Snippet: Facebook Abuses Enterprise Certificates, Spies on Teens ☇

Shared on January 30, 2019

Josh Constine for TechCrunch:

Desperate for data on its competitors, Facebook has been secretly paying people to install a “Facebook Research” VPN that lets the company suck in all of a user’s phone and web activity, similar to Facebook’s Onavo Protect app that Apple banned in June and that was removed in August. Facebook sidesteps the App Store and rewards teenagers and adults to download the Research app and give it root access to network traffic in what may be a violation of Apple policy so the social network can decrypt and analyze their phone activity, a TechCrunch investigation confirms. […]

Since 2016, Facebook has been paying users ages 13 to 35 up to $20 per month plus referral fees to sell their privacy by installing the iOS or Android “Facebook Research” app. Facebook even asked users to screenshot their Amazon order history page. The program is administered through beta testing services Applause, BetaBound and uTest to cloak Facebook’s involvement, and is referred to in some documentation as “Project Atlas” — a fitting name for Facebook’s effort to map new trends and rivals around the globe.

I really want to cover things other than Facebook-being-bad, but this is beyond creepy and I’d consider it malware. The fact that they’ve skirted Apple’s App Store guidelines is not surprising, but Apple took action quickly on the matter. In some capacity, I think Facebook believes that they’re above other companies’ policies, especially in the area of privacy.

Snippets are posts that share a linked item with a bit of commentary.