Hacker News

1591 readers

441 users here now

Posts from the RSS Feed of HackerNews.

The feed sometimes contains ads and posts that have been removed by the mod team at HN.

founded 8 months ago

MODERATORS

patrick@lemmy.bestiver.se

rssbot@lemmy.bestiver.se

Meta found 'covertly tracking' Android users through Instagram and Facebook (news.sky.com)

submitted 3 days ago by rssbot@lemmy.bestiver.se to c/hackernews@lemmy.bestiver.se

13 comments fedilink hide all child comments

Comments

you are viewing a single comment's thread
view the rest of the comments

[–] scott@lemmy.org 8 points 3 days ago (3 children)

How were they doing this, technically speaking? The article is devoid of practically anytechnical detail

[–] whats_a_lemmy@midwest.social 13 points 3 days ago* (last edited 3 days ago) (1 children)

Better link? https://arstechnica.com/security/2025/06/meta-and-yandex-are-de-anonymizing-android-users-web-browsing-identifiers/

Meta and Yandex achieve the bypass by abusing basic functionality built into modern mobile browsers that allows browser-to-native app communications. The functionality lets browsers send web requests to local Android ports to establish various services, including media connections through the RTC protocol, file sharing, and developer debugging.

While the technical underpinnings differ, both Meta Pixel and Yandex Metrica are performing a “weird protocol misuse” to gain unvetted access that Android provides to localhost ports on the 127.0.0.1 IP address. Browsers access these ports without user notification. Facebook, Instagram, and Yandex native apps silently listen on those ports, copy identifiers in real time, and link them to the user logged into the app.

[–] scott@lemmy.org 3 points 2 days ago

Yes, thank you.

load more comments (1 replies)