How Facebook Intercepts Your Web Traffic

00:00

documents from The Meta class action

00:02

lawsuit have been made public that

00:05

detail how the company formerly known as

00:08

Facebook has been intercepting and

00:11

decrypting people's web traffic but

00:14

we're not talking about WhatsApp traffic

00:17

or messenger or any other traffic that's

00:20

encrypted by Facebook within an app that

00:22

they own no the traffic in question here

00:26

was going to platforms like Snapchat

00:29

YouTube and Amazon that have nothing to

00:33

do with Facebook that's right even if

00:36

you have never used any of Facebook's

00:40

Services ever they were still able to

00:44

collect data about you and they were

00:46

doing it in a very Sinister way because

00:50

whenever you visit YouTube Amazon or any

00:53

of these platforms your connection to

00:56

them is encrypted right now

01:00

these platforms that are doing the

01:02

encryption for you they are able to

01:04

track your activity within the platform

01:07

obviously and then they package up this

01:10

data and they sell it off because it's

01:12

worth a lot of money I mean that

01:14

analytical data about all these people

01:16

on these giant platforms is very

01:19

valuable and that's why those companies

01:22

have a vested interest in making sure

01:24

that nobody but them has access to it

01:27

and the ability to sell it or improve

01:30

their applications or anything like that

01:33

so in order for Facebook to get

01:36

meaningful information out of this

01:38

encrypted data they did an SSL manin

01:43

the-middle attack on those encrypted

01:46

connections so to understand how

01:48

Facebook was able to do this we have to

01:51

go back to

01:52

2013 when they acquired an Israeli based

01:56

VPN and mobile data analytics company

01:59

called

02:00

anovo before the acquisition this

02:03

company's app had won prizes for its

02:05

seamless data compression technology you

02:08

know back then mobile data was a lot

02:11

slower and it was a lot more expensive

02:13

so being able to compress your traffic

02:16

and manage the traffic of your apps you

02:19

know figure out what apps are using a

02:20

lot of your traffic in the background

02:22

and using up your band with could

02:25

literally save you hundreds of dollars

02:28

every year but once Facebook got their

02:31

hands on this app they basically turned

02:33

it into allout spyware so back in 2018

02:38

Facebook integrated an ad for anavo

02:42

directly into the Facebook IOS app

02:45

itself under the banner protect in the

02:49

navigation menu clicking through on this

02:53

protect Banner would redirect Facebook

02:55

users to the anavo protect VPN security

02:59

the apps listing inside of their

03:02

respective App Store the app would

03:05

promise to protect your web traffic with

03:07

encryption and even save you some

03:10

bandwidth by compressing your data just

03:12

like the original anavo app did but in

03:16

addition this app would backo door your

03:19

device and allow Facebook to spy on

03:23

traffic for any app that you were using

03:26

on your phone one of anavo product

03:30

managers under Facebook responded to

03:33

these claims these spying claims in 2018

03:37

by saying like other vpns it meaning

03:40

anavo acts as a secure connection to

03:43

protect people from potentially harmful

03:45

sites the app May collect your mobile

03:48

data traffic to help us recognize

03:51

tactics that bad actors use over time

03:54

this helps the tool work better for you

03:57

and others we let people know about this

04:00

activity in other ways that anavo uses

04:03

and analyzes Data before they download

04:07

the app ah yes we're just collecting

04:10

traffic because it's for your safety we

04:13

we're trying to protect you right where

04:15

have we heard that one before the real

04:18

motive behind this data collection was

04:20

to analyze how users engaged with

04:23

Facebook's competitors like Snapchat so

04:26

that they could integrate features like

04:29

stories into Instagram in order to

04:32

compete with them and see the direct

04:35

impact on engagement that this feature

04:37

had across more than 33 million devices

04:41

that had the anavo app installed on them

04:45

in real time or in the case of TBH an

04:49

anonymous teen compliance social media

04:52

app Facebook used their spyware to get

04:55

Insider knowledge on how the app was G

04:59

gaining popularity so that they could

05:01

quickly make an offer to acquire the app

05:04

before anyone else could or before the

05:07

app could get popular enough to become a

05:09

Facebook competitor itself this spyware

05:13

which Facebook internally called project

05:16

Ghostbuster in reference to Snapchat's

05:18

logo included a client side kit that

05:22

installed a root certificate for

05:25

Snapchat users and then later for

05:27

YouTube and Amazon users

05:30

on their mobile devices Facebook also

05:33

uploaded custom serers side code based

05:37

on squid to their anavo servers that

05:41

would create fake digital certificates

05:43

to impersonate Snapchat YouTube or

05:47

Amazon's analytics servers bump the SSL

05:51

encryption and then route the decrypted

05:54

traffic to Facebook's analytics servers

05:57

and then re-encrypt the traffic and

05:59

route it over to YouTube Amazon etc's

06:03

analytic servers as if nothing happened

06:06

internal emails from Facebook confirm

06:09

that they knew what they were doing was

06:12

malicious they literally used the words

06:15

man in the middle within the email the

06:17

only difference is they called it an

06:19

approach instead of an attack they even

06:21

discussed ways to further conceal the

06:25

spyware kit by getting thirdparty market

06:28

research companies to redistribute it

06:31

with their branding slapped on top of it

06:34

and that people using the spyware

06:37

wouldn't know that it was connecting

06:38

back to anavo AKA Facebook unless they

06:43

inspected the traffic of the app with a

06:45

tool like wire shark this activity is

06:49

blatantly illegal it goes beyond just

06:52

corporate Espionage I mean Facebook

06:54

spied on the traffic of millions of

06:57

Americans if any normal person was

07:00

guilty of doing this they'd be labeled

07:02

as cyber terrorists and they'd be locked

07:04

up for the rest of their life but with

07:06

Facebook they just ended up paying a

07:09

relatively small fee compared to the

07:12

company's value and they get to go on

07:15

free to come up with their next scheme

07:18

to harvest unsuspecting people's data

07:21

simply not using Facebook's products

07:23

clearly isn't enough to make sure that

07:26

your data isn't being collected by them

07:29

more Extreme Measures like blacklisting

07:31

all of Facebook's domains in your DNS

07:34

settings is going to be required in

07:36

order to make sure that thirdparty

07:38

applications that are bundled with

07:41

Facebook owned software are not

07:43

stripping the encryption from your

07:45

traffic sending it to Facebook servers

07:48

and then re-encrypting it and sending

07:50

the traffic to its destination as if

07:53

nothing happened and as people start

07:55

doing this to avoid being spied on by

07:58

Facebook it's going to be important for

08:01

application developers to make sure that

08:03

they aren't using any of Facebook's

08:06

technology that can be backdoored with

08:09

the spyware whenever they're developing

08:11

their apps this is getting harder to do

08:14

as the number of companies that are

08:16

under the Facebook umbrella continues to

08:19

grow but it's really the only way

08:21

forward because the US and pressure from

08:24

other foreign governments clearly isn't

08:27

enough to stop Facebook and the fact

08:29

fact that nobody at Facebook is being

08:31

held criminally liable for man in the-

08:35

middling everybody's internet

08:36

connections the kind of thing that if

08:39

some other foreign nation state were to

08:41

do it we might go to war with them uh

08:44

the fact that nothing's happening to

08:46

Facebook for doing this just goes to

08:48

show you how much they've bought off our

08:51

government