How Much Access Does Facebook App Have?

These are the permissions Facebook app has on Android devices:

Device & app history:

Retrieve running apps

Storage:

– read the contents of your USB storage
– modify or delete the contents of your USB storage

Location:

– approximate location (network-based)
– precise location (GPS and network-based)

Phone:

– write call log
– read phone status and identity
– read call log
– directly call phone numbers

Microphone:

– record audio

Identity:

– add or remove accounts
– read your own contact card
– find accounts on the device

Wi-Fi connection information

– view Wi-Fi connections

SMS:

– read your text messages (SMS or MMS)

Calendar:

– add or modify calendar events and send email to guests without owners’ knowledge
– read calendar events plus confidential information

Contacts:

– read your contacts
– modify your contacts
– find accounts on the device

Device ID & call information:

– read phone status and identity

Photos/Media/Files:

– read the contents of your USB storage
– modify or delete the contents of your USB storage

Camera:

– take pictures and videos

Other:

download files without notification
receive data from Internet
adjust your wallpaper size
control Near Field Communication
create accounts and set passwords

toggle sync on and off
view network connections
send sticky broadcast
change your audio settings
set wallpaper

reorder running apps
modify system settings
read sync settings
install shortcuts
prevent device from sleeping
connect and disconnect from Wi-Fi

pair with Bluetooth devices
run at startup
read battery statistics
full network access
control vibration

expand/collapse status bar
access Bluetooth settings
draw over other apps
read Google service configuration
change network connectivity

Facebook Saved Passwords in Regular Text File

Ars Technica:

Brian Krebs reports that hundreds of millions of Facebook users had their credentials logged in plain text by various applications written by Facebook employees. Those credentials were searched by about 2,000 Facebook engineers and developers more than 9 million times, according to a senior Facebook employee who spoke to Krebs; the employee asked to remain anonymous because they did not have permission to speak to the press on the matter.

In a blog post today, Facebook Vice President of Engineering, Security, and Privacy Pedro Canahuati wrote that the unencrypted passwords were found during “a routine security review in January” on Facebook’s internal network data storage. “This caught our attention because our login systems are designed to mask passwords using techniques that make them unreadable. We have fixed these issues and, as a precaution, we will be notifying everyone whose passwords we have found were stored in this way.”

Not surprised.

Facebook Announces Leadership Changes

The Verge:

Here’s the breakdown of the executive changes:

Chris Cox will depart Facebook, but hasn’t revealed plans for what’s next.

Chris Daniels will leave WhatsApp, and Facebook declined to provide any details on why or the circumstances.

Will Cathcart will go from running the main Facebook app to VP of WhatsApp

Fidji Simo who was the VP of Product for Facebook video, news, and advertising will take over Cathcart’s role running Facebook’s main app

Javier Olivan who was Facebook’s VP of growth will lead the task of identifying how to integrate Facebook’s products, including the plan to unify the backend of Facebook Messenger, WhatsApp, and Instagram direct to expand encryption and allow cross-app messaging that some see a shield against Facebook being broken up.

Instagram VP Adam Mosseri, Messenger’s VP Stan Chudnovsky, Simo, and Cathcart will now report directly to Zuckerberg, while Chief Marketing Officer Antonio Lucio reports to COO Sheryl Sandberg

Facebook Service are Down For a Lot of Users

The Verge:

Facebook and Instagram appear to be partially down for some users around the world today. While you can open both platforms and some services appear to have been restored, users are reporting issues with sending messages on Messenger, posting to the feed on all Facebook products, and accessing other features on Facebook.com, Instagram, and WhatsApp. Even Facebook-owned Oculus VR is experiencing issues related to the outage.

Earlier in the day, WhatsApp appeared to be fine for many people, but users in Paraguay, India, Bangladesh, Argentina, and more note that they begun experiencing issues with sending messages as the afternoon went on. DownDetector indicates that those in Brazil were experiencing the most severe outages.

Facebook is using Twitter to explain its outage.

Facebook Deletes Ads about Breaking up Facebook

The Verge:

The ads that were briefly taken down were replaced with text that read, “This ad was taken down because it goes against Facebook’s advertising policies.” The company has policies around using Facebook’s logo and name in advertisements, and a Facebook spokesperson told Politico these rules were why the ads were originally removed.

In a tweet, Warren responded to Facebook saying, “Curious why I think FB has too much power? Let’s start with their ability to shut down debate over whether FB has too much power. Thanks for restoring my posts. But I want a social media marketplace that isn’t dominated by a single censor.”

Right, because of the logo.

Facebook, Zuckerberg Consider Auto Deleting Messages

Mark Zuckerberg via Facebook:

I believe there’s an opportunity to set a new standard for private communication platforms — where content automatically expires or is archived over time. Stories already expire after 24 hours unless you archive them, and that gives people the comfort to share more naturally.

This philosophy could be extended to all private content.
For example, messages could be deleted after a month or a year by default. This would reduce the risk of your messages resurfacing and embarrassing you later. Of course you’d have the ability to change the timeframe or turn off auto-deletion for your threads if you wanted.

And we could also provide an option for you to set individual messages to expire after a few seconds or minutes if you wanted.

Should have been done 10 years ago.

Android apps send your data to Facebook

The Verge:

Major Android mobile apps from companies including Yelp and Duolingo send data that could be used to personally identify you for ad tracking straight to Facebook immediately upon logging in, according to a new report from the London-based UK charity and watchdog group Privacy International (PI).

This data transfer happens even if a user isn’t logged into Facebook on that device and even in the event the user doesn’t have an active Facebook account at all.

Amazing.

Mark Zuckerberg Shows Off Bizarre VR Experience

Alfred Ng writing for CNET

Zuckerberg showed off a few of the creative possibilities that come with the new Oculus platform, like being able to draw and play with your creations in the social experience.

The demonstration was Facebook’s first dive into creating a social platform for Oculus, using VR to connect with your friends and family. The social network is one of many major tech companies pushing virtual reality as the next big trend. The company entered the VR business through its $1 billion acquisition of Oculus in 2014.

Oculus is pushing for a more social environment on VR, with its Oculus Avatar feature, allowing users to create a digital version of themselves and interact with their friends from anywhere in the world.

“This is the first time that tech has made this level of social presence possible,” said Lauren Vegter, Oculus’ social product team leader.

She introduced Parties and Rooms, two new features that let people come together in a VR lounge, where they can watch videos, listen to music and hang out.

None of the things he showed seemed useful or better than the current way we do things (Playing chess, playing cards, taking selfies, and so on). It sounds more and more like Oculus Rift is a bust. It is more expensive than the Playstation VR and much less useful even though the tech behind it is better than the rest.

Playstation VR has a much better chance of succeeding since there are all those PS4s laying around and Sony has a history of making it’s own games.

The whole Oculus keynote demo was strangely awkward, and not something I’d expect out of Mark.