A new set of unsealed documents released by a federal court in California has revealed that Facebook was snooping on Snapchat, YouTube and Amazon users. Codenamed ‘Project Ghostbusters’, the Mark Zuckerberg-owned company was intercepting and decrypting network traffic of people using Snapchat.
The documents, which are part of a class action lawsuit between consumers and Meta show how the company was analysing network traffic of users interacting with its competitors. To get around past encryption used by services like Snapchat, Facebook developed a special technology to see what users were doing on other platforms.
In an internal email dated June 9, 2016, Facebook CEO Mark Zuckerberg said, ‘Whenever someone asks a question about Snapchat, the answer is usually that because their traffic is encrypted we have no analytics about them. Given how quickly they’re growing, it seems important to figure out a new way to get reliable analytics about them. Perhaps we need to do panels or write custom software. You should figure out how to do this.’
After Zuckerberg sent the email, developers at the company suggested using Onavo, a VPN-like service that Facebook had acquired in 2013. A month later, the team working on Onavo came up with a solution that involved installing ‘kits’ on both Android and iOS devices.
In another email, Facebook said the technique, which is basically a man-in-the-middle attack, allowed “us to read what would otherwise be encrypted traffic so we can measure in-app usage.” According to the court documents, Facebook later expanded the program to snoop on YouTube and Amazon.
Meta’s Onavo unit is not new to controversies. The team has a history of using various techniques to collect user data. After acquiring Onavo from an Israeli firm, Meta had used the service to spy on its competitors via the millions of people who were using the app.
Google’s AI powered search results links to malware websites
Google’s recently introduced ‘Search Generative Experience’ feature, which uses AI to offer summarised search results seems to be recommending shady websites that redirect users to malware-packed Chrome extensions and scams like fake iPhone giveaways.
According to a recent report by Bleeping Computer, the spammy and malware-laden search results that were first spotted by SEO consultant Lily Ray might make some users fall for these scams. As it turns out, the shady websites used by SGE in search results use the .online domain, have the same HTML template and use the same websites over and over to redirect traffic.
If you happen to click one of these links, users will be redirected to several websites until they reach a scam site. The report claims that most of these redirects took users to pages with fake captchas or YouTube lookalikes that ask users to allow browser notifications.