Facebook’s Messenger App Has More Spyware Than Products Designed Specifically For Surveillance
Facebook was the recipient of sharp criticism from Android users last month when the company released its new mandatory Messenger app, which collected an unprecedented amount of private information about its users — now it seems the iOS version for iPhone users could give it a run for its data.
“Messenger appears to have more spyware type code in it than I’ve seen in products intended specifically for enterprise surveillance,” security researcher Jonathan Zdziarski tweeted after digging through the app’s iOS binary earlier this week.
According to an email from Zdziarski to Motherboard, Facebook Messenger for iPhone logs almost all activity a user executes on the app, down to every individual tap, screen turn and time used. (RELATED: Facebook’s New Messenger App Can Invade Your Privacy, But It’s Android’s Fault)
“[Facebook is] using some private APIs I didn’t even know were available inside the sandbox to be able to pull out your WiFi SSID (which could be used to snoop on which WiFi networks you’re connected to) and are even tapping the process list for various information on the device,” Zdziarski said in the report.
On Twitter Zdziarski said he’d worked for companies that write surveillance software “that didn’t know this level of access was possible.”
Shortly after reporting his findings, the researcher got into a debate with one of Messenger’s programmers over Twitter about the reasons for and depths of the app’s data-gathering capabilities.
@Jzdziarski I work on Messenger. Probably no surprise that we use analytics to understand usage and make the app faster, more efficient.
— lucyz (@lucyz) September 9, 2014
@JZdziarski E.g., analytics showed us people were using Like stickers a bunch, so we moved that feature so people can send in fewer taps.
— lucyz (@lucyz) September 9, 2014
@lucyz can make the app more efficient without knowing what access point I’m connected to IMO.
— Jonathan Zdziarski (@JZdziarski) September 11, 2014
@lucyz there’s a lot of prying into my device here that I don’t think Messenger has a right to do without explicit user consent.
— Jonathan Zdziarski (@JZdziarski) September 11, 2014
Developer Lucy Zhang did not respond to Zdziarski’s tweeted replies pointing out that Facebook could improve the app’s performance for users without tracking their WiFi locations, and that the company should fully disclose the details of the app’s tracking to users before installing.
“[A] couple hours of tinkering around isn’t going to provide any meaningful conclusions… but there is a lot of code that suggests Facebook is running analytics on nearly everything it possibly can monitor on your device,” Zdziarski said. “Ultimately it comes down to whether or not you trust Facebook not to take advantage of their position on your device to snoop on you.”
“The technical capabilities to do so are certainly there.”
Follow Giuseppe on Twitter and Facebook
Join the conversation on The Daily Caller
Read more stories from The Daily Caller
Facebook's Messenger App Has More Spyware Than Products Designed Specifically For Surveillance
TIME's D.C. Bureau Chief Has A Spectacular Porn Stache
Tom Brokaw: Obama Will Invigorate ISIS With Young Men If Terrorist Group 'Hit Hard'
Victoria's Secret Model Alessandra Ambrosio Has Got Legs For Days
Even Fleshlight, Adult Toy Company, Remembered Sept. 11 On Twitter