Reminder: Never trust any VPNs and NEVER TRUST FACEBOOK/META. Facebook has been actively doing MITM and spying on both apple/iphone users by installing spyware that installs fake root certificate and intercepting, decrypting, building database of all user traffic for years.
https://twitter.com/haxrob/status/1772766039199363375/
 It's All Fucked Shirt $22.14 |
 |
It's All Fucked Shirt $22.14 |
Are random apps really allowed to install fake certificates on your phone? Shouldn't a huge security risk like this require root privileges?
the company is literally a spyware company. their app/service was designed so it could intercept data. fricking israelites yet again.
most phones come with facebook preinstalled and unremovable, undisableabled and basically really gay aids level infesting. tiktok too. #1 reason i finally switched to a custom firmware
but apple sisters, ios was marketed to be safe!
trust any VPN
excuse me, Black person?
>Onavo, Inc. was an Israeli mobile web analytics company owned by Meta Platforms. The company primarily performed its activities via consumer mobile apps, including the virtual private network (VPN) service Onavo Protect, which analysed web traffic sent through the VPN to provide statistics on the usage of other apps.
aaaaaaaaaaaaaaahahahahahahahahahaha every single fricking time.
WHAT THE FRICK ISRAEL!
wanting more dead civilians.
This extends not just to gaybook, and not just to VPNs, but the entire HTTPS security system is based upon this fraud idea that it provides security.
>the entire HTTPS security system is based upon this fraud idea that it provides security.
We desperately need an alternative internet like the BBS days.
nobody is stopping you from asym encrypting/decrypting your stuff without relying on that whole cesspit full of glowBlack folk that are CAs nowadays.
>the Facebook app is a rootkit
LMAO
Its another app. Its not just an app they used to spy on users but also convinced other VPN providers to accept facebook ssl certs so that they can backdoor everyone using those vpns to decrypt all the traffic as plaintext.
here's another, more reliable source: https://techcrunch.com/2024/03/26/facebook-secret-project-snooped-snapchat-user-traffic/
we get daily VPN threads. we get a bunch of anons talking about how $COMPANY / $GOVT_AGENCY spies on you (usually without giving any evidence). we get a bunch of "does no one care about privacy anymore?" threads...
yet when shit like this happens, barely anyone in IQfy cares
this board must be filled with bots posting the same shit over and over (with variants), otherwise it gets difficult for me to explain this weird behavior.
Because the phoneposters can't shit on people with a quit one line insult over topics like this.
And they just want to make people miserable so when a company is doing that for them, well, that's good in their mind.
Although one of them would have said something like I have nothing to hide by now.
I mean you said it yourself, we are already aware of all these shenanigan plays, we don't need someone telling us that we were right.
whats there to talk about? use a proper vpn, don't do anything important on a phone, dont use gayman
do you want to me to clutch some pearls or something
>whats there to talk about?
are you kidding me?
>use a proper vpn
what's a "proper" VPN? if you mean one made by yourself: why would you assume that you can even trust VPS providers with your data? hell, you can't even trust your own ISP.
>don't do anything important on a phone
why do you think this only happens when using phone apps?
>dont use gayman
do you block all traffic to gayman companies? how do you know that there aren't hidden servers and certs installed in your systems redirecting traffic to them?
e.g.: you know this website uses cloudflare...
>what's a "proper" VPN?
something not based in israel? something not in bed with facebook? The attack in OP worked only for the apps that installed the compromised certificates, and only for connections that used those certificates. A small vpn company would not be be able to compromise another app just to see very specific traffic
>why do you think this only happens when using phone apps?
can you arbitrarily install DNS root certificates in linux?
>do you block all traffic to gayman companies?
try to. I just don't use software that connects to these services
> how do you know that there aren't hidden servers and certs installed in your systems redirecting traffic to them?
cause im not using windows
>you know this website uses cloudflared...
and? they at worst can attach my IP to every post I make, i just shitpost here so its fine
>what's a "proper" VPN?
Don't be obtuse.
VPN is generally useless enough but using one owned by Facebook? You get what you deserve.
LMAO. why would you trust ANY VPN at all? why would you think only a VPN owned by facebook is a risk?
And its not just VPN either, the notion of HTTPS also requires "trust" of the cert provider too. Without trust, its all plain text cause the cert provider can decrypt all data at will.
SSL and HTTPS are defective by design. The trust system based upon institutional/corporate "benign" act doesn't even pass the simple accidental case with the Facebook case.
Did you read my reply or just guess?
>generally useless
If your ISP logs every connection you make and you switch to a VPN that doesn't have those logs, you're ahead.
Doing shit like this would get your company dissolved instantly in a just world lmao.
I made this thread regarding this shit
, it literally got 0 replies
I made another a bait thread about Xitter:
, and it got 10 replies in half an hour
this board fricking sucks.
You posted troony site. Only relevant news is from Xitter. troonynews/troonycrunch/troonymodo aint news
ok, I get it, tech news aren't reliable sources of information on tech topics, but Xitter screenshots are. got it.
Untrustworthy commie shit site aint news
you ate the bait from some random website about some random study on random data. just admit it, you guys are moronic.
>noooo court cases are fake because i castrated myself
what are you on, moron? did you not get my point or something? am I talking to a bot?
you have no case. you posted bunch of troony sites, no one wants your troony shit
whatever bot, keep seething and screeching
Don’t care still using Facebook
Its not facebook. Its them using other VPN providers to snoop on all users
it's a VPN app by Onavo, some israeli company they bought.
AND other vpns that were not mentioned. The basic problem is the same across all. You cannot trust any VPN because certs used by VPN is basically key to the entire data you sent through them. Facebook used Onano themselves and bought it out for that reason, but also convinced other VPNs to also accept facebook certs for which they decrypted all traffic through those VPN
But if you're encrypting your traffic the VPN can just snoop on already encrypted traffic, isn't that how it works? Obviously the VPN provider sees anything you send them, but if it's ssh traffic for example they can't decrypt that without your keys. They can just see the unencrypted data like desination and stuff.
Which VPN providers did they collude with?
The one that they directly bought is the Onavo. But I dont think other VPN providers were named. Essentiallly you cannot trust any VPN or any HTTPS security. Its just faux trust.
do we have to have antisemitism on IQfy
I can't escape it on any board now
>do we have to have antisemitism on IQfy
Its adult behavior. We are al starting to grow up now.
The only hardcore antisemite I know IRL is my obese unemployed brother. Real adult-y.
The world is finally waking up. Sadly, Gaza was the last thing that people needed to see the truth in you
There will never be a place for you in this earth you filthy israelites
I'm sorry, but you need to realize sometimes some things are true despite the fact you're the one getting it.
We can't escape you israelite undermining societies you live in. Thats why we become antisemitic.
It was only applicable to users who had specifically signed up to be a part of a user label and had consented to installing the software on the understanding that it would monitor all their web traffic
It's a big nothingburger
>t.facebook lawyer
>and had consented
What does that even mean the age of clickwrap and EULAs that no consumer reads and realistically can't be expected to read all of them since it would take a year to do so?
I remember this. Your post will go almost totally ignored though.
While there's proper discussions about VPN being compromised at base level, there isn't discussion about any of Facebook's actual spyware actions using their Onavo. They bought the company, then installed rootkits which snooped on the phone system, collecting data on all current apps, all past removed apps, all data going from the Onavo app, etc.
Its gross violation of userprivacy
>NEVER TRUST VPN
That's right.
Use Tor, moron. Without VPN only.
Wait, but how they managed to install untrusted certificate into system? They used 0-day to get root?
>app requests xyz
>do you agree? YES INSTALL I WANT MY PRIVACY VPN!!!
LMAO
Nah, that would be too simple and boring.
Another variants?
"untrusted" according to whomst? All certs issued are based upon trust. Facebook used the vpn app they bought to install certs, they also convinced other vpn providers to accept and share the certs so it became "trustworthy"
Well, they can't just selfsign another certificate for already existing domain. It won't work. It will show the warning
>onavo
>headquarters: Israel
every single fricking time lmao. How consistently untrustworthy can one group of people be?
Facebook bought it out as a mule. They were using custom client to do so before buying out. Once bought, Facebook implemented the MITM from before on the Onavo server side for effective control.
The US is worse
> "kit"
> "root"
> Those words used together
iTODDLERS BTFO
Serial: 89053967AE880B31
Fingerprint: D5:A0:5E:45:11:10:26:36:69:5D:1E:58:B2:E4:F8:24:C7:0C:8B:95
Double check if your system has the gaybook cert or not. Its not just itodlers getting fricked, androids too.
this has been known for years though
https://www.wsj.com/articles/facebooks-onavo-gives-social-media-firm-inside-peek-at-rivals-users-1502622003
This is new details from the court records on how they did it
With israelites, you lose
Will you ever learn Black folk?