💾 Archived View for gemlog.blue › users › spyware › 1676927715.gmi captured on 2024-05-10 at 17:06:15. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2023-03-20)
-=-=-=-=-=-=-
==========
Snapchat, developed by Snap Inc is designed to be a free, and fun smartphone app to send messages as "Snaps" to your friends. It is popular among teenagers and millennials, however older people have started using the app too.
Snapchat is spyware because it identifies you with your IP, demands too many permissions and punishes the user for not allowing it certain permissions. Furthermore, it logs your GPS location constantly, makes you provide a phone number or email to use it after a set grace period, and you are forced to use the official client
Snapchat constantly logs your IP even if the app is closed and not running on the phone. Furthermore, it combines all these logged IP addresses to build a log on the person. This log can help identify what cities/countries the user has visited or are residing in. Furthermore, it can help pinpoint the users home without using the GPS. This feature is mandatory and there is no way you can disable it, however one might be able to use a VPN or the Tor network, although it has been reported that Snapchat is now blacklisting VPN networks and Tor exit nodes claiming that they "detected suspicious activity", forcing the user to reveal their real IP address.
For a simple social media app, Snapchat demands too many permissions. When I tested it on my spare Android phone, it wanted access to:
To top all of that off, Snapchat will punish the user for denying it too many permissions. When I was testing the app, it would lock me out of the app if I didn't give permission to access all my files. It also it would not let me record video if I didn't give it access to the microphone.
As well as keeping track of IP's, Snapchat logs locations taken from the phones GPS at random times. If that wasn't scary enough, Snapchat even sells this data to third party advertisers. Also, Snapchat has introduced SnapMap, a feature that shows where your friends are located. People have reported having their location broadcasted to all their friends even though they didn't accept any prompts. This is dangerous as this can broadcast your location to potential stalkers and the user doesn't even realize it.
If logging IPs and GPS Locations wasn't enough, Snapchat will now lock out accounts that haven't provided an email or phone number. Snapchat will let you use their app for a grace period before it locks you out and demands an email or phone number in order to get your account back. The length of this grace period is unknown.
If a user is fed up with the vast amount of information the official Snapchat client collects about you, they CANNOT change to the 3rd party client. Doing so is strictly prohibited. Snapchat has a service that is designed to catch users using 3rd party clients and permanently lock your account. This forces the user to use the official client which contains the spyware.
==========
==========
Instagram, developed by Facebook is designed to be a free smartphone app that allows users to post pictures and videos to a feed, much like any micro-blogging platform. It is popular among teenagers and millennials. In fact businesses are now getting into the Instagram scene and creating their own Instagram profiles.
Instagram is spyware because it identifies you with EXIF data, and demands direct access to excessive amounts of personal information that has nothing to do with the service it provides.
Whenever a user takes a picture on a modern smartphone, GPS Coordinates are stored in photos. This is setting that one can easily turn off. However, many users don't even realize their phone is doing so. Instagram takes advantage of that. It will scan through all of the user's photos and look for this EXIF Data. When it does, it logs the GPS Coordinates into a database. This database shows exactly where the user has been and what pictures they have taken. The only way to turn this off is to turn off EXIF tags on your camera (You should turn it off due to the numerous privacy issues that emerge from EXIF data).
Instagram is pretty demanding when it comes to permissions. When I tested the app on my spare Android Phone, it wanted access to:
Denying the app access to: the phone owners full name, contacts stored on the phone, the phones calendar, permission to send and receive SMS messages, and identifying device information resulted in annoying nags containing some excuse as to why they would like access to said permission.
However, if you deny it access to: All files on the phone and MicroSD card, phone camera, phone microphone, and phone vibrator motor, the app will punish the user by disabling various features in the app that will most likely operate just fine with that permission denied.
In order to sign up for the app, you must provide either a telephone number or an email address. You will not be allowed to create an account if you provide none of the above. This is obviously a method Instagram to uniquely identify you.
If you provided Instagram with a cellular telephone number and uninstalled the app, you will get constant nags to "see what's new on Instagram". Fortunately these nags will go away after about a month, and can be blocked by simply blocking the number.
Introduced in January 2018, Instagram sports a new spyware feature that broadcasts what you are doing in the app to anyone that DMs you in the app. But, it goes further, it reportedly also broadcasts what comments you read and what photos you like in the app. On microblogging platforms like Instagram, the majority of users like their actions to be private. A lot of users have complained about this feature and they stated that the feature is here to stay. Also, there is no way to disable this feature either.
In September 2017 users started reporting ads appearing on their Instagram feed that they spoke to another person about and never once looked it up online. While Instagram is known to use super cookies (cookies that can hop to different computers on a network and use certain techniques to avoid being deleted), this is next level. A person conducted a test where on a hike they randomly mentioned a projector. Before this hike they showed no interest in projectors. Then they gave Instagram about 15 hours and when the person checked their feed the next morning, there was an ad for a projector. Sadly, this is overwhelming proof that Instagram is indeed listening in. Of course, when questioned by various news outlets, Instagram said they never did this, despite their being overwhelming evidence that they are indeed tapping users microphones.
==========
==========
YouTube is an American video-sharing website headquartered in San Bruno, California. It is owned by Google.
Google’s business strategy with YouTube relies on tracking user’s device identifiers, location, search history, IP addresses and other personally identifying data to provide to advertisers. Google discloses in their YouTube privacy policy that it collects many types of personal information, including geolocation, unique device identifiers, mobile telephone numbers, and persistent identifiers used to recognize a user over time and across different websites or online services.
YouTube is integrated with Google’s suite of advertising technologies and services, including AdWords, DoubleClick, and Google Preferred. DoubleClick is “an advertising serving and tracking company that uses web cookies to track browsing behavior online by their IP address to deliver targeted ads. Other DoubleClick ad technologies used to target YouTube users include the Campaign Manager, which helps advertisers “identify, locate and understand your customers, wherever they are.”
You can find that Google operates tracking domains active on the YouTube page, “pubads.g.doubleclick.net” and “googleads.g.doubleclick.net” in addition to three cookies requested by *.youtube.com. YouTube serves a particular tracking cookie, “VISITOR_INFO1_LIVE” in order to continue monitoring users that have signed out of their account and to continue serving recommended videos related to that session. Of course, while you are logged in to any Google service, Google can track you with absolute precision.
The YouTube app for android additionally uses the Google Firebase Analytics tracker which provides methods for logging events and setting user properties. The full app report finds that the YouTube app employs three trackers and requires 33 permission, 14 of which are considered dangerous such as access to the user’s location and contacts.
For some time, a popular YouTube tracking sanitizer, Hooktube.com was a useful resource for accessing YouTube videos without being subjected to Google’s surveillance techniques in full. Hooktube was also useful for circumventing region blocking. However, Google, not to be stopped in their spying endeavors, served Hooktube’s operators with a cease and desist over their use of the YouTube API. Hooktube was effectively forced to use YouTube’s official embedded player if they wished to continue to operate, nullifying Hooktube as a viable means for privately viewing YouTube content.
It is also worth noting that, in order to function, YouTube requires visitors to run non-free JavaScript. As with any proprietary software, these programs can be doing just about anything with almost no way to determine exactly what.[10] For example, there has been some speculation as to whether YouTube’s compulsory JavaScript might be useful for YouTube to track your device’s unique MAC address.
All that said, it would be wise to avoiding using any of Google’s services. If you must access YouTube, we recommend doing so through one of the remaining sanitizers such as Invidious (https://invidious.io/).
==========