Cybersecurity researcher Felix Krause discovered that Facebook and Instagram apps inject 18 additional lines of code into their browsers, allowing them to track user activity on the web. For many experts, this technique is similar to the methods of hackers wishing to steal sensitive personal data.
We will no longer surprise anyone today by saying that Facebook, Instagram and finally all the social networks spy on their users and collect their personal data. Their business model is now understood by the majority of Internet users and, despite everything, accepted by most. What is less known, however, are the different techniques used by these web giants to learn as much as possible about you.
Thus, many cybersecurity experts continue to study social networks to determine how they harvest the mountains of data in their possession. This is particularly the case of Felix Krause, who recently made a particularly interesting discovery. According to him, Meta’s applications are capable of stalk you anywhere on the internet and know exactly what you are clicking on.
Related: Facebook Can Still Access Your Deleted Data If Law Enforcement Requests
Facebook and Instagram inject code into websites to track you
At first glance, nothing very new on the horizon. What Felix Krause explains, on the other hand, is that Facebook and Instagram are able to inject code directly into the sites visited to spy on users. To do this, they take advantage of their in-app browser, which opens when you click on a link instead of a traditional browser such as Chrome or Safari.
On the same subject — Meta: you don’t know what happens to your personal data? Neither does Facebook.
“The Instagram app injects its tracking code into every website viewed, including when an ad is clicked, allowing it to monitor all user interactions, such as every button and link tapped, text selections , screenshots, and any form input, such as passwords, addresses, and credit card numbers”explains Felix Krause,
In total, these are 18 lines of code which are thus added to the initial code of the sites visited. For its part, Meta defends itself by emphasizing that this method is not contrary to the conditions of use accepted by Internet users. “We intentionally developed this code to honor user choices [concernant la collecte de données] on our platforms »even said a spokesperson.
Source: The Guardian