Facebook snooped on users' Snapchat traffic in secret project, documents reveal | TechCrunch
techcrunch.com
A secret program called "Project Ghostbusters" saw Facebook devise a way to intercept and decrypt the encrypted network traffic of Snapchat users to study their behavior.

Meta tried to gain a competitive advantage over its competitors, including Snapchat and later Amazon and YouTube, by analyzing the network traffic of how its users were interacting with Meta’s competitors. Given these apps’ use of encryption, Facebook needed to develop special technology to get around it.

Facebook’s engineers solution was to use Onavo, a VPN-like service that Facebook acquired in 2013. In 2019, Facebook shut down Onavo after a TechCrunch investigation revealed that Facebook had been secretly paying teenagers to use Onavo so the company could access all of their web activity.

After Zuckerberg’s email, the Onavo team took on the project and a month later proposed a solution: so-called kits that can be installed on iOS and Android that intercept traffic for specific subdomains, “allowing us to read what would otherwise be encrypted traffic so we can measure in-app usage,” read an email from July 2016. “This is a ‘man-in-the-middle’ approach.”

A man-in-the-middle attack — nowadays also called adversary-in-the-middle — is an attack where hackers intercept internet traffic flowing from one device to another over a network. When the network traffic is unencrypted, this type of attack allows the hackers to read the data inside, such as usernames, passwords, and other in-app activity.

  • @knightlyEnglish
    33 months ago

    The DMCA specifically prohibits breaking or bypassing any kind of access controls.

    The only way this could not be a DMCA violation is if they only ever used it to monitor traffic for their own subdomains.

    • Aatube
      -23 months ago

      The DMCA does not have anything to do with uncopyrighted data.

      • @knightlyEnglish
        33 months ago

        Private communications are covered by copyright.

        • Aatube
          -13 months ago

          Network data requests aren’t exactly private communications.

          • @knightlyEnglish
            43 months ago

            Wiretapping laws would seem to disagree. XD

            • Aatube
              03 months ago

              Wiretapping laws aren’t enforced because of copyright. Such communication isn’t the type of private communications that is copyrighted.

              • @knightlyEnglish
                23 months ago

                Wiretapping laws aren’t enforced because of copyright.

                Sure, but Facebook would prefer a copyright case over anything that might suggest a bill of privacy rights would be a good idea.