This is one of those tech urban legends that keeps popping up. Facebook does have an opt-in feature that can identify what music, tv show or movie you are listening to or watching, but that's it.
This could be rigorously studied. A group of people could attempt to plant false advertising opportunities in their speech and then measure the frequency at which related ads/posts arrive in their feed. I would trust something like this more than an assertion by FB that this is not happening.
Not just rigorously; easily studied, and checked. I haven't seen a single response here that says something along the lines of: 'Hey, I just did exactly the same as they reported the woman doing in the article, and she's right!' but instead, plenty of FOAF-type anecdotes about sort-of similar things. So, has nobody here bothered to check because they all trust news10.com as an impeccable source of technology news?
Even IF this was true, do you really think the executives on their meetings go like: "Okay, if we deny this, we will go to jail. So let's tell everyone that we are spying on them!"
Evey now and again I see a picture or article being shared around saying Facebook are spying on you and how their apps have all these permissions to use your camera and phone audio.
If they are on android, I tell them to open their system settings and show them how Google Search has just about every privilege on your phone and has had it since they turned it on.
Even if people are concerned they still don't stop using Facebook or android. :/
> Facebook are spying on you and how their apps have all these permissions to use your camera and phone audio.
And it's not just the Facebook apps. The Facebook SDK is widely embedded into many other apps Facebook SDK (it's the most popular SDK on iOS for example, according to data published from Cocoapods - https://gist.github.com/ryanolsonk/e33bf9e89677da9fe8ce ). It's so popular because Facebook is basically the most effective network to run so called "App Install Ads" and embedding their SDK providers marketers essential data for tuning their targeting and ad spend.
The SDK gives Facebook access to a ton of additional usage data which they can link together with anything they already have on your from their apps. It also _potentially_ gives them the ability to exploit any permissions given to the host app which embedded the SDK. Now they publish the source of the SDK openly ( https://github.com/facebook/facebook-ios-sdk ) but it certainly would harm anyone if there was more independent scrutiny given to analysing the source and whether there's anything else we're not seeing that go into the final SDK downloads.
You're right although most developers are going to get it either pre-built from here https://developers.facebook.com/docs/ios/ and add it manually to their project or via Cocoapods (also pre-built I believe)
Same here but you'd be surprised by how many people I know and you know post 1000 photos of every moment of their summer vacation on a trip. It scares me that they keep uploading all that there
They dont stop using because there is no real reason not to. Nothing is free, every 'free' app takes something. Everyone knows this so they dont really care and why should they?
FB just recently shot their credibility though by making statements that seemed very dishonest regarding their content bias. I don't think it's a big issue but it'll look that way. It'll cause people to think twice -- who knows, maybe next week FB will announce "a bug in the code sometimes accidentally listened to a few users' phone calls" and "we are reviewing our auditing mechanisms to ensure this doesn't happen again".
Is it a net gain for society if they're more wary, even if this particular instance is wrong?
Saying that there was no bias in their news selection, when it should be readily apparent that having humans select thing would introduce bias. Not quite outright lying, as you might possibly think they're naive enough to think humans are unbiased, but I don't think they get the benefit of the doubt here.
IIRC they also started off saying it was all algorithmic.
The point he's making is that Facebook can't be trusted to self-regulate (in the context of privacy). With that assumption you probably wouldn't accept their opaque self-investigation so placidly.
I think the point is that a casual observer would not have guessed trending tropics were so influenced by human intervention, and might have taken them to be an actual reflection of the Facebook hivemind. Further the statement of "no evidence of systematic political bias" is a bit hard to swallow given reports of Facebook employees asking "what Facebook can do to stop Donald Trump" at their all-hands (one of the top 5 questions in a poll [0] not just a lone employee walking up to the microphone). Further, the people curating these feeds are probably underpaid and young, and hence are probably going to skew left of the average journalist. Bias doesn't have to be explicit to be systematic.
Anyway I find Donald Trump + much of the rest of the GOP field pretty reprehensible politics-wise, Facebook seems to be handling things well [1], and we shouldn't worry about a conflict of interest as much as w/ advertising+privacy [2], but some amount of vigilance seems wise given how much influence these platforms can have over political outcomes [3]. Twitter in particular seems to have made a few fairly illiberal moves lately from my POV.
For a very real example of facebook bias a group created two Facebook groups full of similar hatred but directed at two different ethnic groups.
One was shut down almost immediately, one was still up when the video was posted.
Won't name them as I don't want to drag politics into HN but I am fairly convinced it is repeatable (and if anyone is interested in giving it a try I can try to dig out a reference and post.)
Interesting experiment, but two groups seems like a too small a sample.
If moderation is done by humans, you could simply prove that one moderator had a worse morning than the other, or that through luck of the draw Group A went to a sympathetic moderator while group B did not. That could demonstrate individual bias, but not institutional.
If moderation is automated, how do you control for the weight of keywords, phrases, etc? Maybe Group A was full of statements that almost threw a flag but not quite, while Group B contained mostly innocuous wording but (only) one phrase that actually got flagged.
If both groups were designed to be unpleasant, but various "blacklist" words and phrases are weighted differently, Group A might have achieved "flagged" weight while group Group B was "flagged -1." One might have scored 99 pts vs 100 for the other, but the visible difference is that one remains visible while the other does not.
Thinking out loud, now... let's say that Facebook does have a political bias. How do you prove that Facebook's financial success is despite that political bias, and not because of it?
Is it possible to have a monopoly on digital socialization? If you can't declare Facebook a monopoly, and therefore subject to greater regulation, then your only lever over Facebook is social pressure, presumably in the form of bad press and boycotts, which will reduce their advertising revenue. How do you prove that the existing political bias is leading them to sub-optimal revenues?
> Maybe Group A was full of statements that almost threw a flag but not quite, while Group B contained mostly innocuous wording but (only) one phrase that actually got flagged.
Couple of months since I saw this, so can't say for sure but I think a major point of the experiment was that the two "hate groups" were equal except which ethnic group they were directed at.
The android app asks for microphone privilege as of a few years back when they introduced the listen-in feature. The problem here to me, is that when they add the voluntary feature they force everyone to give the app all the permissions needed as well. By doing this your phone has no way of stopping the app from misbehaving as it has given permission for it to do so.
At least that was the case when the feature came out. I think I read something about android now letting you filter permissions and not blindly accept all that an app asks for?
However at least on my Cyanogenmod device I've experienced apps breaking 100% if you deny it a permission. Even if that permission should not be vital to the functioning of the app.
It's great that you can filter permissions, but when you suddenly can't use basic functionality because the programmers added obligatory geolocation to a feature, then you don't have much choice. Remove the app, or allow it to track you.
As recent as of a couple years ago, Facebook's android app required access to your text messages to read texts. They were reading every text you sent & received just for some fancy Facebook linking.
Be a stretch to call this an urban legend, unless you're saying the people referenced in the story don't exist.
That said, this is lazy & irresponsible reporting on what is at best a singlural event.
If it was reproduced, this is clearly a violation of Facebooks terms of service, regardless of if the user has opted to let Facebook listen to the music and TV that's playing in the background.
And every time they say "Whoopsie, it was just a bug - we'll fix it!". And then they don't. Or they come back 3 years later and say "Hey everyone, remember that 'bug' you caught earlier? We're going to make it into a beautiful feature now!".
Heh that's a funny thing to say. I remember when one of the first Snowdens revelations came up, Larry Page wrote a blog post on official Google blog:
https://googleblog.blogspot.co.uk/2013/06/what.html
saying they don't cooparate with NSA.
The same week we were provided documents signed by NSA/CIA officials claiming that Google is not even forced to do it, they provided extra interface for NSA so they can grab data whenever they want:
http://www.wired.co.uk/news/archive/2013-06/12/google-prism-...
Some recent emails with Clinton showed that top Google employers helped with surveillance in Arab countries a couple of years ago, more journalists described that Google is in relationship with NSA. http://www.techtimes.com/articles/6610/20140507/google-cahoo...
Hmm, but Larry Page is specifically addressing PRISM. And your Wired link agrees with him. And from what I remember, it wasn't so much "documents signed by NSA/CIA officials" as "an internal powerpoint slide".
Didn't the NSA hack Google's own internal fiber? Why would they need to do that if they had the keys to the kingdom anyway?
Your techtimes link doesn't have anything about Arab countries (or Clinton for that matter), the only fact in there is that Google and others were invited to an NSA talk about "security" in 2011.
I doubt that it happens myself, but out of curiosity, are you saying this because you are in a privileged position to know for sure that Facebook doesn't do this, or are you saying this based on your experience of the corporate culture?
Definitely the corporate culture wouldn't allow anything like this. Believe it or not, many FB engineers have some kind of free software / civil liberties background in their past, and most people don't seem to realize that A) they have options, they can and would walk out if they witnessed anything shady B) the company has enough fake scandals wound up by the press as it is, to risk doing something genuinely evil for short term gain, and have a former employee eventually blow the whistle on.
One controversy after the other, during my time at Facebook I witnessed the chasm between the mostly innocent motivations behind a product feature, and what the press / outside world made of it. This experience probably taught me as much about media cycles and conspiracy theory dynamics, as it did about engineering.
Oh cool! So based on your comments, you've done an audit of all related code repositories and libraries to confirm?
I'm sure a Facebook engineer COULD find out if Facebook is doing this - but just working at Facebook is not sufficient enough to say for certain it does not happen, you need to actually do the required investigation.
---
I don't personally think Facebook is listening in the way suggested here, key word would be _think_ though. And unless you're saying you've audited the code repositories, you're limited to your _opinion_ based on the context you have from working within the company.
You cannot say it doesn't happen with any level of certainty (as you've tried) just because you have access to the code repositories.
I used to work there a while (5 years) ago, and I don't think you understand how this company works.
There are internal groups where features are discussed and debated all the time, and even all hands Q&A sessions with Zuck (weekly IIRC) where sometimes hard questions are raised.
Someone amongst the many engineers with access to the repo will eventually end up spotting shady code if it exists. They might raise this with a colleague first, or in an internal group, and the matter might even bubble up to the Zuck Q&A if it's intentional and particularly controversial.
This level of internal openness is unusual at this company size, and since there are people joining & leaving all the time (including interns who AFAIK have the same level of access to the code) it would take just ONE disgruntled whistleblower to ignite a scandal that the press will be instantly all over like piranhas smelling blood, this being Facebook.
Therefore, doing evil covertly like you suggest just isn't worth the risk for FB, period. Not happening, won't happen. When you see headlines like "Is Facebook eavesdropping on phone conversations?", Occam's razor is always your best friend.
It doesn't require ALL repositories, just those that contribute to the mobile app. I don't know about Facebook, but where I work there are hundreds of employees who have access to the source code of our mobile app and a few tens of employees who know the deployment process well enough that they would know if other code were being added as part of the deploy process.
I've been looking for this online statement they say was made by Facebook: “We use your microphone to identify the things you’re listening to or watching, based on the music and TV matches we’re able to identify.”
I can't find it anywhere on Facebook's site. I don't believe it exists, or if it exists it was expunged some time ago. I'd like to know from which website ABC News 10 has located this information!
"No, we don't record your conversations. If you choose to turn on this feature, we'll only use your microphone to identify the things you're listening to or watching based on the music and TV matches we're able to identify. If this feature is turned on, it's only active when you're writing a status update."
So, not as bad as the news article suggests, but still extremely creepy.
No more creepy than Shazam or SoundHound. You'd be amazed at the number of people that want to share the song they're listening to, or the show they're watching, as part of a status update.
Another anecdotal-data-of-sample-size-one, my wife was at a bar and struck up a conversation with another person to whom she had no connections. After she left, Facebook suggested this person as a friend.
The other person may have searched for her on Facebook, causing her to be listed as a possible friend. Or perhaps Facebook uses location data to group people that are in the same location for an extended period of time.
It would be interesting if someone at Facebook could provide some insight into this.
Especially after that incident where the Facebook app intentionally changed the email address of contacts in your phone to use Facebook.com email addresses instead of their real ones. All Facebook apps have been banned from all my devices since then.
Because my phone wont let me uninstall it [0] and it's not just on my specific phone, other manufacturers do the same. I also cannot uninstall Amazon or the 5 other completely useless apps it brings, Facebook Messenger and Instagram are ingrained into my phone which is annoying. I wish rooting and setting up a custom ROM wasn't a painful experience or I would do both, but I like getting updates, which rooting stops, and I'm not too sure a ROM supports updating properly.
Ditto. You can even get notifications from Chrome, and the facebook website supports it.
Chat is by far the biggest hassle, but I'm willing to pay the price.
I see the slightly degraded experience as a good incentive to not go on Facebook as often.
Because "people" aren't even aware that this stuff can happen. I actually think it's far more likely that in this situation the other person did a search, but most people wouldn't even consider that a simple search could result in you ending up on a "People You May Know" list.
TL;DR: people don't know because they aren't savvy, and that isn't their fault. Those of us who do know should do a better job, but no, I have no ideas how either.
This should also be true for android as of version 6. I haven't tried installing the facebook app to make extra sure, but I get to choose with every other app I use.
I actually tried this on iOS a few months ago. The experience was far worse -- felt slower, less responsive, harder to navigate -- so I re-installed the app.
On the flip-side, (again, anecdotal sample-size-1) I've noticed a definite improvement in battery life after uninstalling the app, and I definitely don't needs any of Facebook's notifications to propagate through via the app.
My Facebook experience is not very involved. I just scroll through the news feed, look at some photos/comments. Works fine for me, but if you are a heavier user, the app will of course be more fluid.
That's the opposite of my experience when I was using Facebook(a year ago). The app was awful, crashed regularly, and was much slower retrieving data. The mobile version was a much smoother experience.
This is a solid example, in relation to the OP comment. Since you didn't know her name. But...there is still a possibility that you had mutual friends and her face popped up. I used FB a lot and FB cycles many friends multiple times, in the hope that someone connects with you. I'm really good a remembering faces and well, this was what happened to me, numerous times. I might not knew the person in January but in July, I'd randomly meet them. FB showed me their photo probably 5 times in the process but it wasn't until the 5th time that I requested.
How is this possible even in principle? Location tracking might be one explanation - they certainly have access to the data - but it seems implausible for Facebook to be suggesting you friend every goddamn person you walk past. They couldn't have known you thought she was attractive, so what gives?
Since anysz mentioned he has 0 friends, there will be no social graph recommendations. Thus less-confident recommendations will show up, including spending some minutes in the same location as someone. It could then consider other factors—opposite genders, relatively close in age, maybe similar interests.
So, since people largely agree on who is attractive, does this mean FB would be recommended this poor lady to all the schlubby loners who wander through her checkout line? "The digital pimp, hard at work."
As long as there is nothing forcing people into it, I think it could be great.
We don't know what we don't know to paraphrase that famous romantic Donald Rumsfeld. Who knows if the person behind you on the rollercoaster or grabbing a taco might be the yin to your yang.
I just wish Waze could tell me who my ideal carpool partners might be.
You probably don't use your real name for the FB account, do you? (Ruling out the "she saw your name on your moneycard and googled you on Facebook" hypothesis)
Had the same thing happen to me after a date. We met on a dating site, agreed to meet for drinks. I never even knew her last name. The date didn't go well, so we ended it early. Afterwards, she showed up on my recommended friends list, and I assume I on hers.
Could you and the girl have shared the same IP address at some point (because of store Wi-Fi, or CGNAT with your cell carrier) ?
Disclaimer : I'm a former FB engineer but have no specific knowledge of this area. I suspect that IP addresses could be used as input for the PYMK feature though (in the absence of anything better, as you had 0 friends), as they are for security systems.
A similar instance on my part: I started working at a new job last year, but didn't add that information to my Facebook account or any other online account (even LinkedIn, which I trust even less than FB). Within a week all of my new coworkers started showing up as suggested friends.
Now here's the fun part: My government job has a strict electronic device security policy, and employees are forbidden from carrying cellphones, smart watches, and any other connected devices into the building; I have to leave my phone in the car. So, how does Facebook know that I have new connections with these people? The only thing I can think of is that each of them looked me up on the site after meeting me. Another more insidious thought is that Facebook is using GPS location data to see where I go every morning and depart from every evening and is assuming that it's my new job (Google did this in the past when I had an Android phone and had Google Now enabled, it figured out on its own where my last new job was, but that was a documented "feature").
Either way, Facebook now knows where I work even though I deliberately chose not to tell them.
I once tried out Tan-tan, China's version of Twitter. I was idly swiping away until I saw, on one girl, "you have crossed paths with her twice!" underneath which was a Baidu maps frame showing Balboa Park station.
You hand the cashier a credit card, she thinks you're cute, too. Cashier reads name on credit card, wonders "if he's on Facebook", looks you up and there's your connection. Something something Occam's Razor.
I was about to ask why Bluetooth would come into play, but then realized that I replied to the wrong comment (the intent was to reply to the one about the "super cute cashier"). Though giving some thought, your way would work, too. Assuming that one can get the MAC address on a mobile device (never tried on either of the major platforms).
This happened multiple times to me in the past as well. Most likely the other person searched for my name on FB causing FB to recommend the searcher as friend to me (LinkedIn uses the same technique). Location data sounds strange, that'd mean FB would constantly recommend other people sitting in the same restaurant etc.
it could also use 'same ip' data, apparently, so if they were using the bar wifi you'd get a friend suggestion, even if you never gave location access to facebook.
A friend of mine was having a discussion with a contractor working in his yard about something he was entirely unfamiliar with--natural gas powered grills.
Having never researched the topic before, he was a little unnerved later to have Facebook serving him natural gas grill content ads. (still having not ever google'd them or anything)
I can confirm that Facebook suggests people that have looked up your name.
I don't use FB on my phone, never have. Hence no location/IP/network data. I have not filled out where I work, but searched the place up once before.
A coworker who wanted to friend me and presumably searched for my name still gets suggested as possible friend a year after I quit the place. We have no possible mutual friends, I have never been on his profile, or searched the names of any of my coworkers.
>The other person may have searched for her on Facebook, causing her to be listed as a possible friend. Or perhaps Facebook uses location data to group people that are in the same location for an extended period of time.
Probably the first -- since I, and millions of people, stay with hundreds of people we don't know for the same period of time and more (in bars, airports, workplaces, queues, concerts, shops, etc), and they still are not suggested to us.
People who I've searched for always appear as recommendations afterwards. My best guess is that this is a reverse of that, your wife was searched and so got the recommendation. I still don't like it though.
Can't speak for Android, but on iOS it is not possible for an app to "listen" to your microphone unless it is in the foreground, and you have explicitly given the app permission to do this (the first time the app attempts to do so). It can also be revoked at any time without removing the app.
The only way around this restriction would be using a private API Apple could have provided. Given that Apple has even integrated some aspects of Facebook into iOS, this is not totally impossible, but it's hard to imagine Apple having an incentive in allowing Facebook to passively record and transmit all user audio. To date, Apple actually seem to be pretty good at protecting user's privacy.
Unless Heard has stopped working then this is not 100% true http://www.heardapp.com/ It may put a banner on the top bar but I've used this app and it worked just fine.
Yes, apps can definitely listen while in the background. In fact, this is one of the few activities where Apple allows you to run in the background indefinitely. Without doing this or one of the other things (like continuous GPS updates), you only get three minutes of background activity before the OS freezes or kills your app.
Some apps actually use this to work around background activity restrictions. If they can come up with a plausible excuse to run the microphone, they can use that to keep the app active in the background indefinitely.
It does place a really obvious red bar at the top of the screen, though, so it's not something an app can do secretly. I believe only one app can do it at a time, too, so you can't have a bunch of them all spying on you at once.
Very off-topic but what is your real-world use case for such an app? The site lists a couple but most of those seem to make more sense when using a recording app in the traditional, explicit, way (e.g. "we are having a meeting, I will record this meeting").
So honestly it's best use case is "gotcha". As in you didn't know I was recording and you said something stupid and now I have a recording. Likewise if you are talking to someone and you say something along the lines of "Are you sure about that?" or "Can you confirm this is what/how you want me to do this" and then you record the audio for later incase they come back and say "I never said that".
For myself I went the extra mile to just have my laptop record ALL audio but then felt this was a little too douchey/NSA-y and disabled the whole thing and wiped the audio. I wanted such a system not only for "You said this then and now you are saying that now" but to remember things I had said myself. I wanted to hook it up to STT to have a searchable archive of what I had said but again it was an invasion of privacy (to people around me) that I personally couldn't stomach.
As for creepiness, you know what's creepy? People saying something and then lying about it later.
You'll be happy having the audio even if there are restrictions. Simply don't tell anyone about it until the benefits (saving your ass) outweigh the drawbacks (potential charges).
To circumvent the one-party consent issue, he could just write a Terms of Service on the inside of his shirt that includes a clause about "Engaging in conversation as a use of the Services" that implies agreement with the Terms of Service.
Virtue signaling. By implying that you're a criminal they feel it makes them look better.
As for you, there's nothing morally wrong in wanting to not be trapped by a liar. And it doesn't magically become morally wrong if you walk into a two-party state.
I've often been in meetings I wish I'd have recorded but didn't think about it until too late.
For that matter, I'd love the same concept with video, if there was a way to always record what I'm seeing without having to think about it in advance or wear a camera on my face, to capture anything interesting that happens to me, I'd be interested. I remember a story about an exec at Microsoft installing implants in his head for this purpose.
I'm terrified of anyone but me having access to this kind of data, though. It's nobody's business but mine.
Don't know about HeardApp, but I automatically assume the primary use case is for the company's benefit and not mine. Is it installing SilverPush on my phone and listening for things besides me to cross-reference and track my activity? I don't know...
> I'm terrified of anyone but me having access to this kind of data, though. It's nobody's business but mine.
This is by far the biggest problem with this kind of tech. If there were a way to guarantee the privacy of the recordings, it would be a super useful tool. You could basically have a perfect photographic memory. Not to mention all the cool processing you can do with the data. The idea really excites me, but equally terrifies me.
But I think given enough time and progress in encryption/speech recognition/legal issues, I think something like this is inevitable. It's hard to see a future where we record less. I think another key part is having access to data of you. That way you don't feel like it's being recorded to be used "against" you.
You mean when they removed their warrant canary a few years ago under the guise of "new security policy"?
When they were found to be tracking GPS positions even with GPS disabled? (Sorry it's impossible to find a link to this anymore)
How about the Bluetooth vulnerabilities their desktop computer suffer -- I've seen keyboard connections trivially hijacked.
I'm not suggesting that Apple has made a deal with Facebook (I think you're right on not being incentivized to do this), but to say Apple is "pretty good" at protecting a user's privacy, I question that.
Is this a common thing for apps to do, yet? I was under the impression that there are some corporate networks which treat MitMing ssl connections as a business necessity. Would Facebook et. al. allow their apps to stop functioning on networks like that?
I can't imagine an enterprise which would MITM employee web browsing but not block Facebook. Come to think of it, I can't imagine an enterprise that would MITM employee web traffic but allow personal smartphones on the network.
Ha. Yes, fair enough. But, presuming they didn't, would it not be in facebook's best interest to allow their app to still work, perhaps with a visible warning?
“That is kind of weird,” she laughed. “I’m still not so sure this isn’t just coincidence. I don’t think Facebook is really listening to our conversations.”
This is a terrible article. There's an easy way to figure out if it's a coincidence... repeat the experiment.
99% sure this is not a coincidence, here's my theory: people's IRL conversations can be pretty reliably predicted by their Facebook conversations, so targeted ads based on messages tend to be surprisingly relevant to the next thing they talk about IRL.
Example: my girlfriend was given a box of Flonase by her parents and immediately got a Facebook ad for it. She had not mentioned Flonase anywhere on Facebook ever. Spoopy eavesdropping? No --- she did talk on Facebook about her ENT appointment that morning. And what products might be relevant for someone going to an ENT doctor? Allergy medication.
And in cases like that, it's very likely that your two recommendations from different sources will happen to match --- what brand of medication are your parents likely to recommend? A popular one that spends a lot of $ on advertising. What brand is likely to buy ads? A popular one that spends a lot of $ on advertising.
See this seems reasonable.. however I was once playing Battlefield Hardline raving about how awesome the camera's were for whatever I was doing and was then presented with security camera ads shortly after while browsing Facebook on my desktop. I have no interest or need for security cameras or even any reason to source information about them online. I double checked my web history and couldn't find anything related either, plus I had not had any conversations about cameras on Facebook. I remarked about how creepy it was over Team Speak and had 2 other people comment about similar experiences recently (at that time) as well. They claimed the only device they had near them was a phone at the time and the conversation was spontaneous.
This seems like a plausible alternative explanation.
An experiment could easily be ran where a new Facebook account is created without any posts or messages, and the Facebook App is installed on a mobile device. Spend a few days using language that is easy to advertise to in proximity of the device, and see what happens.
> 99% sure this is not a coincidence, here's my theory: people's IRL conversations can be pretty reliably predicted by their Facebook conversations, so targeted ads based on messages tend to be surprisingly relevant to the next thing they talk about IRL.
That may be true, but my friends and I once did this with a made-up phrase about some housewares (think 'pots and pans' or something similar): we repeated the phrase over and over in discussion that evening — and sure enough, an ad popped up on Facebook.
Not gonna install it, just not going to. And I'm beginning to think I should politely ask people who do have it installed to go elsewhere.
I agree that the nature of the article is bad but still I would not be surprised to hear that Facebook is listening to phone conversations. That's why I don't use it. :P
If something like this is going on, only a few select employees know about it. Facebook is not dumb.
When it comes to "speaking out"... NSA started surveillance projects long before Edward Snowden was employed. There will always be people who will develop things like this and who will not speak out. It's just a matter of correctly selecting these few people.
Repeating the experiment wouldn't disprove the assertion. What you would be testing is "(a) Facebook is really listening to our conversations and (b) consistently responds to it in this way". A negative second test could never disprove (a), however a positive test would confirm both (a) and (b).
It's not about the program. It's about the network... you cannot switch a network when all your friends and colleagues use WhatsApp and their groups. But I'm happy WhatsApp is more secure than most of the alternatives with good E2E encryption support.
"I was very closely involved for the integration, had full access to the source code, did plenty of review, and have a lot of confidence in the engineers that are maintaining it.
There are plenty of engineers in the world who are capable of inspecting the binaries they're distributing, so it would be incredibly risky of them to inject surveillance code client side."
I guess that the governmenet doesn't even need a backdoor in the Facebook app... Since Google has admin privileges on your device and is in bed with the NSA, they could go that route instead.
Behind WhatsApp's E2E encryption is the technology from Signal / Open Whisper Systems, which is developed in the open, the work on WhatsApp being done in partnership with them, see: https://whispersystems.org
Of course, it's not totally trustworthy, because in the end it's still a proprietary app, distributed as a binary blob, connecting to proprietary servers, for which you can't have access to the source code and in spite of any well meaning partnerships, they can always push an update that undoes all of that.
But you know, at this point that's still better and more trustworthy than other mainstream alternatives. So now I have WhatsApp installed.
I wonder if good E2E encryption of the WhatsApp message rules out the app sending, in parallel, an indexed list of juicy keywords (encrypted or not) to FB servers for the purpose of targeting ads.
The cpu is not the most power-consuming component of your device: the radio and display both consume more power than the processor. According to [1], the cpu typically accounts for only 10%-20% of power usage.
However, a secondary stream from the app to a different endpoint would be detectable, so there are other practical challenges to the GP's scenario.
Couldn't it be a secondary stream to the same endpoint but using a different keying (ie, encryption with server's pubkey) mechanism (the metadata then wouldn't be E2E encrypted, but that's not covered in WhatsApp's E2E security page)?
As one of the people said below, there is an easy way to test the validity of that statement – take 30+ participants with randomly selected backgrounds and friend networks and break them into 2 groups for different ‘trigger word’ and then study their newsfeeds.
It seems that there is a subgenre of geek-oriented clickbaiting, which has a strong claim about something tech-related like AMAZGOOGBOOK with little proof or scientific study. We, as a community, can be better at identifying and pointing out deficiencies in the scientific method, instead of saying ‘I’m not sure they do it, but it would be scary, if they did’.
The story about uber tracking your battery status is legit and has been proven and I don’t remember it climbing as high as no 2 on the front page, so IMO we can readjust our BS-meters.
I think the days of giving corporations benefit of doubt are long gone. Now if outrageous claim is made by any sort of reasonably credible source, you can be sure there is an ounce of truth to it. So yes FB probably does do this, and people claiming conspiracy to discredit this are the crazy ones.
Finally, I can tell them that they are the crazy ones. I told you General Motors was breaking into my house at night and reorganizing the books on my bookshelf!
That's a fallacy. Just because a credible source says something does not necessarily mean it actually happened. What if they truly believe that what they say is reality but then find they are completely wrong?
Android M above (<strike>N</strike>) you can disable various permissions asked by an app. I have disabled everything for Facebook (except storage). No location, contacts, microphone, calendar, phone, sms or even camera. You're not allowed here, facebook. So it can't do much damage for at least those versions of Android.
I understand you might be saying that sarcastically, but yes - as far as these specific permissions on my phone are concerned, I feel being in control (e.g. I know it can't record my voice even if it wants). I have otherwise given a lot of my information to both Facebook and Google, and I'm aware of the potential consequences.
https://mbasic.facebook.com has been amazing for me. I don't have Messenger nor Facebook on my phone, it's a faster and data plan friendly alternative. Not to mention no notifications.
There is also Facebook Lite app, which is the Facebook app but made for people with 2G and underpowered phones in the developing world. Surprisingly, it runs really well on modern phones with LTE connections.
On iPhone the problem was that FB left a bug (according to FB) in the application which made it play silent audio in background. Incidentally this meant that the app was able to bypass the iOS restrictions on background processes.
Whether it really was a bug or intentional is a subject of debate though.
On iOS your application can not stay fully active for more than 10 minutes. After that time it gets into suspended state and can be waken up only when it receives a notification (and the wake up time also has time limitations). There are only three exceptions to this rule: active GPS usage for maps and trackers, active voice calling apps (for ringing) and music apps that are actually playing audio. Silent audio thus enables Facebook to stay alive forever.
This had also the effect that when you were listening to music or a podcast and opened the FB app it would stop playing your audio.
I've had this happen to me so many times, that I wouldn't be surprised if it was true. At this point in history it seems that any surveillance that is technically possible will be done.
I see two ways to do this, sending audio to Facebook or doing speech-to-text on the phone.
Sending audio to Facebook would be so obvious that presumably somebody would have noticed by now.
So that leaves speech-to-text on the phone. However, if that was on "all the time" or even some significant fraction, wouldn't that take an enormous amount of battery power? I'm not sure exactly how much juice on-handset speech-to-text takes but it seems like it would be nontrivial.
On the flip side, I do have to admit that Facebook probably already shows up on the top of most people's CPU and data listings already, but, still, it seems like this could easily be an order of magnitude beyond even that for many people. Surely someone by now would have noticed that they didn't even open Facebook today but it's the top battery draw and/or data user for the day?
Forget whether Facebook wants to do this. I'll take it as read that, duh, yes they do. The question in my mind is can they actually do this without being noticed somewhere other than a local news channel? I mean this question seriously; as you can see above I've already sort of laid out the parameters, so I'd ask that replies here not just "guess" how much juice speech recognition takes, I already did, please tell me if you know. (I can't enforce this request, of course.)
For me, this is one step too far. If my phone is just laying around, it should not record the sound in the room and send it to Facebook by default. Sounds like a fake story, would be worried if this is true.
I think it was about 2 years ago that the Facebook android app requested permission to your microphone? As soon as I saw that I warned everyone I knew that they could be listened in on, and uninstalled the app on my phone, using FB through a browser if need be.
I find it interesting how people accept such things without a question. But I guess articles like these are good even if they're late to the party.
Well, either we are going to see a Facebook exodus happen due to privacy concerns (unlikely) or now almost everyone is comfortable being watched 24/7 and the next wave of apps cough SNAPCHAT will learn to exploit people recording every moment of their lives thinking it actually goes away. (unfortunate)
Google have access to all your mails, web search, documents, travels, habits...
Facebook have access to your friends, family, pictures...
And you guys worry about them listening to your conversation...I mean most of the info they gather with that they already have them by other means
This article has a single anecdote whose source isn't even convinced of the veracity of the headline:
“That is kind of weird,” she laughed. “I’m still not so sure this isn’t just coincidence. I don’t think Facebook is really listening to our conversations.”
They've done this to me as well. Months ago a conversation with a medical key word I have never used in my life led to that key word being added to my "interests" on Facebook that evening (i groomed my interest tags to make FB more bearable at the time). That day I realised they must be listening somehow and uninstalled the FB app. Also, every time I add or update a phone contact on iPhone, I am asked to add my FB password - they are digging where they don't belong.
It sounds like a creepier version of google now which listens for many keywords instead of just one, is it not?
Question for the experts: How much battery would it actually drain if the mic was constantly activated and the app was scanning for keywords. I mean, you could limit the scanning to times were someone actually speaks and otherwise remain in a sleep mode. The keywords are then synced only when the user opens the app.
Did anyone ever check if something similar was mentioned in the google now TOS?
Some devices are always listening for "OK, Google", if you turn that feature on (Nexus 6, Nexus 9, and Samsung Note 4, according to a Google help page [0]). I vaguely remember reading something about a subprocessor in those devices, looking for that phrase, to cut down on battery usage. Most of the speech recognition processing happens remotely on Google's servers, though.
I disable and block from the net everything google on my phone. Recently I did install XDA Labs from:
http://www.xda-developers.com/xda-labs/
I installed MS's Cortana via the labs apk and it works great btw.
You could not pay me to use facebook though I do have whatsapp (via labs) installed. Never even used it either-lol.
Funny, I'd actually want that feature in my phone (S7). It could easily turn Google Now into single-room Echo alternative. Without it, Google Now's voice features are pretty useless - if I have the phone unlocked and in my hands, I may as well type what I want and get to it faster.
I've got it disabled on my phone, and you couldn't pay me to have something like an Echo at home. I feel like it would be another underused tech device I'd have to find an outlet for, and I don't ever want to feel reliant on cloud services.
I had this happen to me a while back and came up with a fairly simple possible explanation/implementation. Facebook could look at the time and geo stamps in uploaded photos to determine who was in the same place at the same time, and offer those people up as potential friends to add.
tl;dr It is probably common Wifi in a specific setting.
Cmon, HNers. You're better than this. This obsesssion with "listening" to what you say is so twentieth century. Metadata beats data anytime. with the surround of information that comes from auth, apps, and FB usage, there's no problem associating people that meet each other, then immediately check FB.
If you RTFA you'd see the claim is that Facebook is activating the microphone to listen to non-electronic verbal communication you're having nearby your phone.
You're missing the point. It doesn't matter at all if there's any evidence that a given claim about a particular version of an app is being tapped; you have to assume that they all are, all the time, and act accordingly. You're never going to know, and certainly not ahead of time; best to assume they're all tapped. Which, as we all know post-Snowden, is the only reasonable assumption.
Most people are aware at this point that non-end-to-end encrypted electronic conversation is being tapped. It seems like a new development to extend that assumption to non-electronic verbal communication you're having with another person physically in the same room as you. Again, communication not occurring via any electronic means whatsoever. Just so happens your phone was in your pocket while you were non-electronically verbally communicating with someone physically sitting in front of you.
So she mentions safaris in a conversation and a facebook ad for safaris pops up.
I guess we're just going to ignore the fact that she could have been looking up safaris in Africa the day prior to their little demonstration? At no point do they indicate it was a randomly chosen topic.
This is one of those tech urban legends that keeps popping up. Facebook does have an opt-in feature that can identify what music, tv show or movie you are listening to or watching, but that's it.
http://newsroom.fb.com/news/2014/05/a-new-optional-way-to-sh...
https://www.facebook.com/help/iphone-app/369513256545845