Facebook snooped on users' Snapchat traffic in secret project, documents reveal | TechCrunch
techcrunch.com
A secret program called "Project Ghostbusters" saw Facebook devise a way to intercept and decrypt the encrypted network traffic of Snapchat users to study their behavior.

This is the problem with using VPN services in general, you have to have complete trust in the service provider.

  • the post of tom joad@sh.itjust.works
    0·
    8 months ago

    So (and im asking for technical clarification as a layman) Facebook didn’t put this data miner on unknowing user’s phones but did pay teenagers to install one (onavo) on their phones that worked to decrypt traffic for everyone those users interacted with… Right?

    • ☆ Yσɠƚԋσʂ ☆@lemmy.mlOP
      01·
      8 months ago

      I agree, it’s all about understanding what the actual value these services provide is and what the risks are. There are legitimate use cases, but it’s important to be aware that it’s not a panacea.

    • ☆ Yσɠƚԋσʂ ☆@lemmy.mlOP
      01·
      8 months ago

      There is no way to know whom the trustworthy VPN provider shares data with. That’s just the reality. And sure you’re back to square one if you don’t use a VPN, but the point here is that people think that using a VPN is much safer than it actually is. Furthermore, another option is always to just run your own VPN that you can host in whatever jurisdiction you want.

  • tobogganablaze@lemmus.orgEnglish
    0·
    8 months ago

    you have to have complete trust in the service provider.

    Not completley, there is 3rd party audit companies that can verify claims made by the VPN providers, like confirming no-log policy and such.

    • Possibly linux@lemmy.zipEnglish
      0·
      8 months ago

      How do you trust the third parties? And even if the third parties think it is ok that doesn’t mean that they aren’t hiding something.

      VPNs weren’t designed to be private.

      • tobogganablaze@lemmus.orgEnglish
        0·
        8 months ago

        How do you trust the third parties?

        How do you trust anyone? At some point you either do or don’t, because it’s just not possible to verify everything in your life.

        The alternative would be not using an VPN and for me personally I trust my VPN provider a lot more than my luck of not getting chaught by chance.

        • ☆ Yσɠƚԋσʂ ☆@lemmy.mlOP
          01·
          8 months ago

          Another option, if you have technical skills, is to just run your own VPN which tends to be pretty easy to setup on a VPS nowadays. You can find a VPS provider in a jurisdiction you want, and you control what gets logged.

          • circuscritic@lemmy.ca
            0·
            8 months ago

            …so, trust the hosting provider to not log…and that you won’t screw up any config or update, and make sure to use anonymous payments, and…and…etc.

            • ☆ Yσɠƚԋσʂ ☆@lemmy.mlOP
              01·
              8 months ago

              The only thing that actually matters is the jurisdiction. If your hosting provider is in a place that the country you live in can’t legally force to hand the data over then you’re much better off than using a service that may be sharing data with your government.