• Home
  • Analysis
  • Facebook caught in suspected VPN data theft scandal 😱
Facebook caught in suspected VPN data theft scandal 😱

Facebook caught in suspected VPN data theft scandal 😱

Facebook’s Alleged Involvement in VPN Data Theft

Recently, Facebook has faced accusations of being involved in VPN data theft, raising concerns about user data privacy. Tech analyst HaxRob conducted a detailed investigation, shedding light on the issue, while tech journalist Naomi Brockwell provided further insights, uncovering a complex network of data interception and manipulation.

The Issue with Onavo and User Data Interception

Through his analysis, HaxRob discovered that Facebook, following its acquisition of Onavo, was allegedly engaging in practices that allowed the interception and analysis of user data transmitted through various applications. By incorporating root certificates into users’ mobile devices, Facebook could potentially monitor and intercept traffic from a wide range of apps.

  • Controversy Surrounding Onavo: Before its removal from app stores, Onavo purportedly offered VPN services under the guise of user safety. However, archived information and app functionalities hinted at a more sinister motive.

Use of Malicious Code and Fake Certificates

Reports indicate that Onavo’s code included a client-side “kit” that installed a “root” certificate on users’ devices, allowing Facebook’s servers to create fake digital certificates to impersonate trusted platforms like Snapchat, YouTube, and Amazon. This enabled the redirection and decryption of secure traffic for Facebook’s analysis purposes.

  • HaxRob’s Observation: The app’s ability to establish a connection to Facebook’s servers while promoting itself as a safety tool raises ethical concerns and breaches user trust.

Naomi Brockwell’s Insights

Naomi Brockwell added to the discussion by labeling Facebook’s actions as a “man-in-the-middle attack,” emphasizing the unauthorized access to SSL traffic and sensitive user data. This highlights the severity of Facebook’s alleged data theft through its VPN service.

  • Technical Permissions of Onavo: Analysis reveals alarming permissions sought by the Onavo app, such as overlay capabilities on other apps, access to historical app usage, and permission to manage phone calls.

Need for Regulatory Oversight

The incident underscores the importance of robust regulatory oversight in the tech industry. While recent Android security enhancements have limited the installation of certificates for intercepting app traffic, the issue exposes the lengths to which companies may go to obtain user data. It is imperative to address concerns about data privacy and security.

  • Global Scrutiny and Fines: Facebook’s data handling practices have sparked international concerns, evident in fines like the $20 million penalty imposed by Australia’s ACCC.

Read Disclaimer
This content is aimed at sharing knowledge, it's not a direct proposal to transact, nor a prompt to engage in offers. Lolacoin.org doesn't provide expert advice regarding finance, tax, or legal matters. Caveat emptor applies when you utilize any products, services, or materials described in this post. In every interpretation of the law, either directly or by virtue of any negligence, neither our team nor the poster bears responsibility for any detriment or loss resulting. Dive into the details on Critical Disclaimers and Risk Disclosures.

Share it

Facebook caught in suspected VPN data theft scandal 😱