cross-posted from: https://lemmy.ca/post/45333504
Tracking code that Meta and Russia-based Yandex embed into millions of websites is de-anonymizing visitors by abusing legitimate Internet protocols, causing Chrome and other browsers to surreptitiously send unique identifiers to native apps installed on a device, researchers have discovered. Google says it’s investigating the abuse, which allows Meta and Yandex to convert ephemeral web identifiers into persistent mobile app user identities.
The covert tracking—implemented in the Meta Pixel and Yandex Metrica trackers—allows Meta and Yandex to bypass core security and privacy protections provided by both the Android operating system and browsers that run on it. Android sandboxing, for instance, isolates processes to prevent them from interacting with the OS and any other app installed on the device, cutting off access to sensitive data or privileged system resources. Defenses such as state partitioning and storage partitioning, which are built into all major browsers, store site cookies and other data associated with a website in containers that are unique to every top-level website domain to ensure they’re off-limits for every other site.
Insane to me that there’s basically no privacy-respecting mobile options out there unless you have a Pixel and install Graphene. On desktop there’s like a million options for Linux distros depending on your degree of paranoia, but on mobile there’s basically only one option for one specific kind of phone. iPhone is a bit better than Android, but it’s still not their primary focus
Funny how google calls their actions abuse when they themselves track devices and what it. Possibly not in the same fashion but the same overall result
Well from their perspective, they own android so they get that access under ToS.
At what point is this behavior stalking?
Stalking is for passion not profit silly lemm
/s
It’s only stalking if you aren’t doing it at industrial scale.
