't be very social
Funny enough the screen density thing could just be display optimization, did some web development and that would've been useful. But hoy shit the rest is really bad. Good thing I live in the EU and won't be tempted.
Instagram in app browser user agents include your devices resolution and colour info, so I think you’re right on those features.
And for a video app checking if headphones are plugged in is actually useful (Apollo used to deal with this well).
Needing your health days in the permissions though???
Yeah, screen density or screen resolution is fairly common to track specifically because it's useful for sorting out UI problems.
"People with 1080p phones use the app once and never come back" is useful information from a product development standpoint. It's not super useful for most user profiling purposes.
Unless you're selling cell phone ads, that is. And, well, Meta's an ad company.
Wait, they're trying to check the status of your headphone? That's way too far. Why do they need to know if the headphone's plugged in?
That's actually a very informative data point. If you use headphones, you probably like to use music/video streaming services or play games. The longer they're connected, the likelier you are to pay for your media consumption. You probably also have a bigger connection to your media device (a source of entertainment and happiness), so you likely also use and pay for other related products or services. If your headphones use Bluetooth, you have a newer device and set of headphones, so you probably like to keep up with tech trends and buy more expensive hardware, especially if your listening time is long.
That's all from just looking at your headphone and Bluetooth status. Combine that with your device & vendor ID, contacts, location, medical and financial information, and all the other "sensitive information" they collect, and you can imagine how much information they can actually infer about you. That is their product: tailor-made targeted advertising and manipulation.
Disclaimer: I don't want to do advertising for surveillance capitalism, so I would also like to add that the data they infer about you (political ideology, sexual orientation, etc.) can be completely false. However, there is no way to verify that (only you can do that anyway). Meta doesn't care if the data is perfect. All they care about is that advertisers continue to believe that they provide the best dataset.
Maybe they increase the likelihood weight of ads you'll see from headphone companies, or groups in that space.
It's also just straight up a datapoint about you that someone out there will pay Facebook to collect so they can profile you and upsell you on more shit.
That's how all this crap works unfortunately.
Just for fun. 🤪
How do I get duckduckgo to block tracking attempts?
Okay I think I have it. I just installed the duckduckgo app and enabled the tracking protection in settings. And right now I am shocked. The amount of tracking attempts in the last 30 minutes has been mind boggling. 300 attempts and counting! Is this normal?
Yes, very normal for social media platforms, specially Facebook, anything related to Facebook, and even apps and third parties that use things like sign in with Facebook.
Same. Then I looked for an alternative app that comes on on boot. Found one called Karma FW on fdroid
Are you using Threads on the duckduckgo browser?
If you block them from collecting even one of those things, they'll lock you out of your account until you show them your ID and SSN. It should be illegal for social media to spy on you THAT invasively.
Ah, so it's a stupidity test.
Yep
They clicked "select all" when choosing what to gather, it's easier.
Jesus, man! Do they want my birth certificate as well?
Only if you are running for president
I hate Zuck, but I'm happy to see him destroy Muskrat.
Kinda unironic here and I do not know why, I stared at the preview of this image and for a spilt second I felt literal fear. I couldn't read the words, I just saw "Facebook", a long list and it is a phone screenshot. And I felt some voided terror rising within as I clicked on the link. Now that I take a closer look, I can understand why my "gut sense" was warning me.
What does Threads do that Mastodon doesn't? Aren't they basically just a different app for the same thing? What am I getting wrong here?
the brand and million of dollars for ads. They'll push it as the main hub to browse mastodon content and then slowly try to make it a walled garden.
Threads automatically adds all your instagram follows so for creators they don't have to try and rebuild their audience on a new platform where as for users they don't have to find all their friends/family/and creators on a new platform, its just there. There is also the ease of signup, if you have an instagram account you just log in, if you don't it's really simple. For Mastodon there's different servers to pick and then you have to find your favorite creators again and it's another login to remember.
TLDR people are lazy so go with the option that is easiest for them
FeDiVeRsE hAs NoThInG tOo WoRrY aBoUt
Those infos are different for everyone. It's like your extensions in web browsers, it creates a fingerprint.
And that is actually illegal in the EU
I guess it's why Threads isn't released in EU.
Duck duck go as well?
That's egregious, not even trying to hide it lmao.
This is what I got after 5 minutes.
I understand getting location because the big companies have country specific websites that have different pricing and products but why boot time?
If they collect enough metrics and link it to a single user they can use that as an id to tell if that user does things outside of their app. So they collect all the data and build a device finger print then they offer tools to website developers for marketing (Facebook tracking pixel, like buttons, etc ...). Those developer or marketing teams or whoever add it into the other apps you use and Facebook can track you without you being logged in.
my guess is so google can use this data for analytics for their operating system since it collects OS version too
Delete them? Just dont install the damn app, stop using facebook!
We need a third party app.
Ain’t gonna happen. This is the only reason they are releasing Threads. It is also the only reason Elon and u/spez have killed third party apps.
It is also why you can’t use Threads in a browser. (You can read other threads, but can’t post or use any of the other features.
Browsers are also trivial to track https://coveryourtracks.eff.org
Is this the duckduckgo browser?
Yeah it is
Nice, thanks!
"They trust me" "Dumb fucks"
That seems so unnecessary. Why do they want to interfere with screen density??
Even if you do not provide a real fingerprint from your browser if you allow it to collect so many information it's still able to uniquely identify you because noone is going to have all those info the same as you
Screen density is usually needed to work out the resolution of images to load. A high-DPI ("Retina") screen uses higher-resolution images than a low-DPI screen.
opposite really... Notice "Screen Resolution" is on that list as a separate item as well...
Screen Density would tell you roughly how big the screen actually is. If you have a 4k panel... but it's only 6 inches, you can probably serve up a 720p image instead of the full 4k one and the user won't notice the difference since you'd have to hold the screen an inch away to see anything different.
So they can build a better profile of you.
It's useful as tracking data
Disgusting
I don't care if this app becomes the new norm, I ain't risking all that metadata. Fuck Facebook
Oh no! the rats are eating each other.
Well this fuckings sucks. Hard.
Youtube has done it now. The internet fighting is on. Truly not able to see Youtube now with blockers.
ReVanced is still working.
This is why I only ever access Facebook through FireFox Focus and use a fake name.
in best BfME2 goblin voice: The Eye watches!
"sorry, our dev uploaded debug version as production release"
wow, it really sucks
The fight is on. Youtube just started playing this game.
Almost certainly this is for fraud detection purposes. It’s the same reason it’s used at tiktok. Scammers try to spin up fake devices to spam content but very often don’t have the correct screen density for their faked device in the early stages of a platform.
wtf do they even need charging status, headphone status, volume, direction rotation accelerometer wtf
They coded for "everything they can get" and just figure they'll use it all eventually. Must be a GDPR nightmare for them, if they even honor it vs. just not being caught doing bad actor things.
To advertise. If your battery is at 17%, they're gonna advertise a wireless charger. If you listen to headphones at max volume and are jumping up and down at a concert venue, they're probably not gonna recommend you earplugs.
hell naw
I'd guess that rotation is probably to rotate the video player when you rotate your phone.
Accelerometer is likely for the feature where you can shake the phone to report a bug.
Headphone status may be to pause videos when you unplug your headphones? Unsure.
Okay I'll bite. I work in product management for capitalist software companies. Every single software product you use has trackers built in unless if you're hardcore FOSS.
Even if the company has no interest in selling your data, it's still really hard to learn about user behaviours in the real world in order to figure out what to build next. Many of these trackers are UX tools, much more than selling your data tools. My previous employer fully anonymized and aggregated usage data, but we can't necessarily say the same for other companies.
These trackers are the industry default and honestly, I don't know where we'd be without them. We use them to measure the success of what we build and to look for surprises/opportunities.
On that note, for products and websites that I like, I sometimes intentionally turn off my ad and privacy blockers for them (as long as it's not intrusive). It's hard to do our work without that data.
Obviously there's a difference between UX analytics and data collection the data vacuuming Facebook does.
Say you can justify each piece of data collected via a UX element. Someone said in the comments: low battery, charger ad. Where do you draw the line between data for the product vs data for profit? You don't. It's all embedded in the idea of "the product".
This is a company that sells ads AND data. They collect everything. Consumers don't seem to care. Tiktok is still popular. People see this post and will still download Threads.
It's important for people to understand the industry justification behind data collection and why it's so widespread across the industry so we can have this conversation about what "too much data" actually means. Serving me relevant ads like places near me for food? I guess that's a feature. A face aging app that we train to feed a military database of faces to track down deserters? Not so much.
Other than GPS coordinates, what's the problem?
It's pretty standard stuff that every app collects.
I'm actually asking what specific thing is the problem.
The problem is the "why". Why does it need headphone status? Why does it need to know "music playing" status? It uses all this information to build a larger picture of the user. If the user is browsing sad memes standing in McDonalds while listening to music, there's a chance they're in a vulnerable state. So let's show them ads related to weight loss or even the opposite - something to entice them so they might feel good momentarily. That's the kind of headfuck these guys have already built using their machine learning models. So no, you should totally reject any and every app collecting this information.
BTW, "every app collects" is a bad precedent. Partly because not every app needs this information and partly because they are all selling to Google and FB and even more spurious third parties in the end.
Why do you want them to know all this stuff about you? Also, all this data set on a timescale can be used to triangulate who you are in other data sets they have that are "anonymous". It's trivial to identify you based on a few converging data points.
ITT: Users not having any fucking clue what's going on, and laughing at a client that was clearly released in a few days. As if it's not blatantly obvious they are going to add the reddit and Twitter features later. Threads is going to own fediverse, deal with it.
So much Threads panic, yet we're apparently willing to just believe whatever DuckDuckGo says, even though the company has a pretty terrible track record.
Go look at the permissions Threads is granted. Mine has Notifications and nothing else. Android won't let it have access to most of the information in that list.
"Known to collect" - this app is sending data back to Facebook and we've made some wild ass assumptions about what that data might be in order to scare you into getting all your friends to download our browser. Worked pretty well, huh.
Oh cool, the bots are here.
