
Facebook Portal – Privacy review - MrsPeaches
https://foundation.mozilla.org/en/privacynotincluded/products/facebook-portal/
======
earino
This title is somewhat problematic. It makes it sound like the _portal_ has
"privacy not included" and yet that is the name of the blog. In fact, the
Portal meets the Mozilla Foundation's "Minimum Security Standards". It gets a
yes for encryption, security updates, strong password, manages vulnerabilities
and a privacy policy!

This is honestly kind of cruddy. You can feel however you want to feel about
Facebook, but this is misleading.

~~~
fossuser
Yeah I’ve seen this twice now for the portal (some CNET article saying people
shouldn’t buy it, but not actually reviewing the hardware).

It’s annoying because the portal hardware is actually really great. I got the
big one for my mom and I have the TV one and they work extremely well. I was
looking for something that did what the portal does on the consumer market
about a year before it came out and nothing existed.

This anti-Facebook stuff is mostly just politics and most of it isn’t
particularly in depth or accurate.

~~~
smt88
> _This anti-Facebook stuff is mostly just politics_

Some of it is politics, but some of it is Mark Zuckerberg repeatedly lying
through his teeth about failing to protect users' privacy. At a certain point,
it stops sounding accidental. At worst, it was malicious enough that they were
fined $5B for it (and should have been fined more).

If you're going to make the claim that Facebook is not as malicious as
everyone says, you're making the more extreme and difficult to believe claim,
and you should cite some sources. As it is, it just sounds like you're not
interested in reading about their abuses even superficially.

~~~
fossuser
I have to prove a negative?

Whenever there is a big FB story I try and figure out what actually happened.
This is often difficult because 95% of the media reporting on it is either
entirely wrong, intentionally misleading, or both.

For the recent Cambridge Analytica thing my take away was that a shady third
party (CA) violated FB’s TOS by exploiting a vulnerability in their API that
FB had sinced locked down. Cambridge Analytica used that to pull more data
from the social graph than they should have been allowed to (after a subset of
users participated in scammy quizzes) in order to do stupid things with that
data.

When I’ve read the rare detailed reporting from FB’s response [0] about how
they’re reacting to issues I’ve been impressed.

Zuckerberg’s comments to the public are also pretty detailed and nuanced -
atypically rare for a public facing CEO under massive persistent scrutiny.

This is consistent with what I’ve heard from my friends that work there.

[0]: [https://www.vanityfair.com/news/2019/02/men-are-scum-
inside-...](https://www.vanityfair.com/news/2019/02/men-are-scum-inside-
facebook-war-on-hate-speech)

~~~
mediumdeviation
The locking down of the API is done to prevent competition, while being
publicly framed as a privacy enhancing scheme.

> The Switcharoo Plan turned out to be an idea whereby Facebook executives
> would deprecate various APIs that its developer partners depended on for
> fear that those developers would one day compete with Facebook directly,
> while publicly announcing that the changes were intended to promote privacy.

[https://www.theverge.com/interface/2019/11/8/20953623/facebo...](https://www.theverge.com/interface/2019/11/8/20953623/facebook-
leaked-court-documents-nbc-paranoia-switcharoo)

Nothing Facebook says publicly should be trusted.

~~~
fossuser
It can be both - the Reuters link in that verge article is a little better:
[https://www.reuters.com/article/us-facebook-
antitrust/facebo...](https://www.reuters.com/article/us-facebook-
antitrust/facebook-executives-planned-switcharoo-on-data-policy-change-court-
filings-idUSKBN1XG1QP)

FB can be concerned about apps like Pikini that damage their brand and
concerned about other companies trying to leverage their data in order to
build a competitor.

This is a little hard to reason about fairly given the context that the
document leak was targeted to make FB look bad by lawyers that had an agenda
around a current anti-trust lawsuit from a client that used FB user data to
make a bikini photo finding app (not the most ethical bunch).

That said, I'd argue there's no reason FB should have to allow API access to a
company that directly conflicts with FB's interests, particularly when they're
trying to take FB's data to build a replacement (and it looks like it would
trigger some sort of contract discussion initially anyway). A lot of companies
remove third party API access for a number of reasons and this ability is
typically explicitly specified in the terms of the API access agreement.

Framing it around a privacy narrative to avoid media backlash around API
deprecation is trying to get a handle on PR - I prefer when companies are just
direct, but given the risk around bad media coverage I can see why they did
it.

This entire issue is somewhat distinct from what I was talking about in the
Cambridge Analytica case which I think was a bug in the social graph (they
were not supposed to be able to crawl as much of it as they could) and this
bug was fixed prior (I think years prior?) to the whistleblower from CA
releasing details. My understanding was that accessing the data, while
technically possible due to the bug, was still in violation of TOS.

------
dbtx
> Even the Muppets can’t make Facebook Portal seem less creepy (linked article
> at FastCompany) [1]

The Muppets pushing _anything_ is and already was obscene (Kermit sipping
Lipton meme, anyone?). Their first feature film, which is roughly as old as I
am, revolved around Kermit following his dream and specifically _not_ selling
out his own species by _making an advertisement_.

[1] [https://www.fastcompany.com/90409198/even-the-muppets-
cant-m...](https://www.fastcompany.com/90409198/even-the-muppets-cant-make-
facebook-portal-seem-less-creepy)

~~~
Zelphyr
Disney is definitely milking that acquisition for all its worth. Which is
understandable if you read the history of Disney. Licensing for Mikey Mouse
was a cash cow for them from the start. And if I'm being honest, I have to
admit that I generally enjoy Disney content. However, every time I turn around
now I'm seeing the Muppets shilling for some product or other. The Muppets are
Disney's to do with as they please. I just wish they'd be more discerning and
tasteful about who and what they license to. Pitching for anything coming out
of Facebook sours the Muppets brand in my opinion.

------
dpcan
I cannot even think of a single person in any of my networks of people who
would buy this and put it in their home. It has "hell no" written all over it.
It's almost arrogant or bizarre that they would try to launch such a product
given how people feel about Facebook and privacy.

I suppose it's simply to satisfy shareholders who think Facebook needs to
compete in this market????

It's the Zune of the Living-Room Assistant space in my opinion.

~~~
zhobbs
I'm considering purchasing one. In general, I value convenience and
personalization over privacy. I completely don't relate to the idea of
relevant ads being a bad thing.

Anyways, as someone who spends a lot of time panning a laptop or iPad to track
a toddler who is FaceTiming grandma, this device solves an important problem
for us.

~~~
monkeynotes
I think this is the truth of the world we live in. People want this stuff so
bad that they are willing to give away _a lot_ in exchange.

The other component is apathy, many people are just resigned to the fact that
they will be surveilled one way or another.

I can foresee huge implications for all of this, it doesn't take much to get
from here to using these devices to aid law enforcement. I know the argument
is 'if you have nothing to hide... it keeps the kids safe...' but it all
smells of a conformist dystopia.

Edit: I have a bunch of Google Homes, I count myself in the apathetic group,
sadly.

~~~
fossuser
I think there are also acceptable trade-offs.

The video is encrypted and content from the call cannot be used. If this was
not the case I wouldn't buy it.

The other things they say they'll use from it are in line with what I already
expect from having a FB account in the first place.

The portal even has a built in camera cover/off switch in hardware.

------
recursivecaveat
You know your brand is toxic when a generic/faceless version of your product
would have been received better. Someone else here mentioned that it should
have been "Instagram Portal", which I totally agree with, or maybe even
better: "WhatsApp Portal". It seems like Facebook is trying to resuscitate its
reputation by releasing this obviously invasive device and swearing on a stack
of bibles that they won't touch the data. That's not how it works though. Once
people realize you're an untrustworthy megacorp who's mining and selling data,
there's nothing you can do to disprove it except get out of the data game
altogether; the cat is already out of the bag.

~~~
YourMatt
I don't think a generic version would have ever caught my attention at all.
I'd think Instagram's jumped the shark if they branded it with that. Like,
that would just sound like a photo frame that only shows IG posts or
something; I'd roll my eyes and move on. I don't know anything about WhatsApp
other than people were hacked or something.

For non-tech folks, I think the Facebook brand great. They chat with friends
and family with Facebook messenger. This must be where they can make video
calls to those same people. You get it just by seeing the name and the product
together.

------
KaiserPro
The concept is great, a human-usable video conferencing system that doesn't
suck massive balls.

As for the privacy, that's more nuanced. In terms of thirdparty
access/security, its almost certainly more secure than the traditional
suppliers(I'm looking at your authentication cisco...)

The nitty gritty is data collection by the company it's self. Thats harder. If
your VC system uses android under the hood, then you have no privacy at all.
Your data is funnelled to google at a minimum, some app vendors, and the
company that made it.

Apple, its held in many secret silos in apple land, and not even apple knows
which team has what data.

Facebook, now, they need a hardware platform, and this is the first step to
getting there. If they were clever, they'd be prostrating themselves
demonstrating that they are reformed, that they are full of trust and junk.

But as they are still clinging to the "its not our job to police the myriad of
crap people advertise on our site", I don't think they understand. This kind
of pressure should force a change, as facebook are publicly traded.

The problem is that tech journalism isn't really journalism. Its
unquestionably adding breathless hot takes to PR, or if you've been burnt,
unfailingly shitting on every product made by said company.

------
FussyZeus
Saw an advertisement for this in a theater some months back. The wife and I
turned to each other and said "Hell no." She isn't even that security aware,
it's just... why. What is this for? What problem does this solve? Our iPhones
do this already without constant surveillance and probably have superior
hardware.

This feels much to me like Stadia did to Google: It's a company inserting
itself into a position it didn't need to be. It's a solution in search of a
problem. In the 90's this would've been pretty amazing, but in an era of
Smartphones that more or less all support this already with multiple apps, who
is this for? Why would you have it? Not even going into the privacy aspects,
it's basically a voice-controlled video phone.

~~~
toomuchtodo
This is for video conferencing users that are not tech literate. This is
something I would get for my grandmother, or my wife's grandmother, instead of
an iPhone for video conferencing. If it was not offered by Facebook.

I would trust Mozilla (perhaps partnered with the EFF) or Apple to offer such
a product if they would charge for quality hardware, reliable infra, and long
term support. Sell your trust as the feature.

~~~
FussyZeus
> This is for video conferencing users that are not tech literate.

So why does it increasingly feel like privacy and security are reserved for
those who can afford it and/or know how to do it themselves? Why is every poor
person who doesn't have the time to learn technology basically hung out to dry
in terms of data protection?

~~~
toomuchtodo
Because regulation is lagging. Call your congressperson (US-centric advice).

------
the-dude
We all know what product-market fit is.

Portal is an example of bad company-product fit.

~~~
wmf
A very interesting point. Nobody has any complaints about the Portal itself,
just the fact that it's from Facebook. If a different company had come out
with it... let's face it, that company would be swallowed by
Google/Amazon/Facebook/MS sooner or later.

------
ryanisnan
Honestly the UX of the privacy not included blog is pretty terrible. It is
seems as if the blog is simultaneously sarcastic, shaming, and endorsing all
at once. I would strongly suggest removing all of the unnecessary visual
formatting, adding iconography to indicate Mozilla's stance on a topic,
removing the personal tone from the articles, and overall restructuring the
information to communicate the important information more swiftly and clearly.

------
yalogin
I don’t get what this is supposed to convey. The post has nothing of
substance, takes a shot at Facebook but seems to immediately absolve it, more
so with a really shallow security and privacy requirements list. This speaks
more about Mozilla than Facebook. They can do a lot better in what ever it is
they are trying to do. At the very least explain what the post is intended to
do first.

~~~
TheRealPomax
You mean like in
[https://foundation.mozilla.org/en/privacynotincluded/about/w...](https://foundation.mozilla.org/en/privacynotincluded/about/why),
which you get to from "about the guide"?

------
qubex
This... _thing_ in your house is only one Privacy Terms & Conditions update
away from tailoring ads to scare you into voting for whichever political
candidate promises to not pursue Facebook with an AntiTrust lawsuit. If that
isn’t terrifying, I don’t know what is.

------
ekianjo
I wish Mozilla would stop criticizing everything that moves in the name of
virtue and instead focus on making great products.

~~~
SN76477
They are just following along with their mission statement.

[https://www.mozilla.org/en-US/about/](https://www.mozilla.org/en-US/about/)
Our mission: Keep the internet open and accessible to all.

~~~
warkdarrior
How does privacy fit into their mission of keeping the Internet open and
accessible? It is an orthogonal issue.

~~~
frenchyatwork
Because some users value privacy, and if you can't access the web without
interacting with Google or Facebook, then you have a problem.

------
wintorez
Even George Orwell couldn't imagine people would pay the Big Brother to watch
them.

------
vngzs
This could use a copyedit:

> The question comes down to, does Facebook have your best interests at heart
> when it collects all the data this device is capabal [sic] of collecting on
> you.

------
chris_wot
Despite the good review, there is no way in hell I would trust Facebook enough
to use this in my home.

------
povadova
All nerds, find now positive about Facebook's privacy violation and give me
minus

