I don’t know anyone that works at Meta, so I’m hoping that someone here could answer this for me-
What makes employees there feel good (or at least okay) about doing stuff like this? You're spying on people, no? Surveilling ordinary people, not enemy combatants or foreign militaries? Perhaps a friend of a friend or even a family member? This kind of thing is so creepy and disturbing to me, not that it’s anything new…
What about the other app ? Now that this trick is known, either it’s completely fixed, including in system webview, or all the other usual spyware ,that the play store is full of, are going to use it to track their user.
Google still hasn’t fixed the issue of app being able to list all other installed app on your phone without requiring permission despite having been reported months ago. They didn’t even provide an answer.
I believe Google isn’t interested in Android user privacy in any way, even when it’s to their own benefit.
At this point either use iPhone, grapheneos or no phone at all.
For most people in the west, using yandex and chinese alternatives would be better than local ones, because neither china nor russia has any auhority over you, while your local agencies do.
If any software engineers out there are working on things like this I can only pray they STOP and think about why what they are doing. Implementing features by having to jump through hoops, just so that their employer can better spy on people and make more money.
That is so wrong, on so many levels ... I personally couldn't do it.
I hate this even more than NSO Group's Pegasys, which could easily get people killed. I'm ok with my reasoning, and I really hate that one as well.
Here, with Meta and Yandex, you see what you always see.
As soon as people catch on, they immediately remove it. But they will keep using it until that day comes.
For money, while trying to hide it from the users they are spying on.
It's greedy and evil and whoever in these companies think up these ideas should be let go. Immediately, in a perfect world.
Instead they'll just try another approach.
While everyone else has to clean up this latest one.
"Following public disclosure, Meta ceased using this method on June 3, 2025. Browser vendors like Chrome, Brave, Firefox, and DuckDuckGo have implemented or are developing mitigations, but a full resolution may require OS-level changes and stricter enforcement of platform policies to prevent further abuse."
Zen Browser (FF) on Win and Firefox on iOS (for sync) works well for me. Edge for all M365 related stuff. Still use Chrome for web dev. Not sure what to move on in that regard...
What I wonder is (from someone who has been in a room like that, not speculation), how do these decisions go down?
My other favorite example is un-disabling telemetry, resetting default browser, etc. Some PM or VP is in a meeting saying we are going to do this shady user hostile thing and everyone just nods? What is the amount and type of euphemisation?
I'd love to be a fly on the wall in one of these..
If we truly lived in a democracy which 'obeyed' the overwhelming will of the people, there would be laws with 'horrific' penalties for any effort to track devices or people online.
I've noticed that recent Chrome version does not allow me to download the pdf I'm viewing. I had to open it in Firefox. The Chrome browser only allowed me to save it to drive (cloud)
""
Millions of websites contain a string of computer code from Meta that compiles your web activity. It might capture the income you report to the government, your application for a student loan and your online shopping.
""
If I read that correctly then they are capturing all https web content you
access in clear text and uploads it all to Meta? Then Meta
I thought the exploit was used to track where you visited,
not the full data of each webpage.
> Know, too, that even if you don't have Meta apps on your phone, and even if you don't use Facebook or Instagram at all, Meta might still harvest information on your activity across the web.
A bit wishy washy. They are still tracking you, just not as effectively as before.
It's sort of interesting that Brave was not affected by this because they already blocked the technique used by the Yandex app. I wonder if Brave devs were aware of that specific abuse, or if they just thought that localhost traffic was distasteful categorically.
Never used Chrome, and don't use Meta apps... and when I did, I did not give them any real information.
I'm disgusted by the number of people giving real personal information to these assholes. "Open"AI insisted that you give them a real, functioning phone number to use ChatGPT. No goddamned way.
WaPo’s reputation so tarnished they have other outlets reporting for them? I don’t understand why a slashdot article has WaPo in the headline. Are they some authority on privacy?
Web browsers should become outmoded soon. It was fine for bootstrapping the web, but now to keep up a browser must emulate the operating system and more in a single app. This pressure is the centralizing factor in browser dominance. Ditch the features, drop the spy protocol (http), just get the files.
It's CREEPY to imagine the Internet is under a mandate to protect your privacy.
Don't be CREEPY.
The EU cookie fiasco is just that. All of a sudden, your every day experience was derailed extremely in a way that 'broke' HTML standards and sites at first in hundreds of ways. All of a sudden sites that never did track users were forced to start tracking them -- in order to set the flag to suppress the harassing cookie warning. Ironically, they will remember your cookie settings if you 'sign up'. Meanwhile nothing became more secure or private. It was just a way for the EU to virtue signal out loud and be annoying. It throws the user into sitespace to navigate the site's own cookie settings. It's theater.
Meanwhile, advanced fingerprinting is, well uhm, advanced. If the EU cared about cookie privacy a better course of action would have been to see whether browsers were locked down with best anti-fingerprinting possible and local cookie dialogues... and certify the ones that were. Educate users, harass them one time.
Washington Post's Privacy Tip: Stop Using Chrome, Delete Meta Apps (and Yandex)
(tech.slashdot.org)472 points by miles 7 June 2025 | 328 comments
Comments
What makes employees there feel good (or at least okay) about doing stuff like this? You're spying on people, no? Surveilling ordinary people, not enemy combatants or foreign militaries? Perhaps a friend of a friend or even a family member? This kind of thing is so creepy and disturbing to me, not that it’s anything new…
Google still hasn’t fixed the issue of app being able to list all other installed app on your phone without requiring permission despite having been reported months ago. They didn’t even provide an answer.
I believe Google isn’t interested in Android user privacy in any way, even when it’s to their own benefit.
At this point either use iPhone, grapheneos or no phone at all.
The silence says a lot.
That is so wrong, on so many levels ... I personally couldn't do it.
I hate this even more than NSO Group's Pegasys, which could easily get people killed. I'm ok with my reasoning, and I really hate that one as well.
Here, with Meta and Yandex, you see what you always see.
As soon as people catch on, they immediately remove it. But they will keep using it until that day comes.
For money, while trying to hide it from the users they are spying on.
It's greedy and evil and whoever in these companies think up these ideas should be let go. Immediately, in a perfect world.
Instead they'll just try another approach.
While everyone else has to clean up this latest one.
"Following public disclosure, Meta ceased using this method on June 3, 2025. Browser vendors like Chrome, Brave, Firefox, and DuckDuckGo have implemented or are developing mitigations, but a full resolution may require OS-level changes and stricter enforcement of platform policies to prevent further abuse."
My other favorite example is un-disabling telemetry, resetting default browser, etc. Some PM or VP is in a meeting saying we are going to do this shady user hostile thing and everyone just nods? What is the amount and type of euphemisation?
I'd love to be a fly on the wall in one of these..
If I’m a contractor forced to use Chrome and mobile devices, can I deduct a separate work phone?
I really hate having it my iPhone, at least maybe I can claw something back this way?
Related discussion: https://news.ycombinator.com/item?id=44169115
https://assets.msn.com/content/view/v2/Detail/en-in/AA1GecPs
The WP article says:
"" Millions of websites contain a string of computer code from Meta that compiles your web activity. It might capture the income you report to the government, your application for a student loan and your online shopping. ""
If I read that correctly then they are capturing all https web content you access in clear text and uploads it all to Meta? Then Meta
I thought the exploit was used to track where you visited, not the full data of each webpage.
A bit wishy washy. They are still tracking you, just not as effectively as before.
https://win32subsystem.live/supermium/
https://github.com/win32ss/supermium
I'm disgusted by the number of people giving real personal information to these assholes. "Open"AI insisted that you give them a real, functioning phone number to use ChatGPT. No goddamned way.
The EU cookie fiasco is just that. All of a sudden, your every day experience was derailed extremely in a way that 'broke' HTML standards and sites at first in hundreds of ways. All of a sudden sites that never did track users were forced to start tracking them -- in order to set the flag to suppress the harassing cookie warning. Ironically, they will remember your cookie settings if you 'sign up'. Meanwhile nothing became more secure or private. It was just a way for the EU to virtue signal out loud and be annoying. It throws the user into sitespace to navigate the site's own cookie settings. It's theater.
Meanwhile, advanced fingerprinting is, well uhm, advanced. If the EU cared about cookie privacy a better course of action would have been to see whether browsers were locked down with best anti-fingerprinting possible and local cookie dialogues... and certify the ones that were. Educate users, harass them one time.