Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Facebook Privacy Social Networks

A Facebook Employee Asked a Reporter To Turn Off His Phone So Facebook Couldn't Track Its Location (businessinsider.com) 304

Steve Kovach, writing for BusinessInsider: To corporate giants like Facebook, leaks to rivals or the media are a cardinal sin. That notion was clear in a new Wired story about Facebook's rocky time over the last two years. The story talks about how Facebook was able to find two leakers who told a Gizmodo reporter about its news operations. But one source for the Wired story highlighted just how concerned employees are about how their company goes after leakers. According to the story, the source, a current Facebook employee, asked a Wired reporter to turn off his phone so Facebook wouldn't be able to use location tracking and see that the two were close to each other for the meeting. The Wired's 11,000-word wide-ranging piece, for which it spoke with more than 50 current and former Facebook employees, gives us an inside look at how the company has been struggling to curb spread of fake news; battling internal discrimination among employees; and becoming furious when anything leaks to the media. Another excerpt from the story: The day after Fearnow (a contractor who leaked information to a Gizmodo reporter) took that second screenshot was a Friday. When he woke up after sleeping in, he noticed that he had about 30 meeting notifications from Facebook on his phone. When he replied to say it was his day off, he recalls, he was nonetheless asked to be available in 10 minutes. Soon he was on a video-conference with three Facebook employees, including Sonya Ahuja, the company's head of investigations. According to his recounting of the meeting, she asked him if he had been in touch with Nunez (the Gizmodo reporter, who eventually published this and this). He denied that he had been. Then she told him that she had their messages on Gchat, which Fearnow had assumed weren't accessible to Facebook. He was fired. "Please shut your laptop and don't reopen it," she instructed him.
This discussion has been archived. No new comments can be posted.

A Facebook Employee Asked a Reporter To Turn Off His Phone So Facebook Couldn't Track Its Location

Comments Filter:
  • Is it me or... (Score:5, Insightful)

    by Opportunist ( 166417 ) on Monday February 12, 2018 @11:10AM (#56108343)

    Is it me or does that company become more and more like some kind of cult?

    • Re: (Score:3, Funny)

      by sycodon ( 149926 )

      Hydra...without the scary red skull looking guy.

    • Re: (Score:3, Interesting)

      by zeugma-amp ( 139862 )

      Is it me or does that company become more and more like some kind of cult?

      Have you seen the movie The Circle [wikipedia.org]? My first thought after seeing it was "Facebook". I find it to be extremely interesting that the wikipedia article linked above makes no mention whatsoever of the parallels. It was a really creepy movie.

      • Re: (Score:2, Informative)

        by umghhh ( 965931 )
        yes the cricle - a lady embraces the new absolute surveillance as it allows her to connect with fellow humans and the bad white man who did not appreciate the full transparency all that much dies one can say in hushed into death as an hunted animal running from the dogs. I exaggerate of course but then my neighbours told me many times they see nothing wrong in absolute transparency. Majority accepts the new brave world. What else can they do? The 'good doers' like Zuckerberg, Soros & Co do what they can
  • by sjbe ( 173966 ) on Monday February 12, 2018 @11:11AM (#56108351)

    But one source for the Wired story highlighted just how concerned employees are about how their company goes after leakers. According to the story, the source, a current Facebook employee, asked a Wired reporter to turn off his phone so Facebook wouldn't be able to use location tracking and see that the two were close to each other for the meeting.

    And people wonder why I don't want to have anything to do with Facebook. If Facebook really is tracking people's location with that amount of accessible detail then I will never ever have an account with them and I will block them by every means I have available.

    • by 110010001000 ( 697113 ) on Monday February 12, 2018 @11:24AM (#56108437) Homepage Journal
      They don't need you to have an account with them in order to track you. They create a shadow profile for you and log your movement across the web using their various web properties and associated sites.
      • by sjbe ( 173966 ) on Monday February 12, 2018 @11:37AM (#56108523)

        They don't need you to have an account with them in order to track you.

        Which is why I make heavy use of various ad blockers and privacy guarding software to prevent as much of that as possible. I'm well aware they try to track me but I try to not make it easy for them. For example on my current browser I have Privacy Badger, Ublock, and Adblock Plus as well as some stuff to block flash. I'll use every tool I can find to give them the figurative (and literal) middle finger.

        • by 110010001000 ( 697113 ) on Monday February 12, 2018 @11:38AM (#56108533) Homepage Journal
          That will help. I would recommend Ghostery as well. This very website has at least 8 active trackers.
          • I would recommend Ghostery as well.

            I tried it but it caused more problems than it solved. Not sure what the flaw was but it made things work VERY slowly when they worked at all. Maybe they've fixed the issues since I tried it last. I liked what it did but it just didn't work very well for me.

          • by Anonymous Coward on Monday February 12, 2018 @12:06PM (#56108775)

            A few years ago Ghostery got bought out and changed their policies to "block all but our partner trackers"...they're useless now.

          • I used to use Ghostery until it slowed things down to a crawl. uBlock seems to work just as well if not better.
          • Re: (Score:2, Informative)

            by Anonymous Coward
            Ghostery isn't trustworthy. But uMatrix would be a good addition.
        • Re: (Score:2, Insightful)

          by Anonymous Coward

          Props to you for valuing your privacy. However, many of your friends, family, co-workers, etc, likely use Facebook, and in doing so may reveal much about you. It's a difficult problem to work-around, since many don't see anything wrong with taking and sharing pictures of others (ie. family at a gathering, friends at a party, etc).

          Furthermore, many phones and various internet of things that may be in your vicinity are likely running dodgy apps eavesdropping on conversations. And then there are smart-speakers

          • by sjbe ( 173966 ) on Monday February 12, 2018 @01:12PM (#56109273)

            However, many of your friends, family, co-workers, etc, likely use Facebook, and in doing so may reveal much about you.

            I've had this exact argument with several people. Some of them couldn't wrap their head around the fact that I: A) didn't want to be on facebook, B) resented them posting information about me without my permission, and C) resented that I had to police them from doing so which is difficult since I don't want to use Facebook in the first place. Even if I liked what Facebook offers (I don't) I still don't trust the company to be responsible with information about me.

            I worry about my daughter because in her generation it's kind of hard to have a social life without using some social networking systems that often don't care at all about respecting privacy.

        • I use cookie autodelete too. Tracking isn't confined to ads.
        • by Thelasko ( 1196535 ) on Monday February 12, 2018 @01:27PM (#56109443) Journal
          Using plugins is a good idea, but I find killing the traffic further upstream is more effective. [someonewhocares.org]
      • Yeah, that ought to work real well with JavaScript disabled.

      • And I make it my game to dis-track them. With a combination of blockers and deliberately feeding false information, you can pretty quickly create a totally bogus profile of yourself. And my "targeted" ads (the ones I allow to pass to gauge my success) sure reflect that...

      • by bluefoxlucid ( 723572 ) on Monday February 12, 2018 @12:38PM (#56108991) Homepage Journal

        That part they can do for their own internal use by correlating any public data.

        They have his location data, his Google Chat data (hangouts?), and other stuff. ... what? Hold on, something is wrong here. People require some measure of privacy, and the capacity to peer into private conversations on other platforms is simply unacceptable.

        We'll have to start a regulatory push to provide capacity for non-breakable end-to-end encryption in text messaging and private messenger applications, perhaps as a legally-recognized implication of using the words "secure", "private", or "privacy" to describe conversations over these mediums. So "Facebook Messenger" can tell Facebook everything you say, in plain text, on their servers, as long as it's not described by Facebook as "Secure" or "Private"; whereas a messenger such as WhatsApp using double-ratchet end-to-end can claim your conversations are "Private", so long as the application is designed with the good-faith intent (meaning yes, you have to use secure protocols and encryption algorithms) to ensure no entity besides the communicating parties can read the messages.

      • by innocent_white_lamb ( 151825 ) on Monday February 12, 2018 @03:40PM (#56110557)

        I own and operate a small business. I occasionally run my business name through google just to see what turns up about it.

        Imagine my surprise when I discovered that my business has a facebook page! According to facebook's help pages, I believe that the facebook page was automatically created when people "check in" (whatever that means).

        I can apparently claim that page if I send facebook some documentation to prove that I own my business. But I can't delete it.

        I have zero intention of claiming that page and rewarding facebook for their slimy behaviour in setting it up behind my back, though. And why would I want to intentionally forward even more information to facebook to prove that I own my business?

    • by Anonymous Coward on Monday February 12, 2018 @11:27AM (#56108461)

      If Facebook really is tracking people's location with that amount of accessible detail then I will never ever have an account with them and I will block them by every means I have available.

      Of course they are, and whether you realise or not, you gave them permission when you installed the app ... because that thing wants access to pretty much EVERYTHING. And you can bet your ass they're mining your phone for all sorts of stuff you aren't aware of.

      From this: [guidingtech.com]

      -Your contacts, call logs, text messages. This essentially means that the company can see who all are in your contacts, call them, message them and also see who youâ(TM)ve been in contact with. The app can also make modifications in your deviceâ(TM)s calendar.
      -Your location, which enables them to know where you are.
      -Your camera, which means the app has permission to click images, record videos and audio via the microphone too.
      -Your internal storage, which means they can see files on your phone as well as delete them.
      -The app can access your WiFi, change the wallpaper, network connectivity and much more.

      Fuck that.

      And, just as bad, so many websites have embedded links to Facebook in their page that they track much of where you go ... if you have an account they match it up, if they don't, they do anyway.

      My browsers all block Facebook outright, because I simply do not trust Facebook even in the slightest.

      Facebook exists to collect your data and monetise your life, and I refuse to accept that. If you have the app installed, you've given the ability to read everything you do.

      How is anybody even slightly surprised by this?

      • Most of that is only Android. You can turn off the few things that FB has access to very easily in iOS.

        • No one should be running a facebook executable on their device, its straight up spyware/malware.
          • I would argue it shouldn't even be available in the app stores. We only pretend it isn't spyware/malware.
      • Of course they are, and whether you realise or not, you gave them permission when you installed the app ... because that thing wants access to pretty much EVERYTHING.

        Except I've never installed their app on any phone I've ever owned. Never will in the future either. So I just need to block them through the browser which is enough of a challenge as it is.

      • by fafalone ( 633739 ) on Monday February 12, 2018 @02:14PM (#56109807)
        Facebook recently went so far over the line I'd hope a civil suit might even have a chance... the mobile app is taking recent photos, uploading them Facebooks servers, and asking if you want to share them, without having any ability to turn off the "feature" short of revoking access to photos through the app manager entirely (so you can't even upload the photos you do want to share). Whenever this is brought up in the support forum, the thread is locked.
  • Wait, what? (Score:5, Insightful)

    by TheRaven64 ( 641858 ) on Monday February 12, 2018 @11:16AM (#56108387) Journal
    Why didn't the person who was leaking just leave his phone at home, then Facebook would have seen the journalist in one place and the leaker in another and not been concerned. Either turning off the phone is enough to disable the tracking, in which case either party can do it because the thing they're worried about is being seen together, or it isn't in which case why ask the reporter to do it?
    • Re: (Score:2, Insightful)

      by Anonymous Coward

      Facebook might require all employees to be constantly logged into Facebook, else they assume the worst.

    • Re: Wait, what? (Score:2, Insightful)

      by Anonymous Coward

      You phone unnaturally immobile and not in use at the same time reporter is meeting someone, or both phones off at same time would provide indirect clues.

  • by Teun ( 17872 ) on Monday February 12, 2018 @11:18AM (#56108399)
    This makes me kind of smile, apparently it's not just the Facebook users that suffer a total loss of privacy but also their own employees.

    I have little sympathy for FB users that get burned but it's even less for those evil enough to work there.
  • by Cederic ( 9623 ) on Monday February 12, 2018 @11:19AM (#56108405) Journal

    So was he stupid enough to be using gchat on a corporate device or are Facebook guilty of hacking?

    Yeah, I'm assuming Google are innocent (on this occasion).

    • Yeah, there’s an unexplored story there too...

    • by Jfetjunky ( 4359471 ) on Monday February 12, 2018 @11:36AM (#56108521)
      I hope it was a corporate device, potentially signaled by the "Please shut your laptop and don't reopen it" line. Otherwise that would be a shocking level of collusion.
      • I hope it was a corporate device, potentially signaled by the "Please shut your laptop and don't reopen it" line. Otherwise that would be a shocking level of collusion.

        Uh, if the level of collusion is that high, the scary part is realizing the device owner no longer matters.

      • "Please shut your laptop and don't reopen it"

        Sounds like a line from Manna.

        Anyway, even if the messages were sent from a corporate device, are employers in the US allowed to read those? Here in Europe, many countries uphold the right to privacy even on corporate devices. An employer may monitor traffic to allow them to enforce company IT policies, but no further. They can check if you are sending or receiving emails, and they may have an automatic system scan them for virii, but they are absolutely forbidden to have any corporate humanoid peruse

        • by Enigma2175 ( 179646 ) on Monday February 12, 2018 @02:01PM (#56109701) Homepage Journal

          Buahahahahaha, this is the US we are talking about. There are no privacy protections. If a company employs you, they basically own you. They can look at absolutely anything they want if you're on a corporate-owned device. You are basically locked into a company because if you leave somewhere you no longer have health insurance and your company may blacklist you so you can't find a job elsewhere. Only laws that benefit corporations are ever passed as the governmental officials are owned by the corporations. Companies can do anything they want, down to regulating what activities you do when not at work or dictating when you piss. They can fire you at any time for almost any reason. The only exception is for certain protected classes (rage, gender, religion, etc.) but if they are firing someone for being black they just say "they aren't a team player" or "didn't align with our corporate culture" - it doesn't really matter as long as you don't mention their protected class and cite something sufficiently nebulous. The only real protected class is the US is profit.

    • Re: (Score:2, Insightful)

      by Anonymous Coward

      So was he stupid enough to be using gchat on a corporate device or are Facebook guilty of hacking?

      It was a corporate laptop.

      Only a facebook owned and provisioned device would have access to the things he was taking screenshots of.
      Their devices are no doubt setup to perform CA-cert MitM recording, as well as MitM all other traffic as well. They would have the chat logs that way.

      I would like to think that facebook has their devices locked down to the point it either wouldn't have been possible to copy the screenshots off of it to another device for sending, but I can't say if that is true or not.

      To be ho

    • My guess is that the corporate laptop included trusted root certificates to allow them to MITM TLS connections. It's common practice in order to perform traffic scanning.

  • Not surprising (Score:5, Insightful)

    by Vermonter ( 2683811 ) on Monday February 12, 2018 @11:38AM (#56108537)

    99% of the time, the more powerful an entity becomes, the more it will exert it's power to keep (and usually increase) said power. It doesn't matter if that entity is a company, a government, or an individual.

  • NT

  • by nospam007 ( 722110 ) * on Monday February 12, 2018 @11:48AM (#56108605)

    ...and shut his own phone down.

    It's good that Facebook lost over 2 million 17-25 year olds last year and will lose even more this year.

    It's becoming the GrannyBook, the over 55 years are joining mostly, which is poison for the young generation.

    • ...and shut his own phone down.

      It's good that Facebook lost over 2 million 17-25 year olds last year and will lose even more this year.

      I thought most insidious part of the problem is that they don't lose anyone, even if one naively thinks one's account is "deleted", The best one can hope for is to never have signed up in the first place.

      • by slew ( 2918 )

        ...and shut his own phone down.

        It's good that Facebook lost over 2 million 17-25 year olds last year and will lose even more this year.

        I thought most insidious part of the problem is that they don't lose anyone, even if one naively thinks one's account is "deleted", The best one can hope for is to never have signed up in the first place.

        Reminds me of: I am altering the deal, pray I don’t alter it any further. -- Darth Vader

  • even without FB (Score:5, Interesting)

    by Anonymous Coward on Monday February 12, 2018 @12:18PM (#56108869)

    Just bought a new ZTE phone from Cricket Wireless... I found out that every cricket phone comes preloaded with a Wifi Manager application that is supposed to transition you between wifi and cell data automatically. If you agree to the EULA, it collects data about your phone and wifi and location and moves you between open wifi and data networks. Well this sounded like a bad idea so I reset the phone and didn't accept the EULA this time.

    Turns out that the data collection happens whether or not you accept the EULA. GPS info if you leave it on, WIFI SSIDs, cell locations, IMEI, Phone ID, data traffic levels...

    The offending app was from smithmicro and could not be disabled. I ended up in debug mode on adb shell and was able to uninstall the package for current user (not something Joe schmoe's grandma will do).

    My point is, you may think that no one is watching so long as you remove FB or other apps, but your location data and patterns is more valuable than the $50 the company gets for selling you service.

  • Android development (Score:5, Informative)

    by OYAHHH ( 322809 ) on Monday February 12, 2018 @12:20PM (#56108879)

    While doing Android development i find it disturbing to say the least that while debugging my extremely basic app (think hello world) I see calls to Facebook and Amazon urls in my console logs.

    WTH is up with that, I'm just a novice?

  • "Sonya Ahuja, the company's head of investigations .. told him that she had their messages on Gchat"

    Well, a big fucking DOH!
    --

    sig: I'll bet you're the kind of guy that hangs round Reddit fapping off over pictures of furries and yellow-scaled wingless dragonkin
    • Everyone assured me since Gchat was using SSL that no one could read the messages! What a joke.
      • The jury is still out on whether or not he was using a corporate laptop to do this, which would render SSL moot. I think tech leakers are learning what folks in repressive societies learned a while ago: Tor is your friend and have more than one phone.
  • Location, Wifi, BlueTooth, NFC and all other wireless protocols should be off. unless you have a reason to have them on! You should also always use VPN / TOR proxies on your phone to mask it's location. This is a common problem and people need to wake up.
  • Police 1955: We went door to door. Talked to people. Found evidence and leads. Tracked down our criminal.

    Police 2017: The criminal doesn't have a Facebook account, nor smart phone, nor credit card.......we are totally baffled.

  • If that dimwit didn't even bother to get a cheap burner phone to make clandestine contact, ...

    Put your real phone in your girlfriend's purse, ask her to go shopping and then to a movie while you to meet this reporter.

    If such basic precautions are not taken, why blame facebook?

  • by LeftCoastThinker ( 4697521 ) on Monday February 12, 2018 @03:11PM (#56110327)

    Aaaand this is just highlighting why Facebook needs to be federally regulated. They have every right to fire a leaking employee, but I am pretty sure that how they figured it out is a violation of a number of laws. Even if they have access to said information for advertising purposes through the employees Facebook page, there is a whole different set of regulations as to what an employer can do to spy on an employee, especially on their days off...

    It is high time the technocrats running Google, Facebook and Twitter go the hard slap down of federal regulation. They are just companies and they have been abusing their increasing power for far too long already.

Your good nature will bring you unbounded happiness.

Working...