I asked independent security researcher Ashkan Soltani via email whether Facebook's relationship with Apple-having a user's Facebook account baked directly into iOS-might give Facebook access to private APIs and capabilities that other developers don't have. Messenger appears to have more spyware type code in it than I've seen in products intended specifically for enterprise surveillance On Twitter, Zdziarski said he's worked for companies that write enterprise surveillance software that didn't know this level of access was possible. " using some private APIs I didn't even know were available inside the sandbox to be able to pull out your WiFi SSID (which could be used to snoop on which WiFi networks you're connected to) and are even tapping the process list for various information on the device," he wrote in an email. But of greater concern are the other things Zdziarski discovered, whose intended purpose is less clear. Some of this is expected behaviour for an app developer, of course.
Related: The Canadian Government Is Creeping On Your Facebook
In an email, Zdziarski said that Messenger is logging practically everything a user might do within the app, from what and where they tap, to how often a device is held in portrait versus landscape orientation even time spent in the Messenger app, versus the time it spends running in the background.
0 kommentar(er)
