Facebook's Mandatory Anti-Malware Scan Is Invasive and Lacks Transparency

Louise Matsakis, writing for Wired: The internet is full of Facebook users frustrated with how the company handles malware threats. For nearly four years, people have complained about Facebook's anti-malware scan on forums, Twitter, Reddit, and on personal blogs. The problems appear to have gotten worse recently. While the service used to be optional, Facebook now requires it if it flags your device for malware. And according to screenshots reviewed by WIRED from people recently prompted to run the scan, Facebook also no longer allows every user to select what type of device they're on. The malware scans likely only impact a relatively small population of Facebook's billions of users, some of whose computers may genuinely be infected. But even a fraction of Facebook's users still potentially means millions of impacted people.

The mandatory scan has caused widespread confusion and frustration; WIRED spoke to people who had been locked out of their accounts by the scan, or simply baffled by it, on four different continents. The mandatory malware scan has downsides beyond losing account access. Facebook users also frequently report that the feature is poorly designed, and inconsistently implemented. In some cases, if a different user logs onto Facebook from the same device, they sometimes won't be greeted with the malware message. Similarly, if the "infected" user simply switches browsers, the message also appears to occasionally go away.

Re: FaceBook has a malware scanner?????

[Anonymous Coward]

You don't have a choice with Windows 10. Facebook app auto download and install thanks MS!

Re:

[chuckugly]

If this is a store UWP app, it's not supposed to be allowed to do that sort of thing according to the rules ....

Re:

[E-Rock]

No, you just clicked something incorrectly.

Re:

[Anonymous Coward]

Nope, it's an A/B testing thing. Some copies of Windows 10 will automatically install Facebook (among others) and will continue to do so whenever they check to see if they've been uninstalled (which is probably whenever Windows Update runs). So if you try and remove it, it'll just automatically reinstall it for you.

But because it's an "A/B test," this only happens for some users, and there's basically no rhyme or reason to it.

Yes choice with Windows 10

[Excelcia]

Umm, I think not. The Windows 10 laptop I have now has not a trace of Facebook on it. As I type this, I have Facebook open in a browser tab in Palemoon. I had to dig my password out of keepass since I haven't logged in in three years, but it works just fine without a lick of Facebook code on my computer.

Seriously, though, I just recommend dumping it. I made the transition to a Facebook free life a few years back, and I'm quite the happier for it. Facebook is more of a sewer than craigslist. I still can

Is that true?

[ripvlan]

I have Windows 10 and I don't have (or at least see) the FB "app" installed. When I use FB on my laptop it is through a browser.

But I specifically disabled and left-uninstalled the FB "charm" / "app" / "live tile" or whatever they call it. I don't see FB installed - how would I know?

On my iPhone there is definitely a direct FB integration (and twitter) - so that Siri can post messages and makes it easier to upload phones/videos. And this integration too can be disabled.

-Mike.

Re:

[XXongo]

This is why I don't download FaceBook and just use it in a web browser.

If you'd read the article, you would have seen that Facebook's malware warning and mandatory demand for you to run their scan occurs when people are accessing Facebook via a browser.

Re:

[Calydor]

Same way it installs it, I wager.

Re: Facebook's anti-malware

[mSparks43]

from inside a vm, on a remote machine, located in another country, otherwise filled with pictures of cats.

Re:

[gatkinso]

https://osquery.io/ [osquery.io]

Re:

[sound+vision]

By forcing you to download and run an executable before they restore your access to the site. At least, that's how they did it a few years back when I ran into this issue. For me it was a very minor problem - I simply didn't use Facebook for another couple years, next time I happened to try logging in, no hint of the malware scan. I guess maybe they have "malware forgiveness" if it looks like the scan might stop you from using the site again? I imagine the *average* Facebook user would download and run anyt

Being a facebook user sounds so alien

[tomxor]

Having not used facebook in over a decade, the kinds of things happening on it now sound so alien to it's origins, in a bad way. Roll on decentralised networking.

Re:

[phantomfive]

Wow no, Facebook's origins were based around abusing the users. From the very beginning.

FTFY

[Anonymous Coward]

Facebook's Mandatory Anti-Malware Scan Is Invasive and Lacks Transparency

Hmm... that's not quite right...

Facebook Is Invasive and Lacks Transparency

There we go, much more accurate.

Re:

[PolygamousRanchKid]

Facebook Is Invasive and Lacks Transparency

Yeah . . . everybody knows that . . . but Facebook users don't care about that . . . otherwise, they wouldn't be Facebook users.

Facebook can't be that invasive . . . otherwise it would have seen what the Russian hackers and Fake newsers were up to.

UserAgent string

[b0s0z0ku]

Browse FB (if you must) with your UserAgent string set to FreeBSD. Do they even MAKE a "malware scanner" for FreeBSD? If it doesn't exist for the platform, it's not likely to be offered.

Re: UserAgent string

[Anonymous Coward]

But nobody with freebsd can hug anyone

Re:

[Anonymous Coward]

That's why mine says OS/2!

Re: Every American must watch this

[c6gunner]

That's wonderful. I'm sure that Christopher "Da Joos did 9/11" Bollyn has all sorts of incredible insights into how the lizard people are planning on forcing is into FEMA camps

Re: Every American must watch this

[c6gunner]

Insurrect; it stretches from one edge of the flat earth to the other.

Re:

[tlhIngan]

Browse FB (if you must) with your UserAgent string set to FreeBSD. Do they even MAKE a "malware scanner" for FreeBSD? If it doesn't exist for the platform, it's not likely to be offered.

Of course they do. Not for FreeBSD malware, mind you, but it'll scan for any sort of malware to prevent your FreeBSD machine from being an inadvertent carrier of malware.

It's the same reason why Linux is hacked - not because it's to spread Linux malware, but to infect some service so it can spread malware to Windows machines

Re:

[b0s0z0ku]

No, I mean does FACEBOOK make their own malware scanner for FreeBSD?

I know the answer

[AndyKron]

What you need to do is buy an Apple product. Doesn't matter what kind as long as you can log onto Facebook. Go do that and stay there until we tell you it's OK to stop. Bye.

So they are foisting osquery on us, eh?

[gatkinso]

So now our entire OS is to be exposed as a database for their analytics? Color me not interested.

Who would be that stupid?

[Snotnose]

What kind of moron would let a company like FB have full access to their device? Oh, the typical FB moron I guess. Glad I never made an account.

More information

[Anonymous Coward]

The article is unfortunately lacking in details. From what I can tell, the malware scan is triggered when Facebook believes the account is posting spam. In fairness, there is a lot of malware-related spam that gets posted on Facebook and they have a legitimate reason to keep it off their site.

The problem is the complete lack of transparency and that the antivirus products can remove and share information about files in your computer. There has to be a much better way to do this. For example, Facebook could

Scan, Scam

[kmassare]

Whenever I get a "warning" about malware on my device, I assume that the message is a scam where someone wants to charge me to "fix" my device or wants to install malware on it.

Re:

[sinij]

Whenever I get a "warning" about malware on my device, I assume that the message is a scam where someone wants to charge me to "fix" my device or wants to install malware on it.

In this specific case, it just Zuk wants to scan your PC to find out what kind of porn you are into.

"impacted people"?

[jenningsthecat]

I've heard of "impacted feces", but never "impacted people"...

Latest money-making scheme

[knorthern knight]

1) Rinnnngggg

2) Hello?

3) (Thick Indian accent) This is Facebook calling. We have detected that your Facebook is infected by virus. Please enable remote login to your machine and give us your credit card number.

4) Profit

How does it even know about malware?

[johannesg]

Is FB actually scanning my entire computer every time I log in? Does a browser provide the kind of access needed to determine that malware is present in the first place?

LPT: Don't use FB

[rainer_d]

Problem solved!

Reasons

[JustAnotherOldGuy]

Reason #683,215,971 why I won't have anything to do with Facebook.

"Trust us, we just want to scan every file on your device to umm, errr...to keep you safe, yeah, that's the ticket!"

Because we know how much Facebook values your privacy and that they would never ever misuse your information...

Security VS Functionality

[pdfsmail]

Keeping devices and services secure vs keeping them functional has always been a trade off, there is hardly ever a best of both worlds. Nor can you expect any of it to be perfect. Considering all the crap I have found on FB and the ridiculous things people believe and click not to mention just how bad so many peoples computers are (I see alot), I would prefer they have a scanner. The fact that people can't figure it out just points to why its needed, I would be willing to bet they are the ones with infected