So it sounds like Zoom was using the Facebook SDK, and now they're not.
I've been and iOS developer for a long time. I can tell you from experience that everyone does this. I have never worked for anyone who didn't ask for their app to include some combination of Facebook, Google, Flurry, AppCenter, Segment, Intercom, Parse, or whatever other random analytics framework the PM happens to be infatuated with.
Getting mad at Zoom for using the Facebook SDK is missing the point. They and a million others are always going to be doing this. Get mad at Apple for not letting you wireshark your own iPhone. Or having no way to package open source software where you can actually see what's running. As long as you're running binary blobs that can make whatever network connections they please, people are going to take your data and send it to places you don't know about.
Yeah maybe you can pass laws about it. But is that really a great solution? Who audits that? How do you determine what's legal and what's not? We should be pushing for a platform that makes it obvious what the software you're running is up to. The random pitchfork crusade against whatever company happens to catch a bad news cycle just isn't going to get us anywhere.
I don't want to live in a world where my parents and grandparents are expected to pull up Wireshark to figure out if the app they're using will record their front camera without consent.
Blaming Zoom and FB is entirely acceptable here, it is their responsibility to keep my data private.
Blaming Apple? Why, when Zoom is on the Play Store as well?
>As long as you're running binary blobs that can make whatever network connections they please, people are going to take your data and send it to places you don't know about.
Surely there are open source video chat solutions already? They haven't taken off for one simple reason: video hosting is expensive. It's quite literally one of the most intensive network activities you can partake in, rivaling torrenting.
It doesn't make sense economically to offer a video hosting platform without collecting income from it. Nor does it make sense to attempt a peer-to-peer solution knowing full well that one laggy peer wrecks the experience for everyone else.
> Blaming Apple? Why, when Zoom is on the Play Store as well?
Blame Apple because they constantly tout the iPhone as being "privacy respecting" and "what happens on your iPhone stays on your iPhone"[0], while they
A. Apple doesn't default to "limit tracking", or at least make "limit tracking" an option on setup/iOS upgrade
B. Apple doesn't penalize developers for using Facebook's SDK with auto data collection (ie. punishment by having text like "sends data to: facebook, google, hotjar" on an app's install page)
C. Apple doesn't do any software stuff to limit and track the trackers. Having a counter for # of total days a domain name was contacted would be an eye-opener for many, and being able to toggle a "block" on the domain would be a big step forward.
Facebook meets the standard for being included in apps (respects the user resetting the usage ID), but that standard isn't the standard privacy-conscious users want. Apple can do better, but whether it be industry pressure or monetary pressure [google paying to be the default search engine], they don't actually put privacy first.
This whole Zoom revelation reminds me of the Cambridge Analytica scandal. This has been going on for a long time now, and it wasn't until one specific company did it that everyone is now concerned.
>Surely there are open source video chat solutions already? They haven't taken off for one simple reason: video hosting is expensive. It's quite literally one of the most intensive network activities you can partake in, rivaling torrenting.
There are, as you state OSS solutions [0]. But the video hosting is not akin to Torrenting. Most people are fine with 720p quality video as you're not "watching" the participants like a movie. And as you scale up the number of users the required bandwidth for each subsequent user goes down in a linear fashion due to reduced screen real estate. A conference with 8 users, from a video perspective doesn't reasonably take up more bandwidth than that of 2 given the smaller stream. I am on almost constant conference meetings with 4-12 users, many times with video and I have a full packet monitoring solution at home and can tell you it's not remotely as intensive as you've claimed here.
Just to take you up on possible FOSS solutions: If anyone is looking for a private and open source video chat platform self-hosting NextCloud [0] might be worth a try.
> I don't want to live in a world where my parents and grandparents are expected to pull up Wireshark to figure out if the app they're using will record their front camera without consent.
It's a "commons" issue. I don't necessarily trust FOSS software because I am going to login to the repo and check the code (though I have once or twice), I trust it because I know thousands of people motiviated by ethics and quality vs. money have peer reviewed the code for things like this.
Why not blame Facebook for being the most data hungry and privacy disrespecting for-profit entity ever known to man? (Google is tied for that spot, Microsoft close third)
It‘s a little bit like blaming the person making the deal with the devil. Of course on some level they deserve blame for engaging with evil but evil presenting itself in a slick interface should also get its fair share.
> Getting mad at Zoom for using the Facebook SDK is missing the point. They and a million others are always going to be doing this. Get mad at Apple for not letting you wireshark your own iPhone.
There’s plenty of anger to go around. Get mad all all three: Facebook for making an SDK that tracks you, Zoom for integrating it, and Apple for letting it through unencumbered.
Do you know what developer uproar there would be if Apple decided to block all Facebook SDK usage? Surely you know most anger will be targeted at Apple, rather than FB.
Doesn't scale. We can't have 1,000,000 front page "App X uses Y SDK" posts. People will stop caring. Nobody's made a post of that flavor in awhile, and Zoom got caught in the crossfire. Honestly, if anything it shields other apps. People have a limited capacity for repeatedly addressing the same thing.
My point is that you've removed one instance of the Facebook SDK from your phone, but you still have 50 others. Plus probably hundreds of other analytics frameworks that you've never even heard of that are just as bad or worse.
Of course passing laws about that is a great solution. This is how society defines what is and what isn’t acceptable behavior for corporations. Are you also typing up rallying paragraphs against laws that dictate how companies have to adhere to food safety? Would your suggestion then be to “get mad at Burger King for not allowing you to perform chemical tests in the restaurant”? “Everyone does it”, like everyone used asbestos and lead pipes in the past?
Does this work with apps that do their own TLS using their own pinned certs? I don't see how it could. Surely that's a lot of high profile apps these days.
If this app works without root, it must be possible to apps on iPhone to add their own certificates to the system, which are then trusted by other applications - that would already be pretty alarming. I think Android still requires certificates to be manually imported by the user. Maybe this app points you to instructions on how to do this, but the description makes it sound very automatic.
When you say 'everyone' in your second paragraph, really you mean 'all of the Silicon Valley style employers I'm aware of'.
That's a tiny proportion of the user population and doesn't imply agreement or consent to the information the Facebook SDK shares. And even if it it did, it wouldn't automatically mean that it's an acceptable or good behaviour by those apps and Facebook.
Bringing widely-distributed privacy breaches to a wider audience's attention can help those users provide feedback regarding products and then allow them to select vendors who respect their values.
> As long as you're running binary blobs that can make whatever network connections they please, people are going to take your data and send it to places you don't know about.
PWAs could answer this problem, at least to some extent, but Apple historically has been limiting the features to protect the AppStore and the Apple Tax (v. the recent local persistence changes in ITP).
It's better than, say, Google pretending that third-party cookies make the web a safer place (yup, that happened).
(Don't get me wrong, I think ITP and Safari are great)
> Get mad at Apple for not letting you wireshark your own iPhone.
People on HN can, but an average user shouldn't have to care about that. I'm 100% up for stronger legislative measures (both tech and dark UX patterns) and more education in this area. Sounds boring, but without it we'll just keep running in circles.
Hello fellow iOS developer. I have two apps on the Apple store. I never used any external SDK/libraries, only the built-in Xcode ones. I preferred to spent a bit more time in writing/testing but I would never accept that FB and other scum (privacy standpoint) track children (I wrote the apps for my nephews and nieces and I put them in the Apple store just for them)(I don't advertise them at all and I won't do so here either).
Regarding the issue that started this Zoom-FB dialogue I have commented a dozen (or more) times on the necessity to have a firewalled phone that a user (unfortunately the user needs to have basic knowledge of firewall admin) can decide what to allow and what to block. Your point on who audits is valid (I am a CISA and CISM of many years), and, well, nobody does. Each user will have to do his/her own work/effort to keep their family clear of these scum.
Apple gives you no way to find what your phone is doing, and no way to prevent it from doing it.
They provide company sponsored "controls" on what apps can do, which is about as useful as a factory alarm on a mid-80's car. Except with a modern twist, where they're the only ones capable of installing an alarm. (and imagine the alarm gives a free pass to apple)
The fact that they're starting in on MacOS and Little Snitch makes me think their platform isn't long for the world.
Yes, we need laws against this and for the gatekeepers to be the enforcers. I used to think that individual choice would solve these problems, but it won’t. Zoom et al are growing like a weed and we can’t protect all our loved ones from this bullshit with individual action all of the time. There are some problems that require government action; I think the events of this year have demonstrated that clearly. Individually we are weak as water, but collectively we are embarrassingly powerful. Time to organise.
> Getting mad at Zoom for using the Facebook SDK is missing the point. They and a million others are always going to be doing this. Get mad at Apple for not letting you wireshark your own iPhone.
But you’ve just said everyone does it and we shouldn’t get mad at them - so we don’t need wireshark, because it would simply confirm that everyone does it and we shouldn’t get mad at them - right?
Another problem is these analytics platforms just keep getting worse. There used to be a lot of effort put in to not collecting any personally identifiable info. Hell even google analytics was strict about that. It also took time to integrate them.
Now almost all the packages grab identifiable info by default and some are doing things like making screen recordings. Combine that with a rotating set of product owners like described above and a lot of apps just end up making way too many calls to way too many places.
And I do think Apple could and should be doing something more here. Their developer analytics setup is a good example to lead by as it gives users a global option to opt out. They also are able to reject apps for an icon being offbrand so I’m pretty sure they could figure out something here.
It doesn’t “sound like” that, it’s literally what they’re admitting to. Let’s not spin the narrative here on HN that Zoom didn’t admit to their faults.
No, they don't? There are very few companies that record your phone calls/video calls, then transcribe them into text. Then store the data for themselves. This includes any data that we shared in the session. Why can't Zoom just come out and explain why they do this? Seems pretty simple. If you asked me?
Note that the functionality is actually attribution for the app adds platform on Facebook. If you run ads on FB for an app, this ensures installs are tracked, and doesn't show the user the ad if they already have it.
"Who audits that?" We just did. And if there was a law against that, Zoom would just have been exposed for breaking it. Any sane company will try their best to adhere to laws. Some big players like Google can afford to mess around pay a few billions in fines, but those are the exceptions, not the rule. Eventually, even they can't afford to pay the fines in the long run (Even Google bowed to GDPR or at least its getting bashed with steeper fines until they wake up).
"How do you determine what's legal and what's not?" You pass a law, read the law? This is a self-contradiction. Laws are open for interpretation but the interpretation is quite clear after a supreme court case (for the better or worse).
"We should be pushing for a platform that makes it obvious what the software you're running is up to". Oh the web of trust? Did you ever install Snitch or some other firewall on your system? Its utterly hopeless even if you are knowledgeable. There is simply not way to audit that. Who audits that? Here you CAN ask this question.
I can't for the life of me understand how you can believe that it is better for everyone, including parents and grandparents to audit their phone, instead of having researchers audit phones and report companies who break the law. This is non-nonsensical. You must either be some expert without a connection to the real world, or some elitist who thinks everyone is like him.
Specifically on this point, I think the HN comment sorting algorithm may take account of how many votes child comments have too, so you may find that it’s the top child comment which has brought this to the top.
Constantly having to be in a war against my own phone's operating system is exhausting. These days I absolutely refuse to buy any brand that makes me jump through hoops just to get root on my own silicon.
I'm really liking Zoom's responses to incidents lately. Both this and the "oops we implemented certain features by leaving a localhost webserver gaping open" fiasco fairly recently got extremely nimble responses from them, and the responses were absolutely the right thing to do. They could have hand-waved the http server away and claimed to have "secured" it, and they could have hand-waved this away as "standard practice", which, let's be frank, it almost certainly is. The fact that they understood the seriousness and swiftly yanked the features in both instances is HUGE. Kudos to them for this.
edit: some people won't want to give them any slack because they committed the offenses in the first place, but I think that's silly. Reward them for trying, because if this is the way they're going to respond to blowing it, they're one of the good guys.
in the end they did the right thing with the local web server, but iirc their first response was "this is a non issue and needed for proper operation".
I contacted LG last month regarding their use of the Facebook SDK's automatic event collection in their ThinQ Android app. They responded and told me that they're disabling it in an upcoming release (incidentally, today's). If a single email is all it took to get a company with over $50 billion in revenue to disable Facebook's tracking in one of their apps, I really don't think that these companies are sharing data intentionally.
What justification does Facebook have for keeping automatic event collection turned on by default in their SDKs? Why can't they enable it only when the the user has explicitly opted in (https://developers.facebook.com/docs/app-events/gdpr-complia...)? They even say, "you need to ensure that your SDK implementation meets these [GDPR] consent requirements."
> I don't think these companies are sharing data with Facebook intentionally.
That would imply they are incompetent and negligent.
Would one not expect large companies like LG to have internal security and privacy reviews of the software they publish, and know very well what they are doing?
> That would imply they are incompetent and negligent.
Not really.
Product Manager: I want to be able to support Facebook login for our app.
Developer: OK... [googles for how to do that] ... We can use the FB SDK for that.
PM: Cool, let's do that.
Dev: [implements it]
Nobody really does much more due diligence than that most of the time. I suppose you could argue that's negligent, but if that's the case, then pretty much every company that has an app with login functionality is probably in that boat.
> That would imply they are incompetent and negligent.
> Would one not expect large companies like LG to have internal security and privacy
can't tell if this is sarcasm because this is exactly what they are. an OEM is just packaging stuff and always bigger than it's parts (in this case meaning the knowhow of their otherwise bright and knowledgeable engineers is lost in the organization as a whole). the biggest companies are always the dumbest places where no matter how bright you may be the management layers above make sure that this gets cancelled out (I've worked at Samsung, Nokia and Ericsson and it was the case in all these places). Doubt LG would be any different.
Given Google's hostility towards the glacier-slow release schedules of Android updates and the continued embedding of vendor apps that screw up Android by phone vendors such as LG, I'm already quite biased in favor of "companies like LG are incompetent and negligent", based on the evidence available over the past several years.
Nice way to bury an innocuous "iOS Advertiser ID" in the middle of the list. What "iOS Advertiser ID" means is, to a very good degree of approximation, your deanonimized identity.
Also, that just linking the SDK in your app deanonimzes the user to Facebook is very, very clear in its documentation. It's not like Zoom didn't notice until someone told them. They made a decision, and now they're changing it because they were called out.
The Advertising Identifier is app-specific, and if Limit Ad Tracking is enabled, it is set to all zeros. So it's not accurate to say that it's "your deanonimized identity".
Alphabetical order is neither mandated by any rule, nor deterministic since you can choose how to call things. "Application Bundle Identifier" made it to the top of the list, but if it was "iOS Application Bundle Identifier" it would be below the Advertiser ID.
Do you really think they prepared a PR statement to respond to harsh criticism and just decided to toss in there the list of information sent without crafting the order of the items?
They are changing because right now they are growing like crazy without the need to do much on user acquisition, and a bad PR is just too costly right now. But good to see them doing it.
Sure, good they are changing. And Zoom is definitely not alone in this. Facebook SDK usage is widespread and it's a horrible thing. And even then, the fault ultimately resides with Apple and Google that provide cross-application unique identifiers.
To use the Facebook SDK is a rocky mistake. It includes all kind of telemetry that is send to Facebook, whenever the user is connected to Facebook or not.
In the company I worked for, they read the code, you have access to it, and stripped that parts. It's not much work but its a pain.
The best approach is to use just the HTTP APIs and ignore the SDK. Your team will better understand how Facebook works, your app will be lighter and you are free from nasty surprises that a 3rd party may add to your app without your knowledge.
It's good that they removed it, but it's also dissapointing that they had no idea that it was happening until someone made a blog post about it. Do their employees not vet any of the code they use, and just slap things together off the internet and hope it's not doing anything their users don't like?
> Do their employees not vet any of the code they use, and just slap things together off the internet
That sounds like a pretty accurate description of how software is built. (No, I'm not being flippant.)
> ... and hope it's not doing anything their users don't like?
I expect most don't think too much about it, not out of malice, but because their product manager told them "I want FB login" and to do that, they either spend an afternoon using the FB SDK, or spend a week figuring out how it works, implementing it from scratch themselves, and debugging the inevitable interop issues with whatever oauth2 (or whatever) library they've picked. It's really a no-brainer... few developers can take the week-long route and then justify that to their manager. They'll get fired.
I've worked at places where "cowboy coding" was the norm and people would just look up how to do something on StackOverflow and copy/paste it. But to pull in a major 3rd party dependency like this and just "YOLO" ship it in your company's product? That's almost unbelievable. Didn't anyone have a look to see what the thing does? Assuming the SDK comes with source code, and if they integrated a 3rd party library that doesn't come with the source, even more shame. All it would have taken was a single engineer to notice unexplainable network traffic to a third party at runtime--at any time during development. So much WTF here.
I really can't fault Zoom here. They used an existing tool provided by a company that is, allegedly, reputable.
Though, thinking about it more perhaps Zoom should get some more scrutiny here because this isn't the first time Facebook has said eff it to user privacy. Distrust of Facebook should be the default.
And it's known that what Facebook does is ugly. So Hanlon's Razor and all that, but given recent events it strains credulity that the developers weren't at least suspicious.
As a sometimes iOS developer, I can’t even imagine how you could build something like Zoom without at least sometimes auditing the network traffic. Even a novice user can do this in a few minutes with Charles Proxy.
People on the team knew, they just either didn’t care or were ignored when they voiced concerns.
To rephrase this into something more beneficial to others trying to learn from this:
"It's good that they removed it, and it goes to show just how important it is to inspect your application's wire traffic as part of your development and testing processes. Otherwise you'll have no idea what's happening until someone makes a blog post about it."
Between this and the HTTP server, it feels like Zoom of old that wrote the app was more willing to make the user experience vs user privacy trade off in favor of user experience.
Now you need to log in via Facebook with a separate browser window, and thanks to the HTTP change, you need to click on a browser dialog to launch a meeting from a link. So, they've either changed their policy to err more towards the privacy side and haven't found all the cases yet, or, more likely, still have the same attitude except when the tech world starts screaming at them.
I think it's more likely that the developers responsible for the HTTP server just didn't know much about local security, and Zoom doesn't have a good security review process (where actual infosec professionals are involved). That doesn't absolve them of responsibility, of course, but I really don't think it was malice or an intentional desire to ignore privacy concerns.
they can't see what happens inside FacebookSDK's code. even if they could see it, good luck convincing the PMs and directors to avoid implementing Facebook login.
Dear all, I am the CEO of Zoom. First, I sincerely apologize about this Facebook SDK issue. We learned a lesson, and we will do all we can to improve. I also wrote a blog.
Hey, thank you for listening to security researchers and fixing a problem when you became aware. I know this is not so much a problem, but rather a business decision, but the product would be much more useable if it was possible to connect without the app without having to use some tricks. There have been many conferences that took much longer than expected to start because not everyone had Zoom
You are right on! To focus on our service stability and security are our top 2 priorities. We will work as hard as we can to keep improving. Thank you for your great support!
And so zoom crumbled from the social pressure, while every other service and website is thinking "oof, they didn't realize that everybody does this to do advertising"
It's also possible they didn't listen to their app over the wire and see it doing this. What lesson could we teach about "why you should mitmproxy your app while it's in development?", so that people can start uncovering this in other apps — including their own?
Considering how many apps are using Facebook's SDK, shouldn't this be something that FB should be addressing? After all, they are the ones making an SDK available to app developers to help with user-login. Shouldn't the presumption of trust rest on FB?
I can’t see the big deal. We use the Facebook SDK specifically for the free analytics. It’s just a default part of the SDK. It’s not sending anything any other analytics package wouldn’t
Could you maybe expand on what company you work for so that the rest of us can avoid it and its products?
Uploading all of this data to Facebook just so you don't have to run a Matomo instance (or whatever controlled analytics platform you use) is either laziness or disregard for your users. There's a reason the analytics are free and sacrificing your users for something this small is exactly what is wrong with the modern software ecosystem.
Readit News
I've been and iOS developer for a long time. I can tell you from experience that everyone does this. I have never worked for anyone who didn't ask for their app to include some combination of Facebook, Google, Flurry, AppCenter, Segment, Intercom, Parse, or whatever other random analytics framework the PM happens to be infatuated with.
Getting mad at Zoom for using the Facebook SDK is missing the point. They and a million others are always going to be doing this. Get mad at Apple for not letting you wireshark your own iPhone. Or having no way to package open source software where you can actually see what's running. As long as you're running binary blobs that can make whatever network connections they please, people are going to take your data and send it to places you don't know about.
Yeah maybe you can pass laws about it. But is that really a great solution? Who audits that? How do you determine what's legal and what's not? We should be pushing for a platform that makes it obvious what the software you're running is up to. The random pitchfork crusade against whatever company happens to catch a bad news cycle just isn't going to get us anywhere.
Blaming Zoom and FB is entirely acceptable here, it is their responsibility to keep my data private.
Blaming Apple? Why, when Zoom is on the Play Store as well?
https://play.google.com/store/apps/details?id=us.zoom.videom...
>As long as you're running binary blobs that can make whatever network connections they please, people are going to take your data and send it to places you don't know about.
Surely there are open source video chat solutions already? They haven't taken off for one simple reason: video hosting is expensive. It's quite literally one of the most intensive network activities you can partake in, rivaling torrenting.
It doesn't make sense economically to offer a video hosting platform without collecting income from it. Nor does it make sense to attempt a peer-to-peer solution knowing full well that one laggy peer wrecks the experience for everyone else.
It's a very hard problem.
Blame Apple because they constantly tout the iPhone as being "privacy respecting" and "what happens on your iPhone stays on your iPhone"[0], while they
A. Apple doesn't default to "limit tracking", or at least make "limit tracking" an option on setup/iOS upgrade
B. Apple doesn't penalize developers for using Facebook's SDK with auto data collection (ie. punishment by having text like "sends data to: facebook, google, hotjar" on an app's install page)
C. Apple doesn't do any software stuff to limit and track the trackers. Having a counter for # of total days a domain name was contacted would be an eye-opener for many, and being able to toggle a "block" on the domain would be a big step forward.
Facebook meets the standard for being included in apps (respects the user resetting the usage ID), but that standard isn't the standard privacy-conscious users want. Apple can do better, but whether it be industry pressure or monetary pressure [google paying to be the default search engine], they don't actually put privacy first.
0: https://www.businessinsider.com/apples-ces-ad-las-vegas-misl...
If you want to be creeped out, go to https://www.facebook.com/off_facebook_activity/ and find out how many apps have been quietly reporting all your usage activity to Facebook.
I have 100's of websites which managed to identify my Facebook account despite me logging into Facebook only in Incognito for the past 2 years.
There are, as you state OSS solutions [0]. But the video hosting is not akin to Torrenting. Most people are fine with 720p quality video as you're not "watching" the participants like a movie. And as you scale up the number of users the required bandwidth for each subsequent user goes down in a linear fashion due to reduced screen real estate. A conference with 8 users, from a video perspective doesn't reasonably take up more bandwidth than that of 2 given the smaller stream. I am on almost constant conference meetings with 4-12 users, many times with video and I have a full packet monitoring solution at home and can tell you it's not remotely as intensive as you've claimed here.
[0] https://jitsi.org/jitsi-meet/
[0]: https://nextcloud.com/talk/
It's a "commons" issue. I don't necessarily trust FOSS software because I am going to login to the repo and check the code (though I have once or twice), I trust it because I know thousands of people motiviated by ethics and quality vs. money have peer reviewed the code for things like this.
Similar in concept to herd immunity.
Apple doesn’t allow software like that on iOS.
It‘s a little bit like blaming the person making the deal with the devil. Of course on some level they deserve blame for engaging with evil but evil presenting itself in a slick interface should also get its fair share.
Their kids should be able to help.
There’s plenty of anger to go around. Get mad all all three: Facebook for making an SDK that tracks you, Zoom for integrating it, and Apple for letting it through unencumbered.
It's really hard to believe this point given that... getting mad seems to have worked.
https://apps.apple.com/us/app/charles-proxy/id1134218562
If this app works without root, it must be possible to apps on iPhone to add their own certificates to the system, which are then trusted by other applications - that would already be pretty alarming. I think Android still requires certificates to be manually imported by the user. Maybe this app points you to instructions on how to do this, but the description makes it sound very automatic.
That's a tiny proportion of the user population and doesn't imply agreement or consent to the information the Facebook SDK shares. And even if it it did, it wouldn't automatically mean that it's an acceptable or good behaviour by those apps and Facebook.
Bringing widely-distributed privacy breaches to a wider audience's attention can help those users provide feedback regarding products and then allow them to select vendors who respect their values.
PWAs could answer this problem, at least to some extent, but Apple historically has been limiting the features to protect the AppStore and the Apple Tax (v. the recent local persistence changes in ITP).
It's better than, say, Google pretending that third-party cookies make the web a safer place (yup, that happened).
(Don't get me wrong, I think ITP and Safari are great)
> Get mad at Apple for not letting you wireshark your own iPhone.
People on HN can, but an average user shouldn't have to care about that. I'm 100% up for stronger legislative measures (both tech and dark UX patterns) and more education in this area. Sounds boring, but without it we'll just keep running in circles.
I’d like to see Apple launch their own telemetry/events framework, that users can examine the data from, and then cut off everyone else
Regarding the issue that started this Zoom-FB dialogue I have commented a dozen (or more) times on the necessity to have a firewalled phone that a user (unfortunately the user needs to have basic knowledge of firewall admin) can decide what to allow and what to block. Your point on who audits is valid (I am a CISA and CISM of many years), and, well, nobody does. Each user will have to do his/her own work/effort to keep their family clear of these scum.
Apple gives you no way to find what your phone is doing, and no way to prevent it from doing it.
They provide company sponsored "controls" on what apps can do, which is about as useful as a factory alarm on a mid-80's car. Except with a modern twist, where they're the only ones capable of installing an alarm. (and imagine the alarm gives a free pass to apple)
The fact that they're starting in on MacOS and Little Snitch makes me think their platform isn't long for the world.
sigh. I do like arch linux.
This is not true and even if it was true it is an extremely lame argument. You can justify pretty much everything with this logic.
But you’ve just said everyone does it and we shouldn’t get mad at them - so we don’t need wireshark, because it would simply confirm that everyone does it and we shouldn’t get mad at them - right?
Now almost all the packages grab identifiable info by default and some are doing things like making screen recordings. Combine that with a rotating set of product owners like described above and a lot of apps just end up making way too many calls to way too many places.
And I do think Apple could and should be doing something more here. Their developer analytics setup is a good example to lead by as it gives users a global option to opt out. They also are able to reject apps for an icon being offbrand so I’m pretty sure they could figure out something here.
"Who audits that?" We just did. And if there was a law against that, Zoom would just have been exposed for breaking it. Any sane company will try their best to adhere to laws. Some big players like Google can afford to mess around pay a few billions in fines, but those are the exceptions, not the rule. Eventually, even they can't afford to pay the fines in the long run (Even Google bowed to GDPR or at least its getting bashed with steeper fines until they wake up).
"How do you determine what's legal and what's not?" You pass a law, read the law? This is a self-contradiction. Laws are open for interpretation but the interpretation is quite clear after a supreme court case (for the better or worse).
"We should be pushing for a platform that makes it obvious what the software you're running is up to". Oh the web of trust? Did you ever install Snitch or some other firewall on your system? Its utterly hopeless even if you are knowledgeable. There is simply not way to audit that. Who audits that? Here you CAN ask this question.
I can't for the life of me understand how you can believe that it is better for everyone, including parents and grandparents to audit their phone, instead of having researchers audit phones and report companies who break the law. This is non-nonsensical. You must either be some expert without a connection to the real world, or some elitist who thinks everyone is like him.
Specifically on this point, I think the HN comment sorting algorithm may take account of how many votes child comments have too, so you may find that it’s the top child comment which has brought this to the top.
edit: some people won't want to give them any slack because they committed the offenses in the first place, but I think that's silly. Reward them for trying, because if this is the way they're going to respond to blowing it, they're one of the good guys.
a definite improvement in this case and so far.
What justification does Facebook have for keeping automatic event collection turned on by default in their SDKs? Why can't they enable it only when the the user has explicitly opted in (https://developers.facebook.com/docs/app-events/gdpr-complia...)? They even say, "you need to ensure that your SDK implementation meets these [GDPR] consent requirements."
Deleted Comment
That would imply they are incompetent and negligent.
Would one not expect large companies like LG to have internal security and privacy reviews of the software they publish, and know very well what they are doing?
> What justification
Their core business.
Not really.
Product Manager: I want to be able to support Facebook login for our app.
Developer: OK... [googles for how to do that] ... We can use the FB SDK for that.
PM: Cool, let's do that.
Dev: [implements it]
Nobody really does much more due diligence than that most of the time. I suppose you could argue that's negligent, but if that's the case, then pretty much every company that has an app with login functionality is probably in that boat.
I'm surprised that you consider that unlikely/surprising. Lots of companies act in technically incompetent ways all the time
> Would one not expect large companies like LG to have internal security and privacy
can't tell if this is sarcasm because this is exactly what they are. an OEM is just packaging stuff and always bigger than it's parts (in this case meaning the knowhow of their otherwise bright and knowledgeable engineers is lost in the organization as a whole). the biggest companies are always the dumbest places where no matter how bright you may be the management layers above make sure that this gets cancelled out (I've worked at Samsung, Nokia and Ericsson and it was the case in all these places). Doubt LG would be any different.
Also, that just linking the SDK in your app deanonimzes the user to Facebook is very, very clear in its documentation. It's not like Zoom didn't notice until someone told them. They made a decision, and now they're changing it because they were called out.
https://developer.apple.com/documentation/adsupport/asidenti...
You are thinking of “identifierForVendor”:
https://developer.apple.com/documentation/uikit/uidevice/162...
Do you really think they prepared a PR statement to respond to harsh criticism and just decided to toss in there the list of information sent without crafting the order of the items?
In the company I worked for, they read the code, you have access to it, and stripped that parts. It's not much work but its a pain.
The best approach is to use just the HTTP APIs and ignore the SDK. Your team will better understand how Facebook works, your app will be lighter and you are free from nasty surprises that a 3rd party may add to your app without your knowledge.
That sounds like a pretty accurate description of how software is built. (No, I'm not being flippant.)
> ... and hope it's not doing anything their users don't like?
I expect most don't think too much about it, not out of malice, but because their product manager told them "I want FB login" and to do that, they either spend an afternoon using the FB SDK, or spend a week figuring out how it works, implementing it from scratch themselves, and debugging the inevitable interop issues with whatever oauth2 (or whatever) library they've picked. It's really a no-brainer... few developers can take the week-long route and then justify that to their manager. They'll get fired.
I really can't fault Zoom here. They used an existing tool provided by a company that is, allegedly, reputable.
Though, thinking about it more perhaps Zoom should get some more scrutiny here because this isn't the first time Facebook has said eff it to user privacy. Distrust of Facebook should be the default.
People on the team knew, they just either didn’t care or were ignored when they voiced concerns.
"It's good that they removed it, and it goes to show just how important it is to inspect your application's wire traffic as part of your development and testing processes. Otherwise you'll have no idea what's happening until someone makes a blog post about it."
Now you need to log in via Facebook with a separate browser window, and thanks to the HTTP change, you need to click on a browser dialog to launch a meeting from a link. So, they've either changed their policy to err more towards the privacy side and haven't found all the cases yet, or, more likely, still have the same attitude except when the tech world starts screaming at them.
https://blog.zoom.us/wordpress/2020/03/27/zoom-use-of-facebo...
Please take care and be safe.
You are right on! To focus on our service stability and security are our top 2 priorities. We will work as hard as we can to keep improving. Thank you for your great support!
Dead Comment
But the where matters as much at the what; sending it to FB means that they add it to their profile of your users.
Uploading all of this data to Facebook just so you don't have to run a Matomo instance (or whatever controlled analytics platform you use) is either laziness or disregard for your users. There's a reason the analytics are free and sacrificing your users for something this small is exactly what is wrong with the modern software ecosystem.