Ah, good, so it was all an innocent miscommunication, certainly not Meta hoovering up whatever they thought they could get away with.
No, wait, claims of intent are falsifiable in discovery.
This needs to be higher level: “can website A connect to app B?”
It could be worded as something like "connect to applications running on your device". And yeah, users probably don't know what things that might be, but that is why it is a scary permission, and almost all websites don't need it, and if you really do need it, you should be able to explain to the user why you need to talk to a local process, and you probably also need the user to install specific software.
> This needs to be higher level: “can website A connect to app B?”
Unfortunately, on at least some OSes, this isn't really possible. You don't connect to an app, you connect to a port, and there isn't always a way to know what is on the other side. Especially if this is something on your local network, not localhost. You could ask about a specific host/port combination, but most users won't have any idea what that means.
Unfortunately I can't get rid of WhatsApp, but I hope it was immune to this.
I have a choice between Google brand Dahmer & Apple brand Dahmer, what do I do?
It's nice they're giving us annual reminders they're still scumbags.
* If I don't do it, someone else will.
* Don't be naive, everybody is doing it.
* Well, one has to support one's family.
* C'mon, we're not actually hurting anyone. Did opening this port actually hurt you?
And so on.
"Essentially, by opening localhost ports that allow their Android apps to receive tracking data, such as cookies and browser metadata, from scripts running in mobile browsers, Meta and Yandex are able to bypass common privacy safeguards like cookie clearing, Incognito Mode, and Android's app permission system."
completely bypassing all permission systems and using what is literally just a security vulnerability is definitely not a miscommunication of policies
By Facebook does it, and it's a "miscommunication." I have personally considered them a surveillance, and therefore spyware company, for years. I hope more people will realize it. Especially all people right here on HN who work for Facebook, and Google as well. Please realize what you're doing is wrong, and damaging, and that you should work somewhere else doing something less objectively harmful.
gnabgib•1d ago