Do current applications spy too much on users through their mobiles? Are they paranoid, or do they really take advantage of the permissions we grant them when installing them? According to an expert in Cybersecurity has pointed out in an article from the Forbes newspaper, the answer would be that it is not paranoia, at least in the case of the Facebook application for Apple iPhone iOS.
Apple has done a great job this year with iOS 15, preventing data abuse from companies like Facebook and Google. The transparency of application tracking has already had a drastic impact on revenue from data. In fact, we already told you the other day the button that appears on the iPhone when opening an app, and how it has cost Facebook 8,500 million euros in profits.
Facebook iOS spies on you
According to Forbes, the Facebook app has been caught “secretly” harvesting sensitive data without anyone noticing. And what is worse, there is no way to stop this monitoring “especially invasive, except by removing the application”, because Facebook continues to capture location data “using the metadata of your photos and your IP address”, even if you update the configuration settings to “Never” to stop tracking your location.
The company Facebook, which since last week is called Meta, “He admits this pickup, but refuses to explain why he’s doing it when users specifically turn off location tracking”. Now security researchers have suddenly warned that Facebook is going further, using your iPhone’s accelerometer. “To track a constant flow of your movements, which can be easily used to monitor your activities or behaviors at times of the day, in particular places, or when you interact with their applications and services.”
And what’s more alarming, this data can even put you in touch with people close to you, whether you know them or not.
Registering the accelerometer of your iPhone
As in the case of photo location data, the most serious problem is that there is no transparency. There is no warning that this data is being tracked, there is no option to enable or disable tracing; in fact, there doesn’t seem to be any way to disable the feature and stop the Facebook app in its tracks. Researchers Talal Haj Bakry and Tommy Mysk warn that “Facebook reads accelerometer data all the time. If you do not allow Facebook to access your location, the application can continue to deduce your exact location just by grouping yourself with users who match the same vibration pattern that your phone’s accelerometer registers. “
The researchers assure that the problem affects Facebook, Instagram and WhatsApp, although in the case of the latter it is possible to deactivate the function and the platform assured that no data leaves the user’s device: “On Facebook and Instagram it’s unclear why the app is reading the accelerometer – I couldn’t find a way to disable it.”
This means that you have to delete the application and access Facebook through the browser. The most curious thing is the way in which Facebook is exposed, since the expert Tommy Mysk points out that “I have tried TikTok, WeChat, iMessage, Telegram, and Signal. They don’t.”
Radical solution: Delete the app from your iPhone
“Although the accelerometer data appears to be innocuous”, dice Mysk, “it’s amazing what applications can do with these measurements. The apps can find out the user’s heart rate, movements and even their exact location. And what is worse, all the iOS applications they can read the measurements from this sensor without permission. In other words, the user would not know if an app is measuring their heart rate while using it. “
Although there may be valid benefits to using the camera, this does not explain why your movements are constantly tracked, rather than only when those camera features are in use. It would be easy for Facebook to only touch the accelerometer when necessary; And as for the shake-to-report feature, Facebook could use Apple’s functionality to limit the amount of data it extracts, but that’s not how Facebook operates.
Worse still, even when users turn off this reporting feature in the Facebook app: “Nothing happens when the phone is shaken, but the app keeps reading the accelerometer.”
The researchers cite the example of a bus trip to show how this data could be used. “If you are on the bus and a passenger shares their exact location with Facebook, the app can easily tell that you are in the same place as the passenger. Both vibration patterns are going to be identical.”
The bus ride
“We tested various applications”, explain Mysk, “and Facebook and Instagram stood out. While Facebook reads the accelerometer all the time, Instagram only does it when the user is sending a text message in direct messages “. Also, WhatsApp too “reads the default accelerometer to animate chat wallpapers.
As the Forbes expert argues, Meta / Facebook has in fact a patent application to use wireless telephone signals to connect strangers, and the company even cites the example of a bus trip: “It may be advantageous to provide an approach for users, who have known or likely to have known each other, to connect with each other if they so wish. “ notes the company.
Or, as it seems, even if they don’t want to. Will all this go further in that new Metaverse that Meta is building?