Jump to content
Search In
  • More options...
Find results that contain...
Find results in...
GoodBytes

Facebook caught collecting your Calls metadata and SMSs without you knowing

Recommended Posts

Posted · Original PosterOP

Ars Technica report that a person from New Zealand found (and confirmed by others) that the Facebook app has been collecting his metadata of his calls and SMS for years. It collect the person names, if the call was incoming or outgoing, phone number, duration of call, SMS messages, and more,  This affects only Android users due to the OS being more open (allowing more things to be possible on the device in exchange)

 

Quote

This past week, a New Zealand man was looking through the data Facebook had collected from him in an archive he had pulled down from the social networking site. While scanning the information Facebook had stored about his contacts, Dylan McKay discovered something distressing: Facebook also had about two years' worth of phone call metadata from his Android phone, including names, phone numbers, and the length of each call made or received. This experience has been shared by a number of other Facebook users who spoke with Ars, as well as independently by us—my own Facebook data archive, I found, contained call-log data for a certain Android device I used in 2015 and 2016, along with SMS and MMS message metadata.

 

callog.jpg

 

Contacting Facebook about the new finding, Ars received the following answer by a spokesperson:

Quote

The most important part of apps and services that help you make connections is to make it easy to find the people you want to connect with. So, the first time you sign in on your phone to a messaging or social app, it's a widely used practice to begin by uploading your phone contacts. 

 

And adds:

Quote

contact uploading is optional and installation of the application explicitly requests permission to access contacts. And users can delete contact data from their profiles using a tool accessible via Web browser. Facebook uses phone-contact data as part of its friend recommendation algorithm. And in recent versions of the Messenger application for Android and Facebook Lite devices, a more explicit request is made to users for access to call logs and SMS logs on Android and Facebook Lite devices.

 

Ars Technica found that if you gave permission to Facebook app to access your contacts on Android pre-4.1 (Jelly Bean), that permission also granted Facebook access to call and message logs by default. The problem is that if Android app is marked to be coded for 4.1 or earlier, despite being on a new phone, Android gives permission to the app as backward compatibility. So there is a way for Facebook to by-pass the new restrictions, and it looks like they are using it. The better news, is that Google cut support for the legacy app support starting in Oct 2017. So assuming your phone is fully updated with security updates, then Facebook SHOULD not have no more access to all this data. And they confirmed this that the last log they found was from that time.

 

Quote

If you granted permission to read contacts during Facebook's installation on Android a few versions ago—specifically before Android 4.1 (Jelly Bean)—that permission also granted Facebook access to call and message logs by default. The permission structure was changed in the Android API in version 16. But Android applications could bypass this change if they were written to earlier versions of the API, so Facebook API could continue to gain access to call and SMS data by specifying an earlier Android SDK version. Google deprecated version 4.0 of the Android API in October 2017—the point at which the latest call metadata in Facebook users' data was found. Apple iOS has never allowed silent access to call data.

 

 

Now, Facebook did mention about this spying that they have being doing in a blog post, saying:
 

Quote

Call and text history logging is part of an opt-in feature for people using Messenger or Facebook Lite on Android. This helps you find and stay connected with the people you care about, and provide you with a better experience across Facebook. People have to expressly agree to use this feature. If, at any time, they no longer wish to use this feature they can turn it off in settings, or here for Facebook Lite users, and all previously shared call and text history shared via that app is deleted. While we receive certain permissions from Android, uploading this information has always been opt-in only.

 

However, Ars found that this is not true.

Ars says:

Quote

This contradicts the experience of several users who shared their data with Ars. Dylan McKay told Ars that he installed Messenger in 2015, but only allowed the app the permissions in the Android manifest that were required for installation. He says he removed and reinistalled the app several times over the course of the next few years, but never explicitly gave the app permission to read his SMS records and call history. McKay's call and SMS data runs through July of 2017.

In my case, a review of my Google Play data confirms that Messenger was never installed on the Android devices I used. Facebook was  installed on a Nexus tablet I used and on the Blackphone 2 in 2015, and there was never an explicit message requesting access to phone call and SMS data. Yet there is call data from the end of 2015 until late 2016, when I reinstalled the operating system on the Blackphone 2 and wiped all applications.

 

Source: https://arstechnica.com/information-technology/2018/03/facebook-scraped-call-text-message-data-for-years-from-android-phones/?comments=1

 

Now, I don't have Facebook. But with such a news, are you considering switching off your Facebook activity/account, and push your friends to migrate to something else for chatting?

Or will you regardless continue to use Facebook, and if I may ask (for conversation purposes) why?

 

 

Link to post
Share on other sites

I mean, does this really, and i mean REALLY surprise anyone? You give them access to so much when you install it, such as calls and text, it would be naive to assume they didn't. Can we Zucc Zuckerberg?


My PC is running and I can't catch it....

Link to post
Share on other sites
4 minutes ago, GoodBytes said:

 

Now, I don't have Facebook. But with such a news, are you considering switching off your Facebook activity/account, and push your friends to migrate to something else for chatting?

Or will you regardless continue to use Facebook, and if I may ask (for conversation purposes) why?

 

 

I try to minimize the information i publicly put into Facebook's Database, and the information they have is information I give out willingly, Metadata harvesting doesn't concern me too much

 


My PC is running and I can't catch it....

Link to post
Share on other sites

Facebook app chunks on a LOT of battery power back in the past (in the time of iPhone 4), so I got rid of it after about 2 weeks of use.


CPU: i7-2600K 4751MHz 1.44V (software) --> 1.47V at the back of the socket Motherboard: Asrock Z77 Extreme4 (BCLK: 103.3MHz) CPU Cooler: Noctua NH-D15 RAM: Adata XPG 2x8GB DDR3 (XMP: 2133MHz 10-11-11-30 CR2, custom: 2203MHz 10-11-10-26 CR1 tRFC:230 tREFI:14000) GPU: Asus GTX 1070 Dual (Super Jetstream vbios, +70(2025-2088MHz)/+400(8.8Gbps)) SSD: Samsung 840 Pro 256GB (main boot drive), Transcend SSD370 128GB PSU: Seasonic X-660 80+ Gold Case: Antec P110 Silent, 5 intakes 1 exhaust Monitor: AOC G2460PF 1080p 144Hz (150Hz max w/ DP, 121Hz max w/ HDMI) TN panel Keyboard: Logitech G610 Orion (Cherry MX Blue) with SteelSeries Apex M260 keycaps Mouse: BenQ Zowie FK1

 

Model: HP Omen 17 17-an110ca CPU: i7-8750H (0.125V core & cache, 50mV SA undervolt) GPU: GTX 1060 6GB Mobile (+80/+450, 1650MHz~1750MHz 0.78V~0.85V) RAM: 8+8GB DDR4-2400 18-17-17-39 2T Storage: 1TB HP EX920 PCIe x4 M.2 SSD + 1TB Seagate 7200RPM 2.5" HDD (ST1000LM049-2GH172), 128GB Toshiba PCIe x2 M.2 SSD (KBG30ZMV128G) gone cooking externally Monitor: 1080p 126Hz IPS G-sync

 

Desktop benching:

Cinebench R15 Single thread:168 Multi-thread: 833 

SuperPi (v1.5 from Techpowerup, PI value output) 16K: 0.100s 1M: 8.255s 32M: 7m 45.93s

Link to post
Share on other sites
4 minutes ago, rowlYy said:

I mean, does this really, and i mean REALLY surprise anyone? You give them access to so much when you install it, such as calls and text, it would be naive to assume they didn't. Can we Zucc Zuckerberg?

It doesn't surprise me, it'st why I never used the facebook app on any phone I have owned,  In fact I will never use any app that asks for permission I do not consider necessary to the function of that app.  Facebook does not need access to my emails, txt or contacts to function. 


QuicK and DirtY. Read the CoC it's like a guide on how not to be moron.  Also I don't have an issue with the VS series.

Sometimes I miss contractions like n't on the end of words like wouldn't, couldn't and shouldn't.    Please don't be a dick,  make allowances when reading my posts.

Link to post
Share on other sites

apps in iOS 10 have access to be put in my call logs and have integration with iOS's calling screen

 

 

if I call someone in Telegram, it shows up in my phone app's call log, and it gives me the regular phone call received screen thing..

 

 

 

when I was 11 I allowed facebook to see my contacts, rip.


Ryzen 5 3600 stock | 2x16GB C13 3200MHz (AFR) | Radeon VII | ASUS Prime X570-P | 6TB WD Gold (128MB Cache, 2017)

Samsung 850 EVO 240 GB 

138 is a good number.

 

Link to post
Share on other sites
20 minutes ago, GoodBytes said:

Ars Technica report that a person from New Zealand found (and confirmed by others) that the Facebook app has been collecting his metadata of his calls and SMS for years. It collect the person names, if the call was incoming or outgoing, phone number, duration of call, SMS messages, and more,  This affects only Android users due to the OS being more open (allowing more things to be possible on the device in exchange)

It's not without knowing. When you download the app it asks you for permission to monitor all sorts of things, including calls, texts, microphones, and cameras. You have to select "Allow" or "give app permission" before it will be installed. In addition, any update which changes these permissions re asks you for permission.


I will never succumb to the New Cult and I reject the leadership of @Aelar_Nailo and his wicked parrot armies led by @FakeCIA and @DildorTheDecent. I will keep my eyes pure and remain dedicated to the path of the One True; IlLinusNati

Link to post
Share on other sites
20 minutes ago, GoodBytes said:

Now, I don't have Facebook. But with such a news, are you considering switching off your Facebook activity/account, and push your friends to migrate to something else for chatting?

Or will you regardless continue to use Facebook, and if I may ask (for conversation purposes) why?

I barely use my fb and don't use the Android App (I've only got Messenger Lite, not sure if that app is also compromised).

 

However I do still need my account as it's got some important groups in there.


Can't wait for the last couple of groups to leave the platform so I can live a facebook-less life.


We have a NEW and GLORIOUSER PSU Tier List Now.

 

You can check out the old one that gave joy to so many across the land here

 

Computer having a hard time powering on? Troubleshoot it with this guide. (Currently looking for suggestions to update it into the context of <current year> and make it its own thread)

Computer Specs:

Spoiler

 Mathresolvermajig: Intel Xeon E3 1240 (Sandy Bridge i7 equivalent)
Framepainting-inator: MSI RX 480 Gaming X 8GB Died in a horrible mining accident. Currently looking for used Vega 56s!

Attachcorethingy: GA-H61M-S2V-B3

Infoholdstick: Corsair 2x4GB DDR3 1333 CAS 9

Computerarmor: CM Elite 360 (Moddded to all hell by now)

Rememberdoogle: 120GB Trion 150 + 1TB WD RE+ + 240GB SSD Plus

AdditionalPylons: Corsair CX450M

Letterpad: Rosewill Apollo 9100 (Cherry MX Red)

Buttonrodent: EVGA Torq X3

Auralnterface: @Den-Fi が2年前にくれたヘッドフォン

Liquidrectangles: AOC G2260VWQ6 (Freesync 75Hz), Samsung SMB2030N (1600x900 VGA)

Brother's Computer:

Spoiler

Mathresolvermajig: Intel i3-2100 (carry over from my old build)
Framepainting-inator: GTX 650 Ti

Attachcorethingy: Intel Z68 (don't know anything else, got it from ebay for like $40)

Infoholdstick: Corsair 2x2GB 1333MHz C9

Computerarmor: Ashamed to say

Rememberdoogle: 120GB SP550 + 500GB 2.5" from a laptop

AdditionalPylons: Antec Basiq BP350 (not as loud as @STRMfrmXMN says it is) (actually pretty loud for my standards)

Letterpad: Logitech MK120 bundle

Buttonrodent: See above

Auralnterface: Hah! You wish

Liquidrectangles: Samsung 1600x900 + LG 1440x900

Link to post
Share on other sites

This is why I only turn on the permissions I absolutely need. If I need a permission for some one time use, I'll make sure to turn the permission back off afterwards.


[Out-of-date] Want to learn how to make your own custom Windows 10 image?

 

Desktop: AMD R9 3900X | ASUS ROG Strix X570-F | Radeon RX 5700 XT | EVGA GTX 1080 SC | 32GB Trident Z Neo 3600MHz | 1TB 970 EVO | 256GB 840 EVO | 960GB Corsair Force LE | EVGA G2 850W | Phanteks P400S

Laptop: Intel M-5Y10c | Intel HD Graphics | 8GB RAM | 250GB Micron SSD | Asus UX305FA

Server 01: Intel Xeon D 1541 | ASRock Rack D1541D4I-2L2T | 32GB Hynix ECC DDR4 | 4x8TB Western Digital HDDs | 32TB Raw 16TB Usable

Server 02: Intel i7 7700K | Gigabye Z170N Gaming5 | 16GB Trident Z 3200MHz

Link to post
Share on other sites
Posted · Original PosterOP
9 minutes ago, straight_stewie said:

It's not without knowing. When you download the app it asks you for permission to monitor all sorts of things, including calls, texts, microphones, and cameras. You have to select "Allow" or "give app permission" before it will be installed. In addition, any update which changes these permissions re asks you for permission.

You want Facebook, hence why you downloaded the app, you WILL click on Allow. Plus, your avg person does not read privacy policies, terms of service, license agreement, and just hit, like on PC, "next", "next", "next", "next" quickly without reading a thing. Same for phones, they hit Allow to use the app. People don't think that Facebook would be tracking them. They don't see Facebook as a malware/spyware, as they are big, trusted and more importantly: theirs friends/family are on it.

Link to post
Share on other sites

Here is the link to the Ruby script for anyone that wants to check their own archive.

https://gist.github.com/dylanmckay/2b191a10068bd87d0fffba242db44b52


[Out-of-date] Want to learn how to make your own custom Windows 10 image?

 

Desktop: AMD R9 3900X | ASUS ROG Strix X570-F | Radeon RX 5700 XT | EVGA GTX 1080 SC | 32GB Trident Z Neo 3600MHz | 1TB 970 EVO | 256GB 840 EVO | 960GB Corsair Force LE | EVGA G2 850W | Phanteks P400S

Laptop: Intel M-5Y10c | Intel HD Graphics | 8GB RAM | 250GB Micron SSD | Asus UX305FA

Server 01: Intel Xeon D 1541 | ASRock Rack D1541D4I-2L2T | 32GB Hynix ECC DDR4 | 4x8TB Western Digital HDDs | 32TB Raw 16TB Usable

Server 02: Intel i7 7700K | Gigabye Z170N Gaming5 | 16GB Trident Z 3200MHz

Link to post
Share on other sites
Posted · Original PosterOP
2 minutes ago, 2FA said:

This is why I only turn on the permissions I absolutely need. If I need a permission for some one time use, I'll make sure to turn the permission back off afterwards.

But that would be too late, Facebook app (if you did this for the app), can collect all your logs in 1 shot.

Link to post
Share on other sites
1 minute ago, GoodBytes said:

You want Facebook, hence why you downloaded the app, you WILL click on Allow. Plus, your avg person does not read privacy policies, terms of service, license agreement, and just hit, like on PC, "next", "next", "next", "next" quickly without reading a thing. Same for phones, they hit Allow to use the app. People don't think that Facebook would be tracking them. They don't see Facebook as a malware/spyware, as they are big, trusted and more importantly: theirs friends/family are on it

I'm not sure about other countries law, but in the US contractual agreements are generally "buyer beware" if the contractor does not attempt to hide portions of the agreement (and trivially, if the agreement is actually legal to make).


I will never succumb to the New Cult and I reject the leadership of @Aelar_Nailo and his wicked parrot armies led by @FakeCIA and @DildorTheDecent. I will keep my eyes pure and remain dedicated to the path of the One True; IlLinusNati

Link to post
Share on other sites
Just now, GoodBytes said:

But that would be too late, Facebook app (if you did this for the app), can collect all your logs in 1 shot.

I was talking in general, I don't give any social media apps any unnecessary permissions ever.


[Out-of-date] Want to learn how to make your own custom Windows 10 image?

 

Desktop: AMD R9 3900X | ASUS ROG Strix X570-F | Radeon RX 5700 XT | EVGA GTX 1080 SC | 32GB Trident Z Neo 3600MHz | 1TB 970 EVO | 256GB 840 EVO | 960GB Corsair Force LE | EVGA G2 850W | Phanteks P400S

Laptop: Intel M-5Y10c | Intel HD Graphics | 8GB RAM | 250GB Micron SSD | Asus UX305FA

Server 01: Intel Xeon D 1541 | ASRock Rack D1541D4I-2L2T | 32GB Hynix ECC DDR4 | 4x8TB Western Digital HDDs | 32TB Raw 16TB Usable

Server 02: Intel i7 7700K | Gigabye Z170N Gaming5 | 16GB Trident Z 3200MHz

Link to post
Share on other sites

photo-85015.gif


~New~  BoomBerryPi project !  ~New~


new build log : http://linustechtips.com/main/topic/533392-build-log-the-scrap-simulator-x/?p=7078757 (5 screen flight sim for 620$ CAD)LTT Web Challenge is back ! go here  :  http://linustechtips.com/main/topic/448184-ltt-web-challenge-3-v21/#entry601004

Link to post
Share on other sites

Facebook users concerned about privacy

Wait what?


Awareness is key. Never enough, even in the face of futility. Speak the truth as if you may never get to say it again. This world is full of ugly. Change it they say. The only way is to reveal the ugly. To change the truth you must first acknowledge it. Never pretend it isn't there. Never bend the knee.

 

Please quote my post in your reply, so that I will be notified and can respond to it. Thanks.

Link to post
Share on other sites

Who uses a Facebook account anyways apart from your grandma?

Link to post
Share on other sites

It reminds me that one time, one reason why iPhones are draining battery is because of their excessive background tasks [source here]. Mark Zuckerberg is probably in his office saying "Can you guys give me a break? I have enough problems already. Have you seen the Cambridge Analytica debacle?"


There is more that meets the eye
I see the soul that is inside

Link to post
Share on other sites
1 hour ago, GoodBytes said:

Ars Technica found that if you gave permission to Facebook app to access your contacts on Android pre-4.1 (Jelly Bean), that permission also granted Facebook access to call and message logs by default. The problem is that if Android app is marked to be coded for 4.1 or earlier, despite being on a new phone, Android gives permission to the app as backward compatibility.

That sucks because I authorized Facebook at one time to access my contacts way back in 2010 when I owned an Android phone with Android 1.6 Donut and during those times I didn't knew better.


There is more that meets the eye
I see the soul that is inside

Link to post
Share on other sites

Facebook doesn't care about user privacy, this is about as news worthy as saying Microsoft does Windows updates at the most inconvenient times. :P


SNOWHEART - laptop

Model: TRACER III 17R XTREME VR 800 || CPU: Intel i7-8750H  || RAM: HyperX Impact 16GB || GPU: Nvidia RTX 2070 || Storage: Intel 660P 512GB +  AData SX8200 1TB + Samsung 850 Evo 250GB || Display: 1920x1080p 144hz

 

 

PRISIMHEART 2.0 - desktop

Case: FD Meshify C Mini || PSU: EVGA Supernova P2 750w || MB: Asrock Fata1ity AB350 Gaming-ITX/ac || CPU: AMD Ryzen R5 1600 || CPU Cooler: Scythe Choten TUF edition || RAM: G.Skill Flare X 16GB || GPU: Galax GTX 1070 EXOC-SNPR || Storage: Samsung 860 Evo 1TB + Crucial MX500 1TB + SG Firecuda 2TB

 

PERIPHERALS / DISPLAY

Keyboard: Razer Blackwidow Elite || Mouse: Logitech G502 Proteus Spectrum + Steelseries RIval 650 || Monitor: HP Omen 32

 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


×