The Zuck suck is in full swing.

fne8w2ah@lemmy.world to Mildly Infuriating@lemmy.world – 1081 points –

cross-posted from: https://social.fossware.space/post/123876

In the few short hours since I started using #Threads, #DuckDuckGo has already blocked over 200 data tracking attempts. These include things like "headphone status" and "screen density."

Trackers, trackers and ol' Zucc's roboface galore.

117

Not sure just mildly infuriating 😅

Also infuriating: the number of my friends who have installed this shitty app 😑

And their justification of it.

Edit: since for whatever reason i couldn't reply to @BraveSirZaphod@kbin.social, i'll edit my comment here:

I have no issue with the difference in opinion, but idk, if giving up way more privacy than it needed to run the app doesn't seems bad to you, i have nothing much to add 😐

what's their justification?

The usual "that's basically all social media shrug", which i agree but then again i don't really use social media much, and i use sync for reddit.

What, that they have different priorities and value for things like privacy vs social interaction than you do? Is that such a bad thing?

Okay, this is an honest question.

Why do you care? How does it matter at all to you what apps your friends use? How does it affect you?

I can totally understand people valuing their privacy strongly and refusing to use mainstream corporate social media. I can also understand people who don't care about that and decide that they get more out of it than they give.

Given that people posting on a social network that you're not on has essentially no effect on you at all beyond a vague bit of FOMO, why does it matter?

Why do I care?

Well, I get all manner of spam texts because my mom gave some shitty app permissions to access her contacts. The spam messages are directed to me by name.

It's not just their personal info they're putting at risk when they click "agree" on data sucking apps.

Yes, whatsapp has my real name and phone number on their servers without my consent because several people I know have my details saved in their phone contacts, and when someone signs up to WhatsApp, they give my personal contact information to WhatsApp because the person signing up to WhatsApp consented to give it, not me. Tbf it's the same for all messenger apps these days. I miss MSN Messenger.

It's a valid question and I understand your point, but it becomes an issue for me when I end up being caught up the a snowball effect and need to use a bad app too. Here in Europe, WhatsApp is an example of something I'd rather not use, but because it's the platform everyone else is on, it's very difficult to avoid. The parallel I see is if Twitter is supplanted not by Mastodon, but by Threads, then that is the place people will gravitate towards and then the privacy friendly version becomes less useful due to lack of users and content.

Of course it is an option to just not use these apps, but the preferably outcome is that I am able to have the nice experience without sacrificing my privacy.

I just cannot fathom why people would see the shortest that Musk has made of Twitter and think the best solution is to go to a clone made by Zuckerberg. Have they learned nothing?

Because fundamentally, people really don't care about all that much. They want a simple social network that's vaguely pleasant to use, has the people and content they're looking for, and otherwise stays out of their way. They certainly don't care about Musk's random crusade du jour against the evil woke libs.

Nor do they particularly care about targeted advertising so long as it remains vaguely unobtrusive and their data isn't constantly leaked in ways that directly harm them. Zuck, for all his many flaws, is smart enough to know that the single biggest thing he can do is to largely stay out of the way.

People are Lazy.

Not just lazy. Wilfully ignorant and, dare I say, largely stupid as well.

99% of times "stupidity" is just a lack of information, interest and prospective who let people don't see how someone else problem could very well become "their" problem too given enough time.

Because people just submit it. He doesn't know why. They just trust him. Dumb Fucks.

Worse. No one trusts Zuckerberg, they just all figure nothing bad will happen. "He's got everyone's data anyway." They don't think.

Whatever gives them their low quality tier content with the least friction no doubt

No wonder the app is not available in Europe, there is no way that list passes GDPR :P

I was honestly wondering what this app is cause I haven't heard of it.

What I hate about this is that they say things like "Try the best to protect users' privacy" etc then do shits like this

Well, they need to know your device rotation to serve you the perfect ads! /s
Seriously, I wouldn't mind them knowing a thing or two about me, when I'm using their services. But tracking everything, just because they can, is just obnoxious. If you would translate this to the real world, you would definitely get arrested when you would stand on the corner of the street, noting down everything you see, every dimension/detail of every person walking by. You would be labeled "creep". But if Facebook does it, governments go like: You can build your new data center right here, don't mind the measly peasants that currently live in the village nearby

Facebook I'm only comfortable using inside a browser for this reason, and not with Chrome either. Something proper like Firefox that can block third party cookies and run it in a container automatically so it can't follow you around. I need to contain the filth.

I wouldn't even type fa in by Firefox without the Facebook containers extension. And yeah, chrome can jam it

What kind of addon do you use to contain the tracking cookies on Firefox? I'd really like to get it too.

It's built into Firefox! You don't need one.

Click on the shield icon in the upper left (on Desktop) and from there you can get into your tracking protection settings. It also has a dashboard showing what has been blocked. Categories are social media, tracking cookies, tracking content, fingerprinting, and cryptominers. Facebook containers are also built into Firefox on desktop. That feature is called Container Tabs and is in settings also.

On Firefox for Android, you go to the three dots thing -> Settings -> Enhanced Tracking Protection.

Most browsers today have something like this built-in because it's such a problem, except Chrome, because Google is an ad company first and would be shooting their own foot.

There is also this official extension. IIRC, this also makes sure that all the meta owned sites are not able to interact with other sites, but can work fine with each other. It also makes sure that any links leading to their sites also only open in the container, maybe also sanitized to remove the tracker from original link. The last part I am not sure, as I might be confusing it with a different extension. But if you are using any of the Meta sites, I would recommend it.

Christ on a bike, does it want my gym locker combination as well?

No but it needs access to your front camera so it can record your face before and after using threads. They want to see if their engagement algorithms made you mad so then they can tell it's working

And on iOS

Search history... Really?

"Other data" that it doesn't specify. What's next, my shoe size and sleep schedule?

if it has access to health it likely has sleep schedule already

No, this doesn’t mean that they have access to your Apple Health data

3 more...

System volume? Lmaooooo wtf

They are clearly deciding if they need to start producing hearing aids

Potentially, and Ive also seen it used for ads. The first time Spotify noticed me mute my system and paused the ad, I became enraged. Its's a step too far. Luckily with external speakers I can just mute at the speaker level instead.

If you're using Spotify on Windows, consider installing a system ad blocker like Adguard for Windows and route Spotify traffic through it. It will strip the ads.

If you're using Spotify on Android, consider installing the app through X-Manager, which will give you an ad-free experience.

This was at work a few years ago. I don't use windows at home. But thank you for providing those recommendations. Hopefully a fellow Lemming will find them useful!

That's like that Black Mirror episode where the people are required to keep their eyes open and focused on the screen for everything

if you're on Android just use xManager

he's literally collecting device orientation data for whatever reason

Because to find the needle in the haystack, you first need a haystack. Until you know which needle you want to use, you need loads of haystacks which could have the needle in it you need.

Also, hoarders gotta hoard. (and bastards collect all they can get away with, and more, lots more)

Yeah, they probably don't need all of that info right now, but you never knew when something suddently becomes valuable. Also, the more data they have, the easier to identify you without any trackers like cookies.

Basically something like this:

"The algorithm suggests people who have their phone in landscape more than 28% of the time are more likely to vote for party A. Convincing them not to vote for party A is hard, so we'll convince them there's no point voting or make it harder for them to vote, by targeting these users with ads which make them question if their vote matters."

Don’t worry. Some bright marketing genius will market the ability to change voting preferences by making people only use their phone in landscape orientation.

It's probably more meaningful to ask at this point what data can he collects that he's not collecting.

Well, there are multiple apps that can extrapolate your blood pressure from finger pulse. So he's missing a market there.

It asks for access to Health and Fitness info.

The reason is device fingerprinting to track you with

What's next? Zucc is gonna ask for my dick size?

He can probably already predict it from other data with 99% accuracy

lol such app should have disclaimer similar to cigarettes packs

Does he want my SSN, bank card number, and mother's maiden name whilst he's at it?

The app does request permissions for financial info.

Jfc man, thanks for the hot tip on the ddg tracker protection! I've been using ddg for a while now on the phone and have out some effort into curating apps so most of what I have is private/secure/open source, but I still have a bunch of things like the Netflix app that I know are sketchy. I've just gone through every app I have and confirmed things like Jerboa, VLC, antenna pod, etc are all free of trackers. The real fun surorises though were my bank app and my state government services app, which are each on about 45 tracking attempts across 36 categories. The services one even uses two seperste tracker companies. That's super fun!

Fuck I'm glad I have this ddg add on now :D

Damn duckduckgo app protection is great! I'd never heard about it, installed and turned on now. Good call-out, thank you.

I encourage others to look this up too!

I got it running yesterday after seeing this thread. No noticeable difference to me, very noticeable difference to the online leech companies. I'm a happy camper

How does it work on mobile?

It's working great. 36 hours in and more than 33,000 tracking attempts blocked. It's mind boggling

And worst offenders are places I wouldn't have expected, like the docusign app, and being scraped by companies I've never heard of like comScore and bugsnag

What I mean is do zi download an app or is it a browser I use.

Oh ya you download the browser app, then turn on app tracker blocking in settings. I couldn't find it at first, but just googled it and the first answer worked. So all ya need is the duckduckgo app. At least, on Android

This will completely empty out Twitter. It's just like that scene on Godzilla when both monsters are fighting and the science dude just says to "let them fight".

Yeah, kinda. The crowd that cares move to Mastodon, that crowd that chases moves to Threads.

Now, there is still value in Twitter as long as content creators and companies post there. When we see companies pull out and content creators en masse setting up shop somewhere else the end is coming. Huge communites that depend on being huge rarely if ever can return from a real downwards spiral.

You're already seeing a lot of the celebrities and brands move over. I imagine their replies being filled with normal people rather than the blue check crypto nerds is a pretty big draw.

How do I block trackers like you have?

Install the Duck Duck Go browser, and sign up for the "App Tracking Protection" beta in the settings. Once you are enabled for the beta. Enable it in the settings. It acts like a VPN on your device.

This is cool, thanks. Used the app for ages and didn't even know.

Firefox also has an option to block third party trackers by default if you choose their strict setting, but DuckDuckGo has a more comprehensive solution.

I wonder if this is why the site just shows up as a blank screen for me?

I mean... many of those are reasonable? I don't see how checking the available device memory, screen resolution, screen rotation, etc are bad.

Device fingerprinting. Even with unique identifiers turned off, if you have enough of these seemingly innocuous data points, you can track individual users across sites and apps, even without any other information. They can use this to profile you, and manipulate you.

I mean... many of those are reasonable? I don't see how checking the available device memory, screen resolution, screen rotation, etc are bad since the app could use them to improve the experience. Lower RAM = don't preload as many posts, lower screen resolution = load smaller images, etc. all of which need to send flags to the server (a smaller number of posts to load, the max dimensions of images to return, etc)

This is obviously not the case when your client could just directly request things within it's resource limits.

Seriously, why would you give Meta the benefit of the doubt? These are just more datapoints to profile and analyze users.

These are just more datapoints to profile and analyze users.

I'm just being realistic. Seeing it in DuckDuckGo just means the app has requested that data - they don't actually know exactly how it's used. Just seeing that the data is loaded by the app doesn't mean anything. So far, nobody has actually been able to prove that any of this data is used for profiling users. Analyzing network traffic isn't too difficult so there'd likely be proof by now if it was actually happening (like Wireshark captures).

Profiling happens on the server end, but the unique identification can happen either on the server end or the client end or both.

And it's Meta. Their entire organisation is dedicated to manipulation, data collection, etc. - hell, they might do the profiling inside the app and only send results. What's "realistic" is expecting them to spy on you, not giving an organisation like them any benefit of the doubt!

There is, how do you think Cambridge Analytica did it. They’ve literally already been sued over this, it’s been confirmed they are collecting and using this data against users.

Cambridge Analytica violated the developer terms of service and scraped data via the Graph API, which was free to use. That's why the API is extremely locked down now. https://upvote.au/comment/105473

Hi there, and thanks for trying Threads!

While this may look alarming, it's nothing to be concerned about. Sometimes "privacy" focused browsers and apps can be a little overzealous.

We are taking our mandate to be a responsible member of the fediverse seriously, and part of that is building trust. We have no intention of abusing your data, nor the trust you place in us.

Thanks for helping us blaze this trail together!

Country, last name, and state. As well as my location directly basically. Nothing to be concerned about. Sure. Not at all. I'm not being sarcastic guys. We can totally trust a stranger who asks us where we live and know nothing about them.