Reprinted from TidBITS by permission; reuse governed by Creative Commons
license BY-NC-ND 3.0. TidBITS has offered years of thoughtful commentary
on Apple and Internet topics. For free email subscriptions and access to the
entire TidBITS archive, visit http://www.tidbits.com/


 Instagram and Facebook Could Track Everything You Do in Their In-App Browsers

   Adam Engst

   In the latest update to all the ways that Meta (previously Facebook)
   works to track users, security researcher Felix Krause has discovered
   that the [1]Instagram and Facebook iOS apps inject custom JavaScript
   code into every website using their custom in-app browser. That code,
   according to Meta, helps aggregate events like online purchases before
   the Facebook platform uses those events for targeted advertising and
   measurement.

   That may or may not cross your line for unnecessary tracking, but
   Krause's broader point is that such custom scripts could monitor your
   every interaction on third-party websites, including form inputs like
   passwords and credit card numbers, so you have to decide what you trust
   Meta to do in the future. You can sidestep this privacy vulnerability
   by tapping the '˘'˘'˘button at the top right and selecting Open in
   Browser, accessing the Instagram and Facebook websites in Safari
   instead of their iOS apps, or opting out of Meta's exploitative
   business model entirely.


   [2]Read original article

References

   1. https://krausefx.com/blog/ios-privacy-instagram-and-facebook-can-track-anything-you-do-on-any-website-in-their-in-app-browser
   2. https://krausefx.com/blog/ios-privacy-instagram-and-facebook-can-track-anything-you-do-on-any-website-in-their-in-app-browser

.