Slashdot Mirror
Why Does Facebook Need To Read My Text Messages?
DavidGilbert99 writes "Facebook updates its Android app quite a lot, but the latest version asks for some rather odd permissions. Rolling out in the UK this week, some users have noticed that it now wants permission to read your text messages. While most suspected Facebook wanted to access the data to try and serve you more targeted ads, Facebook says it is only so it can facilitate two-factor authentication...apparently."
Raise your hand if you have absolute control over what your kids are doing on their cellphones after you told them to go to bed.
I'm sure pedos will think twice before molesting my kids once this tech becomes commonplace.
Why Does Facebook Need To Read My Text Messages?
Because shut up, that's why. If you ever want to hear from your "friends" again, you'll do exactly what we say without question. I'm certain you know that either you or your friends are too stupid or lazy to start and follow privately-hosted blogs, so sit down, shut up, and continue giving us data to mine. Idiot.
I don't know why anyone is using the official app instead of Tinfoil. It's open source and non-evil.
I have Tinfoil installed, and I don't even have a Gmail account.
android is so broken... it is beyond belief. I made the mistake of buying a phone and tablet to substitute my aging iphone3g and ipad. As soon as the new devices get amortized down, I am back to a more decent OS that does not grant every app everything they want.
Android needs to add two levels of permissions for much of this stuff. You basically have to ask for everything or nothing. I wanted to check network state in my current app, which requires asking for permission to change the user's networks. I don't want to change their networks. I just want to see if the network is up.
root install xposed framework install AppOpsXposed remove permission to almost everything i checked and noted that the new permission had been added but never used.
stephen
Because you let them. Duh.
ALL - and I mean ALL - of these social networking sites and apps exist for one thing and on thing only - to extract your information.
They have the data and know that they can manipulate your buying habits. You will not agree with this. I know you wont. But you are manipulable.
We all are.
It's NOT 'You will eat at Joes!'
It's more like, 'Hmmm, I want to go out and eat, How about Joes?'
That's all it takes.
And with Big Data, they got us.
Uninstalled the app, started using FB via browser. For my low intensity usage it's still perfect. Also links to click and youtube embeds work seamlessly now.
Got no messenger installed too.
Root
install xposed framework
install AppOpsXposed
remove permission to almost everything
i checked mine and noted that the new permission had been added but never used
stephen
Don't use the facebook app.
If you have an app-capable phone, you can probably access the facebook website using your phone.
The bigger issue is that Facebook is shovelware on most providers handsets.
I had to go get Facebook, since I live on this planet, and have friends who use it to coordinate, you know, life. ...but at least I had a choice.
Admittedly, people do have to sign into that big F icon. It doesn't just auto-authenticate.
two factor auth doesnt require the app to read your txts
Put both your SMS and your Instant messaging in the same app (just pushing facebook chat over hangout chat).
Bottles.
... and many other apps. No idea why they really need those permissions just so users don't need to copy over a verification number. This is ridiculous... i wonder if they did research what more users would accept.. having their app require the permission to read *all* SMS .. or just requiring the user to occasionally type a one time password from the SMS app into the twitter/facebook/whatever app.
this is really something android has to solve.. something like optional permissions for the lazy users who really want to have that single features which requires all your personal data.. it's not just as a user, but it's also annoying as a developer - i could obviously also just make the user download 3 different apps for each functionality, and have fine grained permissions this way, but this can't be the best solution..
Find me at http://herbert.poul.at
If I opt to txt someone, I expect that data is only accessible to them (and the NSA). Similarly, I object to emailing dweebs with gmail accounts.
The content of my private communications is none of these companies business.
What Facebook wants to do is send a text message with a special code to your phone. Letting the app read your text messages allows the app to read the code automatically so you don't have to copy and paste from the messages app.
No need to question it further. A completely benign reason with no ulterior motive. Just allow it and be happy. Facebook wouldn't do anything against your wishes...
Ascalante: Your bride is over 3,000 years old.
Kull: She told me she was 19!
or tell us why not. that's when we'll be real advance again? meanwhile, beware falling gargoyles support our returning vets http://www.youtube.com/results?search_query=scott%20olsen&sm=3 & call this 'weather' if it makes us feel better http://www.globalresearch.ca/weather-warfare-beware-the-us-military-s-experiments-with-climatic-warfare/7561
.
facebook even collects the posts you start typing but decide not to send.
I couldn't be happier now that I've completely purged Facebook and its hidden (SNS, not a typo) services from my ROM and phone, and frozen/deleted all of the other assets in other apps that try to "phone home" to Facebook. Side benefit is that after removing Facebook from my phone, I gained seven solid HOURS of battery life back. I didn't realize how often the SNS service and Facebook itself were sending and receiving data, phoning home, etc.
The combination of Android Permission Manager, DroidWall and LBE Security Master have made things much easier to block, delete, drop packets, deny and forbid services from trying to use unnecessary permissions.
I guarantee that no app is doing what it shouldn't, and those that should have permissions (Camera => Take Photos Permission) are prompted every time they attempt to do so, never allowed by default. If I'm not using the Camera for example, and I get a popup that it tried to take a photo, I permanently deny it and remove/uninstall the app. I don't tolerate any of that out-of-band behavior on my phone.
You should investigate the same. Yes, we all know about the L4 kernel, but this at least will help remove the abuse from the application level.
Why do people put up with this kind of shit and keep buying iphone & android?
People ask why I still carry a blackberry instead of iphone or android. This is one of the many reasons. Unfortunately it seems that only a dozen people think like me.
Both iphone and android are insecure platforms designed to give OTHER PEOPLE full access to your data while limiting YOUR access to YOUR data.
Many, many years ago, smart people at Research in Motion designed the blackberry and allowed the owner of the device to set individual, granular permissions as to what an app can access.
1) Go to "Account Settings"
2) Press "Deactivate you account"
3) Get an effin' life.
Don't install apps that require permissions you don't want to give.
user: Facebook, why do you want to read my text messages?
Facebook:Fuck you, thats why.
user: okay.jpg.
All joking aside though, seriously, stop using facebook. You're the product, not the consumer, so none of your opinions or concerns sincerely matter.
Good people go to bed earlier.
The real security for blackberry apps is in that they made it such a PITA to develop for Blackberry that nobody bothers.
Yeah, iPhone does the same thing, jagoff.
I use Google Voice exclusively for SMS. My 'Messages' app is almost always empty, so it can read(spy on) my txt messages all it wants.
I recently installed Cyanogenmod on my old phone (HTC G2/Desire) so my wife, who's taken possession of it, could use some 4.x-only apps. I couldn't believe how beautifully it runs on a three-year-old phone (I mean, it's SLOW, but everything WORKS), and the lack of bloatware and pre-installed apps (read: Facebook) makes me super jealous. I'd put Cyanogenmod on my current phone (Samsung Galaxy Relay), but last I checked, there weren't any stable builds for it with an Android version greater than what I've got now (4.1).
Privacy Guard: Control what your applications can learn about you and your contacts. Protect yourself with a simple click, or long press an app to delve deep.
Blackberry actually had this right. Apps requested permission when you installed them, you could either allow, deny, or ask it to prompt you first. It would be really awesome if Android had that feature too.
x86, oh yes, I'm pro.
...built the same on OS level into KitKat, no-one seemed to care, so why should Fuckbook not at least try to do the same...?
Right now, when I download/update an app it tells me it needs a number of permissions, I can either accept or not use the app at all. Instead, I should be able to tell Android what each app can access, just like the NoScript plugin for Firefox.
My carrier seems to think I need to use Facebook so much that it won't allow me to remove the app from my phone. So, now I'm left with the option of upgrading (and therefore giving FB access to my messages), or not upgrading and tolerating any potential security/privacy risks in the earliest version.
But it's limited, because I uninstalled their app from my phone the moment they wanted a list of the running apps on my device. I still interact with FB, but using a separate browser app that only talks to FB. With location turned off.
PHEM - party like it's 1997-2003!
Simple. They want to be able to get a status from SMS text and the only way to get that is to get permission to the SMS Messages. There is no finer permission level in Android to just give them what they need without access to the rest.
I just block that access since I don't want to use their messaging anyway. Blocked with Root, Xposed Framework, XPrivacy to control which permissions I want to allow them to have.
I saw that odd permission request today, fuck me if I ever update this crapware again
1) dont use it, or
2) use an older version with less permissions, or
3) use a third party app for FB, or
4) write your own app.
FB app is a APK which is a ZIP file, you can resource the java intermediate code to generated Java and see what it REALLY does.
I have done this myself out of curiosity, and after that, I no longer use FB apps and ANY app that OVERREACHES permissions beyond reasonable, I also upload REVIEWS on app store sites such as Amazon with the information and negative stars.
...is why I have never installed the app in the first place. Using the browser works perfectly fine, and doesn't let Fuckerberg mine my phone.
That's why
You can make Android pretty decent by starting off with a device with an unlockable bootloader and using CM or another decent ROM. I've always added a firewall (root needed) so if an app doesn't need to communicate out, it won't get out, no matter if it has that permission or not.
Duh, wait for it, wait for it... ... you were going to say "I'm not on Facebook".
But what you really mean is, you don't have a Facebook account.
But you ARE on Facebook!
SoylentBook apparently...
That's why my chosen mode of communication is Morse code using one time pads only. It works perfectly should I ever find someone else willing to communicate that way.
I don’t know why this is so hard for people to understand. Facebook’s primary source of revenue is ads. Just like Google. They increases the probability that you’ll click on one by examining every last bit of your data that goes through their system. That’s the whole thing in a nutshell.
It amazes me that people are surprised by this.
Don’t put anything on the internet that you don’t want Facebook, Google, the NSA, and every one else looking at. If you store something encrypted on the internet, there’s a chance someone will hack it and get your data anyway. NOTHING IS PRIVATE ON THE INTERNET. Yes, I have a Facebook account, which I use rarely to connect with friends and family. I don’t talk about anything sensitive, and I don’t publish any information that isn’t the sort of thing I would be embarrassed to appear on my LinkedIn profile, which is something I WANT people to see.
The key here isn’t to to complain about Facebook’s policies. That isn’t going to change because 99% of people just accept them anyway. The key is to avoid those services if you object to them. There are many other things in life that make you become publically visible, not limited by any means fo Facebook. Perhaps you want to avoid those too. Good. If ultimately the majority of people decide they don’t like being probed like this, perhaps Facebook will chance. But probably not because they’ll still have a billion users.
Some really stupid picture of you getting drunk from 5 years ago is still on the Internet somewhere, and employers WILL find it. I think this is awesome. In this economic environment, I’m very glad to have more ways that people remove themselves from competition with me when I’m looking for a job. Some people just don’t do really stupid things, while others are forward-looking enough to keep them from getting published. Either way, those are the sorts of people I want to hire in preference to jackasses who think it’s funny to show everyone how stupid they are.
Because you drank the "land of the free, home of the brave, Wikileaks endangered lives, Assange raped women, Snowden is a traitor" kool-aid and asked for more?
....they want to read them.
This should come as no shock considering their history of incrementally becoming more invasive in their data collection methods. If you use facebook, you should expect to be facebook's bitch.
Is Facebook still a thing? After all we've seen, is it a legitimate product, or just an ad machine operating on top of an information gathering tool?
I want to delete my account but Slashdot doesn't allow it.
EA is a pretty huge culprit for this too.
Why does it need internet and access to my contacts
"Oh, that's um... to enable social game functionality"
In reality, internet access="needs-to-be-online DRM", and who knows what they're doing with your contacts
I swear! They've been forced by the NSA!
Just ask cold fjord! he knows!
*nm*
I did not really think to much about privacy until this update.
Now I am slowly deleting and detoxing from facebook
while I did not give a hoot before, now I can only wonder why I did not do this sooner.
if you see me, smile and say hello.
This is simply business. Facebook has to make a profit and they are making a more diverse product for their customers.
No, it doesn't. When iOS gets ATO on DoD networks or when NATO personnel are allowed to use it, then you guys can compare yourselves to BlackBerry from a security/privacy perspective. Until then, you just sound like an ignoramus for even trying.
Nobody has ever jailbroken or rooted a BlackBerry, and BB10 is about five years ahead of iOS and Android that this point. You guys know what a RTOS is? Yeah, BB10 runs on one. It makes a big difference.
BlackBerry has been attacked because its entire business model revolves around protecting your privacy.
I removed Facebook from my Android device when I discovered it wanted permission to take photos without even notifying me :O
I am not a number - I am a free man!
That's too clunky. If I'm paying for a phone, I need it to fulfill my requirements (including security and privacy ones) from the get-go without manual tinkering. I have more interesting things to do.
Start sending text messages for an obscure subject you have no interest in, and see if the Facebook ads suddenly change to be applicable. For example, send messages about midget clothing if you are normal sized.
it is only so it can facilitate two-factor authentication...apparently."
In other words.... if my bank sends me a SMS message with a code in order to login, Facebook can now swipe my second factor verification number up to their server, and the fellow who compromised Facebook's servers who also somehow guessed my bank password, can now complete the 2 factor auth to my bank just fine.
When I was deciding on a tablet, I was waffling on what to get but the issue of privacy ended up being the thing that decided me.
With Android, you have no choice but to accept the permissions that an app insists on. Either that, or don't use the app. Combine that with Google stating outright that they plan on *reducing* privacy protections, I wasn't happy.
Then I researched the privacy protections in iOS. You have the ability to selectively deny or allow what an application is allowed to see, and can change your choice later on if you change your mind. Say what you will about Apple, but at least they're making a decent effort in this regard.
At work we have an SDK, appdominal, that lets you do this. It's a legit reason to get access to the SMS inbox, but it does mean they can read every message you get
The real security for blackberry apps is in that they made it such a PITA to develop for Blackberry that nobody bothers.
Well, up to OS version 7, blackberry runs java, which is pretty much the same as android dalvik.
The new blackberry 10 is different, but repackaging an android app to run on blackberry 10 is very easy.
Yeah, iPhone does the same thing, jagoff.
Wrong: http://bits.blogs.nytimes.com/2012/02/15/google-and-mobile-apps-take-data-books-without-permission/?_php=true&_type=blogs&_r=0
"lawmakers sent the company a letter asking how approved apps were allowed to take address book data without users’ permission. Apple’s published rules on apps expressly prohibit that practice."
Apple ios does NOT block an app from accessing the contacts, or require the user to be prompted. (this may have changed in a later version of ios).
Because the founder of Facebook is a net sociopath!
Facebook: just press N!
...is Facebook blocking the app if it's too old.
Karma: Can only be portioned out by the Cosmos.
???
Have gnu, will travel.
If one cannot remove a silly true photo of oneself from the tubes, then the same is true for the fakes. How many employers ever tried to verify the photos, they have seen on the tubes? The point is - somebody may have posted a photo with you having fun with a camel, a photo which was a fake. Your prospective employers may not even bother to verify. The fun part is - they may not even bother to tell you whether they rejected you because they got excited out of this photo , because they did not or just because they did not like the camel's smile. The memory of the tubes is another subject than the ones discussed on this thread and one that that you failed to analyse properly. But hey that is ok - now you can go and have fun with the camel anyway - this does not make any difference anymore...
My nexus S was getting slow and I needed another phone. For some time I was seeing google changing open applications for closed ones. I already knew that the permissions on android were broken. I never installed LinkedIn because of the calendar permission... No reason for that! And then I see this Facebook update and an older one asking to authorize the keyboard to access the internet... Why?? I talked with some Friends with iPhones and I got convinced that iOS protects me better. I bought a second hand iPhone 5.
Math is beautiful... e^(pi*i)+1=0
With Firefox. Using Ghostery. It's about the safest way I can find to use and be used by Facebook on my Android-based Nexus 4.
Success without humility is an indulgence in arrogance
You use Facebook. You have no reasonable expectation of privacy.
These kind of "strange" permissions are quite common. Lately, my online banking Android app asked permission to access the camera. Now why would a banking app require access to the camera? Apparently because they have added the possibility to scan checks.
Ok, all very nice. But now you have access to the camera. How can I see that you are not using it all the time? Just ask for access when you are going to use it, not when you install an app that may want to use it.
IMHO this is a flaw in Android app permissions.
When facebook sends you a text message code to verify a change or update, it AUTOMATICLY pulls it from your phone after sending it too you. That's pretty much the only reason. No reason to get paranoid.
Have you ever updated or change anything on your facebook account using the app? Doesn't send your phone a sms code to verify yourself? If you were paying attention you'd noticed that you never had to enter that code into face book, that in fact the app check your sms messages grab the verification code and plugged it in itself. OH NO! The world didnt end.
Bernays was the one that made them realize they needed to rebrand the war machine
from Dept of War to Dept of Defense.
When Bernays wrote his book propaganda he kinda let the cat out of the bag on
what is really going on.
"“The conscious and intelligent manipulation of the organized habits and opinions of the masses is an important element in democratic society. Those who manipulate this unseen mechanism of society constitute an invisible government which is the true ruling power of our country. We are governed, our minds are molded, our tastes formed, our ideas suggested, largely by men we have never heard of.”[6]"
http://en.wikipedia.org/wiki/Propaganda_%28book%29
Root your phone. Install an app that does per app permissions like LBE security. The facebook app also checks your GPS every single time you open the app. I think everyone would be surprised how many apps do what once they do per app permisions. SoundHound checks gps almost every sing hour. It's insane.
A year or so ago a friend of mine sent me a text that said "Have you ever considered becoming an actuary?" The following day I had ads for an actuarial school in my newsfeed. Are they saying that was a coincidence?
No one so far is saying that maybe some secret organization of the U.S. government required Facebook to do more monitoring.