Slashdot Mirror

← Back to Stories (view on slashdot.org)

Facebook's Mandatory Anti-Malware Scan Is Invasive and Lacks Transparency (wired.com)

Posted by msmash on from the what's-happening? dept.

Louise Matsakis, writing for Wired: The internet is full of Facebook users frustrated with how the company handles malware threats. For nearly four years, people have complained about Facebook's anti-malware scan on forums, Twitter, Reddit, and on personal blogs. The problems appear to have gotten worse recently. While the service used to be optional, Facebook now requires it if it flags your device for malware. And according to screenshots reviewed by WIRED from people recently prompted to run the scan, Facebook also no longer allows every user to select what type of device they're on. The malware scans likely only impact a relatively small population of Facebook's billions of users, some of whose computers may genuinely be infected. But even a fraction of Facebook's users still potentially means millions of impacted people.

The mandatory scan has caused widespread confusion and frustration; WIRED spoke to people who had been locked out of their accounts by the scan, or simply baffled by it, on four different continents. The mandatory malware scan has downsides beyond losing account access. Facebook users also frequently report that the feature is poorly designed, and inconsistently implemented. In some cases, if a different user logs onto Facebook from the same device, they sometimes won't be greeted with the malware message. Similarly, if the "infected" user simply switches browsers, the message also appears to occasionally go away.

56 comments

  1. FaceBook has a malware scanner????? by Anonymous Coward · · Score: 0

    This is why I don't download FaceBook and just use it in a web browser.

    1. Re: FaceBook has a malware scanner????? by Anonymous Coward · · Score: 1

      You don't have a choice with Windows 10. Facebook app auto download and install thanks MS!

    2. Re: FaceBook has a malware scanner????? by chuckugly · · Score: 1

      If this is a store UWP app, it's not supposed to be allowed to do that sort of thing according to the rules ....

    3. Re:FaceBook has a malware scanner????? by XXongo · · Score: 1

      This is why I don't download FaceBook and just use it in a web browser.

      If you'd read the article, you would have seen that Facebook's malware warning and mandatory demand for you to run their scan occurs when people are accessing Facebook via a browser.

    4. Re: FaceBook has a malware scanner????? by E-Rock · · Score: 1

      No, you just clicked something incorrectly.

    5. Re: FaceBook has a malware scanner????? by mohsel · · Score: 0, Troll

      I don't use facebook, I don't use Windows.

      The outcome of using those products and services is common knowledge by now, if someone is using them, he should be knowing that there is no workaround.
      so stop complaining and just don't use them damn it.

    6. Re: FaceBook has a malware scanner????? by Anonymous Coward · · Score: 1

      Nope, it's an A/B testing thing. Some copies of Windows 10 will automatically install Facebook (among others) and will continue to do so whenever they check to see if they've been uninstalled (which is probably whenever Windows Update runs). So if you try and remove it, it'll just automatically reinstall it for you.

      But because it's an "A/B test," this only happens for some users, and there's basically no rhyme or reason to it.

    7. Re: FaceBook has a malware scanner????? by Anonymous Coward · · Score: 0

      I don't use facebook, I don't use Windows.

      The outcome of using those products and services is common knowledge by now, if someone is using them, he should be knowing that there is no workaround.

      so stop complaining and just don't use them damn it.

      That would require a) learning new things, and b) a little effort.

      So clearly this raises the bar far beyond the average person.

      Yet if you're not lazy and you actually like learning new things because you retained the natural curiosity with which you were born, then you get to enjoy a vastly superior experience. This is one of those situations where water is seeking its own level and there is no actual injustice. Everyone involved made choices at every point and is merely reaping what they have sown.

      As popular as the "helpless victim of random chance" sainthood has become, it does not apply here.

    8. Re: FaceBook has a malware scanner????? by Anonymous Coward · · Score: 0

      I don't use facebook, I don't use Windows.

      So in other words you have nothing to contribute to the discussion.

    9. Re: FaceBook has a malware scanner????? by Anonymous Coward · · Score: 0

      Hi you replied to me.
      I use Windows 7 sp1, it's all good here.

    10. Re: FaceBook has a malware scanner????? by Anonymous Coward · · Score: 0

      The jump from Window 7 to Windows 10, or Office 2010 to Office 2016 is barely any less than jumping to Linux and LibreOffice. It's not hard to learn the basics of any Linux distro designed with a familiar UI.

  2. Facebook's anti-malware by Anonymous Coward · · Score: 0

    How does a website scan for malware?

    1. Re:Facebook's anti-malware by Calydor · · Score: 2

      Same way it installs it, I wager.

      --
      -=This sig has nothing to do with my comment. Move along now=-
    2. Re: Facebook's anti-malware by mSparks43 · · Score: 1

      from inside a vm, on a remote machine, located in another country, otherwise filled with pictures of cats.

    3. Re:Facebook's anti-malware by gatkinso · · Score: 1

      https://osquery.io/

      --
      I am very small, utmostly microscopic.
    4. Re:Facebook's anti-malware by sound+vision · · Score: 1

      By forcing you to download and run an executable before they restore your access to the site. At least, that's how they did it a few years back when I ran into this issue. For me it was a very minor problem - I simply didn't use Facebook for another couple years, next time I happened to try logging in, no hint of the malware scan. I guess maybe they have "malware forgiveness" if it looks like the scan might stop you from using the site again? I imagine the *average* Facebook user would download and run anything they pushed on them just to get back in.

  3. E.T. Phone Home by Anonymous Coward · · Score: 0

    Need I say more?

  4. Being a facebook user sounds so alien by tomxor · · Score: 1, Insightful

    Having not used facebook in over a decade, the kinds of things happening on it now sound so alien to it's origins, in a bad way. Roll on decentralised networking.

    1. Re:Being a facebook user sounds so alien by phantomfive · · Score: 1

      Wow no, Facebook's origins were based around abusing the users. From the very beginning.

      --
      "First they came for the slanderers and i said nothing."
  5. FTFY by Anonymous Coward · · Score: 1

    Facebook's Mandatory Anti-Malware Scan Is Invasive and Lacks Transparency

    Hmm... that's not quite right...

    Facebook Is Invasive and Lacks Transparency

    There we go, much more accurate.

    1. Re:FTFY by PolygamousRanchKid+ · · Score: 1

      Facebook Is Invasive and Lacks Transparency

      Yeah . . . everybody knows that . . . but Facebook users don't care about that . . . otherwise, they wouldn't be Facebook users.

      Facebook can't be that invasive . . . otherwise it would have seen what the Russian hackers and Fake newsers were up to.

      --
      Schroedinger's Brexit: The UK is both in and out of the EU at the same time!
    2. Re:FTFY by Anonymous Coward · · Score: 0

      Facebook Is Invasive and Lacks Transparency

      Yeah . . . everybody knows that . . . but Facebook users don't care about that . . . otherwise, they wouldn't be Facebook users.

      Facebook can't be that invasive . . . otherwise it would have seen what the Russian hackers and Fake newsers were up to.

      Facebook routinely datamines and connects dots much more obscure than that. So I believe it had every opportunity to see these things. It's just that those would be cost centers, not profit generators. So there was little or no incentive to worry about them until after they became a big PR issue.

      It would be more accurate to say that Facebook is selectively invasive. It's invasive in the cases that are most likely to benefit Facebook. If Russians and fake news increases user debate and engagement, then it's in their interests to disregard them. When they become more well known, it's in their interests to be seen resisting them as a form of virtue-signal. Simple.

  6. UserAgent string by b0s0z0ku · · Score: 4, Insightful

    Browse FB (if you must) with your UserAgent string set to FreeBSD. Do they even MAKE a "malware scanner" for FreeBSD? If it doesn't exist for the platform, it's not likely to be offered.

    1. Re: UserAgent string by Anonymous Coward · · Score: 1

      But nobody with freebsd can hug anyone

    2. Re:UserAgent string by tlhIngan · · Score: 2

      Browse FB (if you must) with your UserAgent string set to FreeBSD. Do they even MAKE a "malware scanner" for FreeBSD? If it doesn't exist for the platform, it's not likely to be offered.

      Of course they do. Not for FreeBSD malware, mind you, but it'll scan for any sort of malware to prevent your FreeBSD machine from being an inadvertent carrier of malware.

      It's the same reason why Linux is hacked - not because it's to spread Linux malware, but to infect some service so it can spread malware to Windows machines to connect to it. That's why it's almost never Linux itself proper that's hacked, but common services like WordPress.

    3. Re:UserAgent string by b0s0z0ku · · Score: 1

      No, I mean does FACEBOOK make their own malware scanner for FreeBSD?

    4. Re: UserAgent string by Anonymous Coward · · Score: 1

      That's why mine says OS/2!

  7. Facebook is losing millions of users; I wonder why by Anonymous Coward · · Score: 0

    I've never partaken in Facebook and am amazed that so many people put up with this crap. Then again- I didn't live campus when I went to college either in spite of it being mandatory for 1 year. Of course I threatened to NOT go if they wouldn't let me out of that. I'm glad too cause later they implemented even more shitty rules on network access. While I'm sure I'd have found a way around it- even if that just meant contacting the IT department to say "I run GNU/Linux- and I won't run your shitty network access software"... they did something like that. It was called Cisco Clean Access and they were demanding Microsoft Windows users download and install some propitiatory program before accessing the network. I think other devices like Playstation you had to call them to get whitelisted. I think GNU/Linux systems were automatically whitelisted actually. In any event. Still a shitty system.

    * I did graduated with a CS degree and I regret it. Should have put my time and money into building a business. It's what I did when I graduated anyway after turning down a good job offer in California. Best decision of my life 2nd to moving to New Hampshire from New Jersey. NH is lower taxes and brighter opportunities thanks to the Free State Project.

  8. I know the answer by AndyKron · · Score: 0, Troll

    What you need to do is buy an Apple product. Doesn't matter what kind as long as you can log onto Facebook. Go do that and stay there until we tell you it's OK to stop. Bye.

  9. So they are foisting osquery on us, eh? by gatkinso · · Score: 2

    So now our entire OS is to be exposed as a database for their analytics? Color me not interested.

    --
    I am very small, utmostly microscopic.
  10. Re: Every American must watch this by c6gunner · · Score: 2

    That's wonderful. I'm sure that Christopher "Da Joos did 9/11" Bollyn has all sorts of incredible insights into how the lizard people are planning on forcing is into FEMA camps

  11. Re:Facebook is losing millions of users; I wonder by Anonymous Coward · · Score: 0

    propitiate
    win or regain the favor of (a god, spirit, or person) by doing something that pleases them: "the pagans thought it was important to propitiate the gods with sacrifices"

  12. Who would be that stupid? by Snotnose · · Score: 0

    What kind of moron would let a company like FB have full access to their device? Oh, the typical FB moron I guess. Glad I never made an account.

  13. More information by Anonymous Coward · · Score: 2, Interesting

    The article is unfortunately lacking in details. From what I can tell, the malware scan is triggered when Facebook believes the account is posting spam. In fairness, there is a lot of malware-related spam that gets posted on Facebook and they have a legitimate reason to keep it off their site.

    The problem is the complete lack of transparency and that the antivirus products can remove and share information about files in your computer. There has to be a much better way to do this. For example, Facebook could explain the actual reason for flagging the account as potentially spreading malware. The user could be faced with a temporary ban on posting that gets longer if they continue to allow malware to make spam posts. The ban will be lifted as well by running a malware scan that validates the system is clean. Give the user a choice to wait out a temporary posting ban and clean their system, or run the tool. That seems like a fairer way to prevent malware from spreading.

    As for when Facebook locks users out of their accounts, it seems like contacting the Better Business Bureau is a good way to force the issue to be resolved: https://community.norton.com/en/forums/i-have-been-blocked-logging-facebook-it-claims-i-have-malware-and-must-add-eset-program-scan. At least one user suggested that they are responsive to such complaints.

  14. Scan, Scam by kmassare · · Score: 5, Insightful

    Whenever I get a "warning" about malware on my device, I assume that the message is a scam where someone wants to charge me to "fix" my device or wants to install malware on it.

    1. Re:Scan, Scam by sinij · · Score: 1

      Whenever I get a "warning" about malware on my device, I assume that the message is a scam where someone wants to charge me to "fix" my device or wants to install malware on it.

      In this specific case, it just Zuk wants to scan your PC to find out what kind of porn you are into.

  15. Kaspersky strikes again by Anonymous Coward · · Score: 0

    Isn't this provided by Kaspersky? As if Facebook wasn't already a hotbed of Russian SHIT, the malware scanner is a threat all on its own.

  16. Re: Every American must watch this by Anonymous Coward · · Score: 0

    'murkins are already in one. it stretches from The Wall in the South to The Wall in the North, from The Wall on the Pacific to The Wall on the Atlantic.

  17. Re: Every American must watch this by c6gunner · · Score: 1

    Insurrect; it stretches from one edge of the flat earth to the other.

  18. "impacted people"? by jenningsthecat · · Score: 1

    I've heard of "impacted feces", but never "impacted people"...

    --
    'The Economy' is a giant Ponzi scheme whose most pitiable suckers are the youngest among us and the yet-unborn.
  19. Yes choice with Windows 10 by Excelcia · · Score: 1

    Umm, I think not. The Windows 10 laptop I have now has not a trace of Facebook on it. As I type this, I have Facebook open in a browser tab in Palemoon. I had to dig my password out of keepass since I haven't logged in in three years, but it works just fine without a lick of Facebook code on my computer.

    Seriously, though, I just recommend dumping it. I made the transition to a Facebook free life a few years back, and I'm quite the happier for it. Facebook is more of a sewer than craigslist. I still can't believe people actually go there for news. RSS has been around for a decade, every legitimate news outlet has one. Every browser in the world will make a live bookmark out of one. Your friends will get used to using good old fashioned e-mail.

    I never understood Facebook. It always seemed to me to be a solution looking for a problem.

  20. Re: Every American must watch this by Anonymous Coward · · Score: 0

    You're a shill.

    Christopher Bollyn said in the video that only a small faction of Zionist is responsible. Not all Jews or even all Zionists. And he had tons of evidence to back it up.

  21. Latest money-making scheme by knorthern+knight · · Score: 1

    1) Rinnnngggg

    2) Hello?

    3) (Thick Indian accent) This is Facebook calling. We have detected that your Facebook is infected by virus. Please enable remote login to your machine and give us your credit card number.

    4) Profit

    --

    I'm not repeating myself
    I'm an X window user; I'm an ex-Windows user
  22. How does it even know about malware? by johannesg · · Score: 1

    Is FB actually scanning my entire computer every time I log in? Does a browser provide the kind of access needed to determine that malware is present in the first place?

  23. LPT: Don't use FB by rainer_d · · Score: 1

    Problem solved!

    --
    Windows 2000 - from the guys who brought us edlin
  24. Monopoly position leads to questionable actions by Anonymous Coward · · Score: 0

    News at 11!

    How is anyone shocked that facebook is using their position as the main social network for everyone to further entrench their position. One would think that we would have learnt this from microsoft. Around we go again i guess, its kind of like how my account gets disabled for suspicious activity and they keep asking for a picture of my government id but eventually they let me back in even though i only keep providing the same file as my profile picture over and over again. Its simple, facebook will never truly lock someone out of their account because they risk losing product that they can sell .

  25. Reasons by JustAnotherOldGuy · · Score: 1

    Reason #683,215,971 why I won't have anything to do with Facebook.

    "Trust us, we just want to scan every file on your device to umm, errr...to keep you safe, yeah, that's the ticket!"

    Because we know how much Facebook values your privacy and that they would never ever misuse your information...

    --
    Just cruising through this digital world at 33 1/3 rpm...
  26. Security VS Functionality by pdfsmail · · Score: 1

    Keeping devices and services secure vs keeping them functional has always been a trade off, there is hardly ever a best of both worlds. Nor can you expect any of it to be perfect. Considering all the crap I have found on FB and the ridiculous things people believe and click not to mention just how bad so many peoples computers are (I see alot), I would prefer they have a scanner. The fact that people can't figure it out just points to why its needed, I would be willing to bet they are the ones with infected computers. Yes, maybe one that works better, but no one is forcing you to use their service, if it is that bad, don't use it.. better yet, maybe create your own platform, get the whole world to use it then balance its security and functionality, see how well that goes for you.

  27. Is that true? by ripvlan · · Score: 1

    I have Windows 10 and I don't have (or at least see) the FB "app" installed. When I use FB on my laptop it is through a browser.

    But I specifically disabled and left-uninstalled the FB "charm" / "app" / "live tile" or whatever they call it. I don't see FB installed - how would I know?

    On my iPhone there is definitely a direct FB integration (and twitter) - so that Siri can post messages and makes it easier to upload phones/videos. And this integration too can be disabled.

    -Mike.

  28. Facebook by Anonymous Coward · · Score: 0

    I still don't get why people are still using Facebook. Between this article, the fact the Facebook takes all your data and sells it, and promotes the VPN service Onavo that they own claiming you should use it for your privacy while stealing data and searching your computers. Seriously, drop this service like it's a plague infested burning potato.