
Facebook security app used to 'spy' on competitors (2019) - lifeisstillgood
https://www.bbc.co.uk/news/technology-47281906
======
Pick-A-Hill2019
Should be marked as (2019) and while interesting, Onavo was shut down in Feb
2019 [1]

" Since the acquisition, Onavo was frequently classified as being spyware, as
the VPN was used to monetize application usage data collected within an
allegedly privacy-focused environment. In August 2018, Facebook pulled Onavo
Protect from the iOS App Store due to violations of Apple's policy forbidding
apps from collecting data on the usage of other apps. In February 2019, in
response to criticism over a Facebook market research program employing
similar techniques (including, in particular, being targeted towards teens),
Onavo announced that it would sunset the Android version of Protect as well. "

[1] [https://en.wikipedia.org/wiki/Onavo](https://en.wikipedia.org/wiki/Onavo)

~~~
Lammy
FB acquired Onavo in 2013, and the Onavo data was used to influence the
acquisitions of "rising star" competitor apps like WhatsApp (acquired in
2014).

e: not instagram

~~~
firloop
Instagram was acquired in 2012.

~~~
Lammy
Whoops, you are right. Sorry about that :)

------
llimos
It's an old article. From my point of view I'm interested in hearing the story
of the developers tasked to work on this kind of thing. Do they know what
they're building and do it anyway because their manager told them to? Or are
they kept in the dark and each build a small part so they can't tell what it's
going to be? Or does the company estimate which teams would be ok with
building something a little shifty and give it to them?

I'd be especially interested to hear any insider perspectives, from any
$bigcorp

~~~
Lammy
> Do they know what they're building and do it anyway because their manager
> told them to?

Apologies for steering your thread into charged political territory, but this
is one of the biggest reasons I think Zuck and other Valley CEO-types love the
H-1B system so much and constantly seek to expand the H-1B cap, e.g. Zuck's
"FWD.us" PAC:
[https://en.wikipedia.org/wiki/FWD.us](https://en.wikipedia.org/wiki/FWD.us)

Disagreeing with one's boss will always have a "filter" when it can mean
having to leave the country if tensions escalate into something employment-
ending. Why risk it when you can just write the code, collect your pay, and
get to live another day in the country you call home? I could never blame
someone for making that safe choice.

Disclaimer: this is not a criticism of any H-1B individuals, many of whom I am
lucky to count as my inspirations, peers, and friends :)

~~~
marcinzm
If you managed to get into Facebook is it a realistic fear that you can't find
another job willing to do a H1B transfer within 60 days?

~~~
switch11
yes, it is

Firstly, the whole 60 days thing is NONSENSE

Your status ends ASAP. The day your job is ended

Secondly, getting H1B transferred is not automatic. You have to get lawyers
and have to get it approved

Thirdly, now with so much talk of H1B being ended, and slow approvals, who
will take the chance

Fourthly, most H1B are India and China. Both countries' tech firms and
countries in general are being attacked by US Government as 'taking US jobs'
etc

So all those H1Bs are particularly worried

 __ __ __ __ __ __ __ __ __

 __ __ __ __ __

H1B is basically bonded labor

everyone fixates on - you are taking US jobs and bad mouths them

they are coming here (to the West) to get a good life for themselves

If they do anything that their employer doesn't like, they are screwed and
must go back to their home country and give up on their American Dream

 __ __

 __ __ __ __ __ __*

To give you an idea of how crazy it is, I got a 44% salary increase when
switching jobs (H1B to H1B)

That's life as an H1B. You are usually being paid 40% to 60% less than
comparable skilled Americans

 __ __ __ __ __ __ __ __

 __ __ __ __ __ __*

It is a system set up to HEAVILY FAVOR companies. That's why FB, Goog, Etc are
screaming about 'competitiveness' . What they really want is

underpaid, trapped, bonded labor who have no choice when it comes to where
they work

With extra long H1B and Green Card approval, they are getting 22 to 28 year
olds who will have to work for them for 10 to 14 years (if India or China)

What company wouldn't want such amazing terms for hiring people

~~~
marcinzm
>Firstly, the whole 60 days thing is NONSENSE >Your status ends ASAP. The day
your job is ended

The government literally published a rule in 2017 that literally includes a 60
day grace period. Not sure how much I should take your statements as factual
rather than emotionally tainted beyond recognition when you don't know (or
omit on purpose) something like that.

[https://www.federalregister.gov/documents/2016/11/18/2016-27...](https://www.federalregister.gov/documents/2016/11/18/2016-27540/retention-
of-eb-1-eb-2-and-eb-3-immigrant-workers-and-program-improvements-affecting-
high-skilled)

------
vijaybritto
I was joking to my friends that FB was offering a VPN only to spy on
connections to other companies so that they can acquire them after a certain
level. But its shocking to see that this actually happened

~~~
Lammy
They knew exactly what they were doing. Notice how Onavo Protect's (the VPN
product's name at the time) Google Play store listing didn't mention
"Facebook" at all, and you wouldn't have known there was any association
unless you searched for the 2013 announcement of FB's Onavo acquisition:
[https://i.imgur.com/iUrvBqx.jpg](https://i.imgur.com/iUrvBqx.jpg)

It was eventually changed to "Onavo Protect, from Facebook" a few years later:
[https://i.imgur.com/wSZwc8i.jpg](https://i.imgur.com/wSZwc8i.jpg)

Then they even later tried paying teenagers to be spied on and had Apple shut
down their enterprise app-provisioning certificate which was pretty amusing.

------
s09dfhks
pretty sure everyone knew this was coming. I could sense every hackernews'
eyeballs rolling in unison when facebook announced they were offering a VPN

~~~
Shared404
Off topic, but I love your phrasing.

------
Sz3k
I remember seeing (maybe hearing in their recent hearing?) this is how they
knew to buy WhatsApp. They saw how much traffic went through their VPN from
it.

Exactly why no privacy-focused individual should touch something Facebook made
under pretenses of privacy with a ten-foot pole.

------
lmilcin
Nothing about FB is surprising anymore. These are not accidents but signs of
systemic problem.

------
Magnets
Didn't google get caught doing this recently?

~~~
srtjstjsj
Can you be more specific before flinging vague accusations?

~~~
Magnets
[https://www.theverge.com/2020/7/24/21336946/google-
android-l...](https://www.theverge.com/2020/7/24/21336946/google-android-
lockbox-data-rival-apps-antitrust-scrutiny)

