hngopher.com

       [HN Gopher] Facebook snooped on users' Snapchat traffic in secre...
       ___________________________________________________________________
        
       Facebook snooped on users' Snapchat traffic in secret project,
       documents reveal
        
       Author : coloneltcb
       Score  : 14 points
       Date   : 2024-03-26 21:15 UTC (1 hours ago)
        
 (HTM) web link (techcrunch.com)
 (TXT) w3m dump (techcrunch.com)
        
       | DuskHorizon wrote:
       | The immorality of Facebook has no limits. Censorship? Check.
       | Espionage? Check. Profiling? Check. Propaganda? Double check.
       | Dictators of the world are envy of Mark ;)
        
       | adrr wrote:
       | I don't understand how FB can decrypt other apps network traffic.
       | TLS will fail if they tried a man in the middle attack even if
       | they had VPN software installed on the device.
        
         | yusaydat wrote:
         | They asked users of the VPN service to install a certificate,
         | that's how they did it.
        
           | blcknight wrote:
           | The TC article leaves that a little unclear: were they
           | actually looking at the plaintext or just gathering metrics
           | about snapchat usage? The latter wouldn't require decrypting
           | the session.
           | 
           | If Onavo did install a certificate and MITM the connections
           | and send private user data to Meta... that's beyond the pale.
           | That's far more worthy of a cover story than Bloomberg's
           | debunked secretive tiny chips story from a few years ago.
           | It's equally as bad if not worse.
           | 
           | Hopefully the technical details will come out.
        
             | rpdillon wrote:
             | This is the first sentence of the article:
             | 
             | > In 2016, Facebook launched a secret project designed to
             | intercept and decrypt the network traffic between people
             | using Snapchat's app and its servers.
             | 
             | I read the rest of the article as well, and saw only
             | confirmation:
             | 
             | > Given that Snapchat encrypted the traffic between the app
             | and its servers, this network analysis technique was not
             | going to be effective. This is why Facebook engineers
             | proposed using Onavo, which when activated had the
             | advantage of reading all of the device's network traffic
             | before it got encrypted and sent over the internet.
             | 
             | Where do you see the ambiguity? Other than the weasel words
             | about proposing these programs (versus actually running
             | them), it seems clear that they were decrypting the traffic
             | (or reading it before it was encrypted). Did I miss a
             | piece?
        
       | cedws wrote:
       | This alone should be cause for investigation. What the fuck? Is
       | Zuckerberg a US intelligence asset or something?
        
       | bottom999mottob wrote:
       | Reminds me of the Chinese hacking company leak a few weeks ago.
       | 
       | Hack-a-Nation-State-as-a-Service and Hack-a-Service-as-a-Nation-
       | State. The most predictable and boring dystopia. Like was anyone
       | surprised Facebook was doing this?
        
       ___________________________________________________________________
       (page generated 2024-03-26 23:01 UTC)