Aside stopping the use of Facebook, which of course is the best solution but not doable for many, the AdNauseam (.io, browser extension) approach to pollute their tracking data might be inspirational.
The gist is: can't eliminate ad links? Then have an app "click" all of them randomly so that counters become irrelevant. So there is this link that identifies user X?, well then write an extension that distributes and "clicks" it around on say 1000 other machines in a p2p way so that it becomes meaningless.
I have no idea if it's doable in this FB context, but usually when links can't be anonymized, the next move is to make them produce irrelevant data by adding noise.
>the AdNauseam (.io, browser extension) approach to pollute their tracking data might be inspirational. The gist is: can't eliminate ad links? Then have an app "click" all of them randomly so that counters become irrelevant. So there is this link that identifies user X?, well then write an extension that distributes and "clicks" it around on say 1000 other machines in a p2p way so that it becomes meaningless.
Except if you look at the documentation for AdNauseam, their fake click technique seems trivially filterable. The fake clicks are made as XHR requests, so all you have to do is look at the appropriate headers to filter them out. At best the only adtech companies that are getting fooled by this are upstarts that haven't added fraud detection yet.
>Does the browser allow replacing e.g Sec-* headers on XHR requests?
Probably not, according to this snippet from MDN
> With this information a server can implement a resource isolation policy, allowing external sites to request only those resources that are intended for sharing, and that are used appropriately. This approach can help mitigate common cross-site web vulnerabilities such as CSRF, Cross-site Script Inclusion('XSSI'), timing attacks, and cross-origin information leaks.
For many years I was against AdNauseam, as by my reckoning it would be counterproductive and just end up hurting the the most privacy and freedom oriented voices, but now that Facebook is upping the stakes it's starting to seem like a reasonable countermeasure.
I guess this kind of efforts will be largely mitigated by the existing fraud detection systems. You'll probably need to devise much more sophisticated attacks to achieve such goal. And the attack should be also economical, which makes it a really challenging problem against FB-level targets.
Is it ethical to give a product away for free in order to profit off ever-increasing surveillance?
Would it be fair to proposal an ethical position of something like "if you won't offer your product in a way that uses my information ethically than I have the right to safeguard my information"? Yes, we could all refuse to use facebook, and only use an ethical (even possibly paid!) alternative, but in the race-to-the-bottom everyone-else-ruins-it-for-everyone-else real-world we live in, maybe there is a lot more gray area than you are proposing.
In my view the "ever-increasing" aspect of FB's usage of data is particularly relevant in this case. I deleted my account because I'm aware of it. It's not easy to make everyone else aware of it, or understand the full implications, though. And, of course, FB tracks even those of us who don't have accounts.
Is it ethical to consume without giving anything back?
Nobody is entitled to free services over the internet. If you aren't paying with money then expect to be paying with something else. The solution to invasive encroachment of personal data is GDPR-like regulation, not attacking the entities spending money to run servers and pay for development. If they are able to operate in a permissive environment that won't implement regulations then the blame rests with lazy regulators.
Let's translate the analogy back to the physical world. Imagine you go to the mall to meet friends and simply avert your eyes / otherwise ignore all the advertising displays scattered throughout. Is that unethical?
Just like Facebook, the mall is a privately owned public space that costs money to maintain. However, I don't feel like avoiding the ads is unethical at the mall, so what would make it unethical in the digital world?
But in Facebook's case, the "provide the service" of stalking you across the internet. Surely you wouldn't be so cruel as to attempt to avoid someone who is stalking you around the mall, taking notes on your favorite shops, etc etc, right?
I’m not sure that the analogy holds that Facebook is a public space. Many people (young people) do fine without Facebook, and you can totally live without Instagram either.
I personally manage without malls too. However, I think it's pretty difficult to argue that Facebook doesn't intend to be a digital public space.
Facebook's own mission statement is "to give people the power to build community and bring the world closer together". They provide free access to the site (and other services) in developing countries through their free basics program. The site is "free and always will be". The only thing they could do to make it more obvious is to change their slogan to "the front page of the Internet".
It's a free service but then it's also a membership driven service. It's un-indexed by Google and you have to register and login to see any information. A mall on the other hand you can just walk in, and you do not need to agree to any terms of service to walk in.
Malls have house rules, which you implicitly accept upon entering the mall and which are equivalent to terms and services (i.e. if you don't observe them, you may be removed from the premises).
First: they're just as entitled to deny service to anyone doing this kind of stuff (ad blocking or privacy-enhancing features) as anyone is to using it. The fact that they aren't means they're still gaining some value even with users doing this.
Second: I don't think these features actually do anything to prevent tracking anyway. It might take some effort to validate, but my assumption is that Facebook is capable of building the link unique to the user who shared, and even potentially specific to the recipient if their sharing via DM. In the second case, these will be unique enough to easily track the users who open them, specifically by tying the IP of the recipient when they browse, even with other privacy-blockers running. The only way around that would be VPN, presumably.
Granted, there's still some data tracking getting broken in these situations, as every link is being interacted with automatically by AdNauseum, but they could still track situations where links are interacted with multiple times, for example.
Companies sell things as loss leaders all the time. That doesn't mean you have to buy more stuff from them, and a proper Homo economicus will go buy the cheaper item from a competitor.
The solution is for Facebook to stop being bad - regulation is a method, but there's no reason for Facebook to not do so on its own. Its perfectly fine to go after bad actors separately from making better regulations
> Is it ethical to consume without giving anything back?
Consider this: you sign up for a while, then delete your account forever. Your data however is still there, invisible to users yet available to them, ready to be accessed at will and sold years after you moved away. Would that be ethical?
What if we already gave back for services we didn't use yet?
I do wish we could just pay modest fees for membership in sites like Facebook. But I doubt they'd be willing to try that approach... or that we'd be willing to support it (even for useful services that haven't burned their ethical reputation like Facebook has.) As a society, we really need to learn that our expectation of free services tends to create inferior services, many of which eventually succumb to perverse incentives.
On a related note, it was discouraging when Facebook used to say, "It's free, and always will be!" on it's login page. I read that statement as a threat.
You can't just say something is unethical, you need to provide a rationale for why people are ethically obligated to preserve a company's revenue stream in their usage of its product. I don't think a consumer owes Facebook any responsibility in terms of protecting its revenue.
> If you do not agree, just stop using the product. What’s so hard to understand?
I agree with you, and this is exactly what I’ve done. There are a number of businesses and clubs that are interesting to me, but they’re exclusively on Facebook so they’re out of reach for me.
I have my ethics. I’m also the biggest loser in this story. The businesses and orgs have enough other participation that losing me has made no material impact to them.
Now what? Should I continue to be a loser? Thats the choice I’ve made for the last year. I’m starting to wonder if it’s the right one.
Meanwhile, I have to burn effort on making sure FB cant track me all over the internet. So I have my ethics while they demonstrate they have none.
so you do indeed admit that facebook provides value to you and that sacrificing privacy is costing you more than what it provides you?
Otherwise, you wouldn't consider yourself a loser in this story.
I've completely weened myself off facebook for over 15 years, and it hasn't hurt me one bit. I don't consider myself a loser - any groups or product, or events being organized on facebook will not reach me, and if a friend tries, i actively ask them to email me an invite instead.
Over time, i've also converted several people over this stance too - but only after they've heard about the facebook problems such as the cambridge analytica scandal and others.
> If you do not agree, just stop using the product. What’s so hard to understand?
We are talking about Facebook here, the company that tracks unaware people as much as they can all over the internet, not just on their platform, and they created shadow profiles of people who never registered on their platform, which is something that is clearly against my terms of service, which they ignored. They never apologized or financially compensated me for that.
Nothing is hard to understand, I just don't agree with your argument.
Facebook does not offer the ability to pay for an ad-free version, so who knows whether people are going to pay. I imagine many would. That said, I am not a member of Facebook's board, I'm not an employee, I'm not even a stockholder. I don't see how it is my ethical obligation to support Facebook's revenue stream. Since the terms of service are not negotiated between myself and Facebook, but written by their lawyers and presented to me implicitly on a "take it or leave it" basis, I do not feel that I've opted into that agreement, nor any obligation to abide by it.
Note that while I'm talking in the first person I don't literally mean me, as I don't use Facebook as mentioned in other comments, but any hypothetical consumer who wants to block ads or otherwise undermine Facebook's ability to track them.
The ethical landscape shifts when you consider that Facebook is in a monopoly position of power over a major aspect of modern life and culture.
The user's decision is not about using or not using Facebook. It's a decision about whether they can participate with their social groups, or interact with certain businesses (who are also hostage to this monopoly), or help out their local charity organizers. In some regions, it's a decision about whether to gain access to the Internet at all.
Reducing the decision to a reading of the TOS, imposed by this monopoly power, ignores this glaring context, and fails to ask another important question: is the business model itself ethical?
And as others have pointed out, one need not even be a Facebook user to be subjected to their tracking, which is the tip of the iceberg in terms of their less than ethical behavior.
What's wrong with letting (or helping) an untenable business model externalising costs to society at large crash and burn?
I've neither created a Facebook account nor consented to their tracking (and other practices). Why is it unethical to defend against Facebooks attempt to track everyone and extract value from trying to steer my eyeballs to their superfluous (to me) so called content?
You said it's unethical, and when pressed for an explanation, you merely mentionned that breaking the terms of service make it unethical. Your viewpoint is facile and reduces ethics to a mere red light / green light view of the world.
Terms of service do not suddenly make everything outside them unethical. It can be that when you ponder the power dynamic, and the expectations, that breaking the terms of service is the only ethical choice.
This is the anti-piracy stance too. Information cannot be stolen like this, only duplicated. It isn't the same thing. I am not a Facebook user nor have I ever been. I have never agreed to allow Facebook to track me. I don't owe then my data just because a random blog decides to embed a tracker.
Facebook isn't your friendly neighborhood general store, they spread misinformation that is damaging to the structure of society. Damaging their business is good.
I would pay a subscription to use a privacy-protecting social media. If Facebook snapped its fingers and offered such a product I might even use theirs if it was popular.
If I have a website that has a terms of service that says anybody who visits my website must give me all their money are you obligated to give me all your money if you go to it?
Facebook is unethical, I never consented to the shadow profile I'm sure they keep on me. (since I'm an antisocial snob and have never used their offerings).
They have acquired a few products I have used (oculus for one) and that fact makes it even more irritating, as far as I'm concerned the sooner their business model is destroyed the better off the world will be.
Facebook intentionally abuses its captive audience. Reducing the profit they extract from this harm is fully justified. Their combined abuses (not just invasive tracking) should hurt their revenue stream enough to thoroughly reform or break them.
Unlike buying a product, like a banana, or using a service, like your barber, when you “use” facebook, YOU are the product. You are being sold to companies buying adds.
Facebook gave up heing the victim when they removed the optional bit. Once you force yourself into the social graph and 'become the village square' (their own words) then you are no longer entitled to anything.
> Aside stopping the use of Facebook, which of course is the best solution but not doable for many
But quite doable for a content provider like Ghacks. Users should be able to share links to web content in a way that does not create privacy risks, and this whole URI encryption business makes that quite a bit harder.
I haven't used Facebook in quite a while, but when I did I had a set of userscripts to defuse this tracking. It worked similarly to Google link stripping, by defusing the JavaScript that rewrote the link between the time you clicked it and when your browser opened it. Initially I built it because the free wireless internet in my apartment was unreliable and the redirects could be enough to prevent a page from opening. My method was pretty blunt - I removed element entities that held the target URL, and that broke the listener function. A later iteration would actually unset the listener event. This all worked because it seemed important to FB that you be able to see where the link would take you (e.g. by hovering). I wouldn't be surprised if Facebook's paternalism (and Google's for that matter, but I haven't seen it from them, though I mainly use DDG now) now led them to add this "protection" directly to links as they're served up. I can't tell from the article whether that's the case, and at this point I'm not going to log in to FB to figure it out.
I would love to stop using Facebook, Instagram or Whatsapp, but I would really need to criple my social life if I'd give up on any of these. And I'm not even a very active person, it's just that so many people I want to engage with have a huge chunk of their lives tied to one of these.
I can't understand the people saying there is a free market choice here, this can only be solved with simple regulation that targest large platforms.
If the SEC can use its judgement on what constitutes a security, than we can have a social media comission to oversee Facebook.
I think one thing this discounts is that you form loose connections and sometimes those loose connections become stronger later.
If you have a friend of a friend who you add on socials, and then you see their updates, and then you see them at a mutual party, despite not being well acquainted you are reasonably up to date with their lives. This can make the conversation flow better and you may form a meaningful connection.
You could try calling them or seeing them in person. If they refuse to interact with you unless it’s documented on Facebook are they really people worth interacting with?
Arguably for 1-on-1 relationships, but even then it would mean losing some not so close friends, that I still enjoy seeing once every 1-2 years.
But at times it's impossible in practice: my friends will create Whatsapp groups for instance to plan vacations/batchelor parties/random events, and I need to use that if I want any meaningful involvment in the event.
I've sometimes been passive and just showed up, but I'm losing a part of the shared experience.
I had this same problem so I made an app that allows me to use Instagram without using the Instagram app. It also blocks ads + suggest posts, removes all tracking, removes read receipts in DMs and when viewing stories, and also allows me to create custom feeds like Twitter lists.
Turns out a lot of people had this problem, so I made it into a company.
I don't want to blatantly advertise but let me know if you'd like me to link the website.
Has anyone checked if it is just a serialized+base64 encoded swift proto with the original URL?
There could be other reasons for this, but evading firefox rewriting links seems most likely - some gateways strip too-long query strings for example, but will leave the rest of the URL alone.
This doesn't look to me like unencrypted serialized data. Serialization would usually have some visible structure to it and possibly visible ASCII strings. Also notice that the lengths of both strings are aligned to 16 bytes — this might mean AES block encryption.
IMHO this was totally expected and is an argument for "browser neutrality" --- I believe a browser shouldn't be doing this or many other things by default.
Modifying URLs and filtering page content should be the responsibility of extensions and the like. I personally use a filtering proxy.
Since there's zero chance that websites and ad companies will stop their spying and manipulation (let's call it "webpage neutrality"), what you're proposing is unilateral disarmament. To require a lot of know-how and tech savvy to get privacy, while leaving the common user to the mercy of a hostile web.
This is like the argument that the Do Not Track flag was illegitimate if the browser defaulted it to 'on'. An argument that is never applied to tracking or the countless "by visiting this webpage you consent to.."
This is opt in, not enabled by default, and requires you to intentionally pick 'Strict' which has a warning as its first line of text that says some sites may break.
My understanding is that Firefox, and eventually all the other browsers, intend to do something like this by default. They are all working to prevent cross site tracking, linking your activity on one site to your activity on another. For example, Chrome has: "In parallel to that we will aggressively combat the current techniques for non-cookie based cross-site tracking, such as fingerprinting, cache inspection, link decoration, network tracking and Personally Identifying Information (PII) joins." -- https://www.chromium.org/Home/chromium-privacy/privacy-sandb...
If the author edits their post and the reader then follows the "View Edit History" URL, then the reader can see in the address bar the story_fbid= and the (author) id= URL parameters without the obfuscation.
If the reader follows the "People who reacted" URL, then the reader can see the story_fbid= and (author) id= paramaters, without obfuscation.
If the reader follows the "Comment" URL, then the reader can see the story_fbid= and (author) id= paramaters, without obfuscation.
If the reader follows the "React" URL, then the reader can see the story_fbid= and (author) id= paramters, without obfuscation.
Those are just four ways to discover the unobfuscated story_fbid number. There are probably others.
Tested with mbasic.facebook.com.
I have always stripped everything but the story_fbid and (author) id parameters when sharing URLs pointing to posts on Facebook. Anything else in the URL is unnecessary. On the desktop/laptop/RPi, this stripping can be automated using a localhost forward proxy.
Another issue that seems to fly under the radar with Facebook users is the prefixing and proxying of external URLs with https://lm.facebook.com/l.php?u=.
At this point a full-screen spyware warning with the only option to continue being a tiny "allow once/i know what I'm doing" would be appropriate. The lengths these companies go to to map your every move is beyond comprehension. And sure, there are bad actors and there always will be, but that they're the biggest companies in the world with a top notch reputation, in most circles, is absolutely insane.
I've had background projects working on Web privacy measures since the Junkbuster days in the 1990s.
Pretty much any practical measures I've thought of, I think of (usually obvious) ways they can be countered, and assume it's only a matter of when that measure is on the adversary's radar and worth their time.
Junkbuster --- now that's a name that takes me back! MITM proxies for filtering were far more common back then, but the "security" industry managed to scare most people out of using one, ironically causing them to only remain on corporate networks. I still use Proxomitron for this purpose.
I've always assumed that "shortened" shared links that things like the youtube app provides do something similar - no way to remove a tracking param when you have something like `https://youtu.be/KLEH8RJsYg`.
Could you explain how one would go about determining what you explained here? Is the "KLE..." part of the shortened URL just compressed somehow and you can decompress it? I guess I always assumed the browser just requested the shortened url and the black-box google server opaquely serves up the destination page, allowing it to do whatever with the (I assumed, incorrectly it would seem) unique string in the URL. Unique to the user sharing and video being shared, I mean.
The KLE portion you're referring to is the video ID. It's how the video is uniquely identified. It's not compressed or storing any tracking information about anyone when it's shared. You can see that in both URLs it's the exact same value.
And you, too, will please forgive me for being pedantic.
Check out line 540 of the link above (section 1.7):
Master (hidden service) identity key -- A master signing keypair
used as the identity for a hidden service. This key is long
term and not used on its own to sign anything; it is only used
to generate blinded signing keys as described in [KEYBLIND]
and [SUBCRED]. The public key is encoded in the ".onion"
address according to [NAMING].
You can then follow that to line 2292 (Appendix 2) which describes the aforementioned generation process. It's a bit too long to be pasted here, but it turns out to be elliptic curve multiplication and hashing. This is not encryption for any common definition thereof.
In fact, you generally do not use public keys to do encryption at all. What often happens is that you use a key exchange algorithm like Diffie-Hellman to derive a shared secret, which you then use to do bulk encryption using your favorite cipher (some asymmetric cryptosystems permit encryption, but they're much slower than symmetric ciphers, which also benefit from strong hardware acceleration).
You can also use keypairs for signing, key exchange (e.g., DH), key derivation (as used by Tor hidden services), and creating verifiable random functions. They definitely do not imply encryption.
So there's a gap between a key and data directly encrypted with that key. And I was willing to say it's close enough to lump it all as encryption. Let's arbitrarily say that's 15 units of separation.
You're pointing out this key is used differently, to generate the more direct keys. But I don't think that matters. I would say that using elliptic curves to transform one key into another while keeping the original key data secret is a good bit closer to the platonic ideal of encryption than 15 units. So that process shouldn't be a disqualifying factor.
Easily defeated by having a secondary server access the url, strip any remaining parameters, then returning the URL to the user. You will have to really trust your browser, however. A gambit I am willing to take. It is Facebook we are talking about, after all.
This brings up an interesting point. If you have a secondary server do this operation as opposed to the browser, the only thing that has changed from the receiver's point of view is the source IP.
So maybe privacy protecting browsers will start to do double loads:
1. First to get the real URL
2. Next to do the browsing with the association information stripped from the URL/cookies/etc
Nobody is gonna go through that effort though, and it’s not possible to translate the params back because only the server decrypts them. This seems like the tipping point where cat wins for all but like 5 people.
I’m actually kinda surprised this hasn’t happened earlier.
I used to go through the effort of manually stripping tracking params out of my URLs until the browsers integrated it.
I will go through this effort until browsers integrate it, or until there is a secondary service that's easily runnable. This would just be pi-hole but for the internet instead of your local network.
They will not be able to reliably tell their users if the end user landed on the page, and most importantly, specific users. They will only be able to guess. Today, the tracking mechanism works in tandem with the facebook pixels or tracking scripts on the receiving end to give full E2E campaign clarity. This will break that, or at least introduce heavy uncertainty that will definitely impact their revenue model.
Then the game of cat and mouse will continue in this fashion: facebook will generate unique URLs for each user (if they aren't planning to do so already)
Depends on how many URLs on are on the page; if there are 20 (encrypted) urls, and the browser touches each of them, but the user only follows one of them, the data FB gets is much less useful.
Regrettably, I have family members with whom I really must stay in touch, but who think that FB is the internet. No matter what I've said, what I've shown them, and what I've encouraged them to do, there is nothing to replace it.
They can post photos, statuses, chat with friends, reply to other friends' posts ... what can replace FB for them?
Yeah, that's fair. There's a cost. I've deleted it a couple years ago. I miss out on some stuff for sure. I have an iMessage group chat with my family as a replacement, but of course not the extended family and certainly not the more distant friends.
It’s whatsapp for me. Can’t get away from it. I tried for 3 years. I ended up basically unintentionally ostracized by family and friends.
It’s a chore for people to forward to my preferred communication method and easy to occasionally forget. Which snowballs into only hearing about events afterwards.
Eventually you basically become a weirdo with no mates.
I’m not prepared to make that sacrifice any more. I honestly gave it my best shot and still don’t use FB and Insta but have to use WhatsApp.
So did I. But things have changed, and some of those people with whom I remained in contact now use FB to the near exclusion of everything else.
These people are family in their 90s, for whom well-meaning children and grand-children have set up on FB. They don't use email, they can't write letters because of arthritis (and time delays ... international post can be very slow), and effectively the only async comms they use at all is FB.
I'd ask that you not try to tell me what I really mean.
I had the same situation with far away old people (grandmas in Venezuela, on in France, me living in Africa or Asia), some had problem with sight, earing, etc.
They didn't have internet.
We managed to get in touch.
> I'd ask that you not try to tell me what I really mean.
Manner of speaking.
The important is again that it is a matter of cost vs convenience.
I understand the cost can get pretty high.
Yet still, people kept in touch for decades with old distant relatives before the internet.
Using facebook is convenience, that's the point. It is very convenient.
It's the whole argument of this thread: the convenience eventually makes most people discard the cost of not using FB as too high, and the privacy things as not important enough compared to that.
Yeah, for your mother definitely makes sense to already have more than one weekly phone call, but I was thinking about other family members.
Reading your post, it seems Facebook is a bit of a recreational activity to keep them sharp and social, which is good. What I was thinking is whether you need to participate in it, since the people this age I know is more than willing to keeping me up to date on all interesting stuff by talking. But of course each family is different so I'll just assume you know what you're doing!
I'm over 60 and I hate talking to people on the phone. My mother likes it, and that's why I call her three times a week. But most of my aunts and uncles prefer to show their photos on FB and talk about what they're doing there. I call them for birthdays and special anniversaries, and having kept up-to-speed via FB means I can talk about things that really matter, or get clarification on things that weren't obvious.
But they like using FB, and it's the only effective way I know to stay in touch and remain a part of their lives.
> What you realy mean is that you value more the convenience it offers that the price to pay for using it.
People should be more charitable.
They said that they must stay in touch with these people and that these people can’t seem to use other things. Often times you have to stay in contact with family members because they aren’t able to properly care for themselves. Those same people may not have the ability to easily change how they interact with the digital world due to mental health issues and you have no choice but to meet them where they are.
I think this is largely a straw man, or taking an extreme case as representative.
I have friends that are not on Facebook. It requires more effort to stay in touch with them (for example, calling them on the phone) but it's doable. I don't see how a thing that was invented 10 years ago is now the sole method of communication with loved ones.
That said, I agree it's not without cost to delete Facebook.
My family replaced FB with WhatsApp. So have most of my friends (although with friends it's mostly Signal).
Sure, it's a completely different kind of platform, but it serves well. People post their travel pictures there, people ask random stuff and the group can discuss, we can have private discussions by clicking one name.
Sure, it's still Meta, and there's still a lot of bullshit groups, but at least I don't have to be exposed by it, nor do baby/kid pictures are exposed to the world, nor do I give money to Meta.
Of course, maybe by "Facebook" you mean "Messenger", which is more popular than it should in the US. Replacing FB with WhatsApp or Signal is possible because my family and friends are around Latin America, Europe and Asia, where nobody uses Messenger anyways.
So they don't understand email, phones or text messaging where people have been doing what they're doing now for years? I have some family that are like your, I shutdown my Facebook profile, and now I just call them on the phone now and we actually communicate more frequently and have better conversations.
Your last two sentences don't pass the smell test.
There's even graceful degradation in your set of solutions:
1. You drop FB. Now you just look on your spouse's Facebook when necessary, and your family learns to tell your spouse to show you stuff on FB. Annoying? Yes. Unworkable? No.
2. Your entire immediate family drops Facebook. At least one (if not all of you) can still communicate with the rest over text. And the rest of your family knows how to send a photo over text on an Iphone. Annoying to extended fam? Maybe. Unworkable? Definitely not. (In fact, I'd be willing to bet that it cuts out extended family spam and makes those moments of connection more meaningful.)
3. You attempt a quixotic adventure to switching your entire extended family over to some half-baked decentralized alternative to Facebook that will be usable in forever minus a day. Impossible? Yes. So choose #1 or #2 above.
I have 10 to 15 family members in their 80s and 90s who use FB. A group has been set up for them, and they post photos and comments, and they chat with each other using Messenger. These are people who don't know of and honestly don't care about the difference between the internet and the web, and to them, "The Internet" simply is Facebook.
Using the tech is already hard for them. Some are partially sighted, some have mobility issues, some have arthritis, all can easily use FB to stay in touch.
And they don't use anything else.
It's just not an option to try to get them to change, it really isn't. Please, please do me the courtesy of accepting that I've done the analysis. Many times. It's simply not a reasonable objective.
And no, I won't squat on someone else's FB account so I can stay in touch.
I'm going to be blunt, and I'm neither going to apologise for it, nor ask your forgiveness or understanding.
Do you really think I haven't considered all these points? Do you really think I haven't considered alternatives? I have, and I have, and my conclusion is that I (a) want to stay in touch with these people, and (b) have no effective alternative.
These are people I care about, who care about me, and who are, today, using FB almost to the exclusion of anything else because they find it convenient and have given up nearly everything else. Despite many attempts they are unwilling or unable to use email as effectively as they use FB, and proliferating platforms would do them no favours at all.
You, and several others in this discussion, are using what you believe to be ironclad reasoning to replace any sense of understanding, sympathy, or empathy.
Out of curiosity, did you consider good old paper mail? That is what I switched to with my relatives, we just exchange letters once or twice a month. Sharing photos is easy, just put it into the envelope. Seems to work fine even with my grandparents (they seems to prefer it honestly, feels more personal they say).
I'm honestly curious if you considered this and why did you rule it out?
That would help with single-point-contact, but it doesn't help with "The Group". It would also be a problem with several of them who struggle to write physically because of arthritis and poor eyesight, but who have learned to use the FB app or the web interface on a laptop/desktop where the tech can help.
But they (most of them) don't know how to use email, despite my trying to coach and coax them through it multiple times. Their children or niblings have set them up on FB, taught them how to use it, and it's the only thing they use.
I do send a monthly letter to my mother's 97 year-old sister -- my aunt -- because she doesn't use a computer at all, and doesn't even use SMS. But she can't write back to me, so I rely on getting news from her via the phone calls I have with my mother.
Part of the problem is that these relatives (and pseudo-relatives, very close friends of my parents who were like aunts and uncles) have an relatively (pardon the pun) active group, posting photos and statuses (individually rarely, but as a group there's a post a day on average) which keeps the group connected and active. And they want to know what I'm doing.
The many-to-many aspect of FB really makes it a winner, along with the ease of posting, reading, and staying in touch with the group as a whole. As a platform for capabilities it's genuinely fantastic. It's the underlying cesspit of scumminess that's the problem.
> These are people I care about, who care about me, and who are, today, using FB almost to the exclusion of anything else because they find it convenient and have given up nearly everything else.
Just to be clear-- they send and receive rich content over the FB app (taking and forwarding pictures and/or video, etc.), but they don't know how to send/receive that content through text messages?
Not trying to be unsympathetic-- it's just that every non-technical user of a smartphone I've ever seen degrades to text messages.
Using FB to post photos is really, really easy. Sending photos via SMS costs money under the plans they use.
And you're asking people in their 90s to become familiar with more than one interface when they struggle to understand that "internet" is not "the web", and "the web" is not "Facebook", and worse, they think FB is everything.
And for them, it is. It's the only interface they use.
I think there’s something to be said about being uncompromising and unwilling to accommodate others. It shows some amount of conviction which is admirable but conversely I think, accommodating others shows empathy and care for them.
I think the argument that this filters out those who do not care could also illustrate that they them self also do not care (not that loosing friends to mutual apathy is a terrible thing ultimately).
I agree with you. For most people 'just don't use it' simply is not an option. We just have to hope Mark Zuckerberg gets removed or the proper regulation gets introduced to make the platform better
It's not a lack of empathy or understanding it's that those of us who faced the dilemma you seem stuck on found the people who care and we care about still found ways to communicate after we left Facebook. Calls and texts are sufficient. I'm sorry you feel that trapped though. Something seems off in your replies. And ultimately nobody here has said anything that you have to listen to but you seem pretty defensive.
Helps the site (and is less irritating personally) to just flag the thread-invariant toplevel trope comments. 'stop using facebook' on anything fb-related is just that kind of comment.
Sorry, I should have said We've found calls and texts sufficient. My point is people seemed to be giving you anecdotes about how they personally got away and you are taking it as "DO THIS" You are free to keep up on Facebook. We're not shaming you or at least I'm not reading the comments that way. My point is - if you really want off Facebook, you can do it.
There was a time my entire network was on Facebook. I decided I didn’t want to be anymore. I reached out to everyone who was important to me off Facebook. Within 12 months, I knew who I was actually important to too. Sure, some of them I now only speak to once or twice a year, compared to comments regularly on posts, but the interactions are much deeper and more meaningful than that superficial FB interactions.
It wasn’t easy. It was worth it. This isn’t for everyone, and depends in your own stage in life. Be safe, be strong, be happy.
This is an incredibly condescending and dismissive reply to someone expressing vulnerability. I ask you to consider simply scrolling past and/or closing the tab if your reaction to someone expressing vulnerability includes the words “I’m sorry you feel […]” or “[…] you seem pretty defensive”.
Is the inverse not true? If you interpret your family member's refusal to migrate from Messenger to Signal as them not caring about you, what does that say of your refusal to use Messenger for them?
I continued communicating with those I cared about via standardized technologies. Those who communicated back in kind I still keep up with. Those for whom this was a bridge too far, are no longer in my life. Maybe they weren't ever really important to me, which made it easy for me to drop them? Or maybe they were, but I was never important to them? It doesn't really matter; they're not in my life anymore, and I'm okay with that.
Exactly. At some point I've had a conversation with most of the people who have filtered out of my life over this. I explained the reasons why I feel that Mark Zuckerberg is a sociopathic scumbag and his company is a cancer upon humanity, with the consequence that I won't knowingly use any product made by any company he owns or controls. For those who've filtered out of my life, their response was mostly along the lines of, "You said words, but I wasn't paying attention. I think Facebook is fun."
For most of the non-techie people in my life, I just communicate via common open protocols like SMS and email, things everyone can use easily. I do encourage people to try Matrix or Signal, but I certainly don't require those to communicate with me.
Oh man. I used to be up to around 2014 the last asshole keeping a specific group in Facebook Messenger. It wasn't much of a problem for them because my friends were using FB for other stuff anyways, but they wanted to move to WhatsApp (now they're on Signal), an app I didn't really used.
What it took for me to bite the bullet and accept changing platforms was all of them agreeing on moving, and then one of them making a hard stance.
Sorry that wasn't much of an answer, but I guess my point is that you (EDIT: royal you, not talking to you directly) gotta find sympathetic people before you declare war on the ones that don't wanna change.
I feel like various people are misunderstanding what I've written, so I'll try to clarify here.
> before you declare war on the ones that don't wanna change
I never "declared war" on anyone. I guess it's a lot easier having never used Facebook or Facebook products. I had a bad feeling about them from the very beginning and I've only ever felt more right in that feeling.
What would usually happen was, I'd meet someone new at some event, or maybe I'd be talking to a relative at a family gathering, and they'd say something like, "What's your Facebook? I'd like to add you to GroupX," and I'd reply that I didn't use Facebook. Then they'd follow up with, "You should join, it's <blah blah blah>," to which I'd politely explain why I won't ever join Facebook. And then one of two things would happen. Either they'd understand, and we'd exchange phone numbers or email addresses, or their eyes would glaze over and they'd find some excuse to walk away.
For the latter group, obviously we didn't interact online. For the former group, I'd text or email, and maybe they'd respond, and we'd have what I consider to be a normal relationship, or maybe they'd rarely or never respond, and we'd have no relationship. But in either case, I wasn't haranguing people not to use Facebook; I just wasn't using it. If not using Facebook meant I didn't have a relationship with someone, I was okay with that.
Sorry, I didn't really assume you did anything, I was just speaking in general terms from my own experience being in the other side and was citing my friend's strategy.
I should have been clearer about that in my message, as I hate when people do that out of nowhere to me. Sorry.
> ... SMS and email, things everyone can use easily.
I beg to differ. I have direct personal experience of a number of people who find FB far, far easier to use than SMS or email. These are close family members in their 90s who don't know how to use email[0], and struggle to use SMSs because of sight problems and physical problems such as arthritis.
I pleased for you that you've been able to avoid people who use FB. I wish you'd grant me the courtesy of accepting that other people have a different experience from yours. I agree with you entirely that MZ is a sociopathic scumbag, but I am unwilling to lose contact with close family members, even though they literally use no communications method other than FB.
[0] Despite using FB they don't use email, because FB was set up for them by others, and they don't even know how to send or receive emails.
I've been railroaded into using Facebook 2 or 3 times by friends, family and even my SO, and my experience each and every time was a soulless one like yours. It was just a non-stop stream of people and their friends reposting shallow things they found on the Internet, inspirational quotes, and political garbage. And if people did comment, they were just brief quips - probably just enough effort to try to manipulate others to like+comment back on their own content.
Email and phone's all I need. If people can't put in the effort to remember or catch up with me, even if it's just every few months, then they're not my friend.
There are a lot of people on this thread complaining about the privacy implications of Facebook and how Mark Zuckerberg is evil. While I don't disagree with those sentiments, it's not really why I avoid Facebook. I still use a lot of things that have similar problems like Google or Reddit.
One of the most sinister things about Facebook to me is that it creates the illusion that you are close with friends or relatives when you're really mostly watching a superficial view of peoples' lives in a passive, voyeuristic way. Comments and likes make you feel connected, but they are not meaningful interaction.
When I first deleted my account and stopped using Facebook, I felt initially a lot lonelier. But was I? After more time went by, I became convinced it was all too superficial.
Interestingly, who I spent time with shifted toward other people who were either not on Facebook at all or were very unengaged with it personally (for example, one friend only uses it to promote his business).
My only partial regret with any of this is that the pandemic really scrambled this. Almost all of my friends were purely people I saw in person, with no online component to our friendship. That all got paused in 2020, and has been very hard to get back to the same level since.
> I've been railroaded into using Facebook 2 or 3 times by friends, family and even my SO
Just out of curiosity, as long as you don't mind: what was the reason (or which feature, actually) they asked you to use Facebook in those cases? I haven't needed it in 5 or 6 years and nobody I know really uses it (or nobody admits), but that might be due to my location (Germany), so I'm a bit curious what's it still good for!
The first time I used it, it was family members wanting to connect with me, and the old "everyone uses it!" argument (the same one applied to MySpace back in the day). So I made an account, commented on stuff, posted pics of my cat, but ended up deleting my account after a few months because nobody was really "connecting" with each other, plus I found friends-of-friends' posts boring.
Second time was from some new friends I had made, who argued that exchanging phone numbers and emails were old-fashioned and awkward when meeting new people, and that it was essential to have Facebook since it's easier to just say "you can just look for me on Facebook; you'll know it's me since I have XYZ in my profile pic". I saw some validity to the argument, since recently I had met and got along with a couple cute girls on a train ride, but regretted not exchanging contact details with the two of them because asking for numbers/emails felt like a slight overreach. Though if I had a FB account at the time, I thought it'd have made sense if I could've just been able to casually say something like "look up John Smith on FB if you wanna hang out sometime. See ya!".
Third time was my then-SO. She posted on Facebook a LOT, and had many hundreds of followers. She begged me to make an account for months, so I could bask in all the content she posted.
Anyway, your experience with people not using Facebook sounds on-par. Facebook is increasingly considered a "boomer" technology, especially by the younger generations. Many younger folk these days tend to keep in touch via small Discord groups, or whatever dopamine-drip privacy-nightmare app of the week is.
Interestingly I also met some cute girls and a friendly guy in a train recently and they tried to exchange Instagram handles with me. I just asked for WhatsApp and we created a little group (but then again, Germany).
I guess a SO being there would actually make me use it. I did have a Twitch account for a while because of someone I dated....... (Curiously I haven't admitted this even to my therapist, lol). On the other hand, it's Facebook so I'd probably troll them and ask for printouts of the posts.
About the boomer thing, interestingly I never really had close family using it. But everyone under 25 I know denies having it like it's some kinda plague. The ones over 25 claim they forgot their password.
Absolutely. If your relationships is dependent on a single medium of communication, and you cannot migrate it to another one, that's a weak relationship or it's only local to the medium (some people are Twitter friends, and that's fine).
I've seen that comment too. It's unclear to me why you can't just have 1:1 relationships with these relatives by calling them on the phone or visiting in person regularly. You seem locked into the concept of only being able to interact with them using this specific group chat type format.
Calling them on the phone doesn't let them share their photos with me. I can't see the new plant in their retirement village, or see the painting they just did, or check out how they've personalised their room.
Visiting in person would require a 70 to 80 hour round trip. And once in the same country, getting to see all of them is also a further multi-day journey.
I've worked on this, I've thought about it, I've considered all the alternatives I can find, and I've come to the conclusion that the only effective way to stay in touch with my relatives is to use FB. Really, I've thought about it. A lot. Really. I have.
You've read my comments, and if I haven't explained well enough for you to understand now then I guess I'm just not able to make myself understood, so I'll give up.
I think for him Facebook is a necessary evil to keep in touch with some elderly family members who are stuck on it. So that's fine. It doesn't really undermine the point that for most people the ideal solution is to not use Facebook.
This is a pretty bananas take that conflates people caring with their technology-related behavior.
Most people don't have problems with Facebook. It's useful for them, and they don't consider the bigger picture because they're not in tech and they have more important things taking up their attention.
Now you swoop in and say "Facebook is evil, and if you don't get off of it, I'll cut you out of my life!" In that scenario, you're the one who doesn't care about the relationship, not them - you're the one that won't get off your high horse. You could make a minimalistic FB profile that has no information and use it to exchange messages and reply to event invitations. But instead you demand that they change their behaviors in order to support your moral imperative. That's your prerogative, but it is ridiculous to think your relationship is pretend as a result.
Also, to be clear, you're the only one here talking about a relationship that consists of a few likes on Facebook. Everyone else is talking about a broader set of interactions, like using Messenger to chat and sharing photos with each other.
privileged solution. In many countries Facebook is the de facto communication infrastructure. They own four of the five largest communication platforms in the world.
The ideal solution is to hit them with the hammer until morale improves. Regulators need to wake up and just start fining them absurd amounts of money and keep it vague until Facebook et al. are scared enough to comply and then some.
Facebook is facebook.com, that's what the article is about. I don't know what other communication platforms aside from WhatsApp you're referring to, but they aren't relevant to the discussion.
If you think it's necessary to caveat that if you rely on facebook.com as your "communication infrastructure" (not that many countries would fit that bill) then you shouldn't delete it, I'm happy to do so.
messenger, whatsapp and instagram. And of course they're relevant because if Facebook employs these tactics on one site there's no reason to believe they won't do equivalent things anywhere else. They own the largest competitors to their own products, obviously that's relevant because it shows how strong their grip is and that there's no genuine alternatives.
"delete it" isn't a solution at all. You may as well say "turn the electricity off". People deserve privacy when services are provided to them by private companies, that's not a bonus, it ought to be a fundamental right. It's not the job of individuals to take on trillion dollar multinationals.
That's like saying 'stop being poor.' I'm not personally invested in FB, but people with large extended families, businesses, political campaigns etc. don't have the option of just ignoring it.
Every HN thread about social media has one sub-thread like this, and it never produces anything of value because the premise is trite.
God I wonder what people with large extended families did before Facebook was invented! Surely they were all isolated and out of touch, how sad.
This comment was not directed at people running Facebook business accounts or political campaigns. The reason this thread produces nothing of value is because of pedantic comments such as yours bringing up irrelevant edge cases.
Large extended families used the best option they had before Facebook. Now they have Facebook, they use Facebook, because it's the best, most useful option for the vast majority of them. This thread is full of people saying that if people aren't willing to switch to other platforms for you then you should cut them out of your life. This might be fine for some acquaintances or even friends, but no normal person is going to cut their close family out of their life because they didn't switch to Signal. Nor does this even begin to take into account people who live in countries where Facebook or WhatsApp are the internet to the average person. Making an individualistic moral stand is nice and all, but to the majority it isn't a realistic solution, Facebook is too in-baked to society and how it functions. Thus the solution needs to be regulatory/political.
Your sarcasm is misplaced; once people adapt to a benefit, many understandably don't wish to forgo it, and leveraging such network effects is the core business model of social media.
As for who the comment was directed at, it was so broad as to be inclusive of all users, because it didn't qualify its suggestion at all; that's why it's trite. You're just making a 'not true Scotsmen' argument.
Just like the ideal solution for climate change is to stop eating meat, stop flying, stop driving, stop heating, stop air conditioning, and, for good measure, stop using computers.
Heaven forbid that we seek a political/regulatory solution.
It’s interesting because the (in my opinion valid) comments of “but I have friends and family that I can only contact through Facebook” also somewhat translate to that analogy. It’s not uncommon to hear stories of people who quit drinking for example and soon after lose all their friends because their friendship really only existed in contexts where alcohol is present (maybe even mandatory to some extent).
> It’s not uncommon to hear stories of people who quit drinking for example and soon after
lose all their friends
And (crucially) then go back to drinking.
Human attachment patterns are a primary factor in dependency
problems. Addicts get into groups who mutually support each other's
habit. Leaving the drug means leaving the only group who "understand"
you. It's the same for cults. There's a chapter on this in Digital
Vegan. Social media companies shamelessly and aggressively leverage
that psychology.
No it shouldn't. It's unethical, sure, but the correct way to fight this is to not give money (or your time) to companies that engage in these behaviors.
At this point it is barely possible to ignore Facebook (Twitter, Instagram etc. also). I'm a great proponent of the fediverse, but FB without regulation will simply eat all the ethical alternatives.
The company we're talking about here is, if not an outright monopoly, a dominant market player that actively abuses their dominance to the detriment of both competitors and customers. The correct way to fight that is to make such a thing not exist anymore.
It's a thought experiment to look at specific categories. Maybe it's not worth making something illegal, but it's useful to answer the question to get a good perspective.
In this case I would say it's definitely not something I specifically want to be legal.
considering that FB did and does serve a purpose beyond meaninglessly scrolling through your timeline and liking pictures - f.x. organising and advertising events or managing group interactions. is there a new FB - something that could replace it or maybe even did? I'm off FB now for about six years but sometimes I wonder if I'm missing out sometimes. I really don't want to move back in.
Same sentiments here. I have heard that the marketplace is great for selling second hand goods locally. But I still think the benefits of not being on facebook outweigh what I'm missing out but curious on reevaluating my stance.
I don't think this is unethical, and while it isn't work that I've done I wouldn't have an objection to doing it.
Facebook is able to provide their service free to users because we "pay with our data", and stripping the tracking parameters was one method people used to get the service without "paying". Facebook would prefer to offer this is a package deal, where you can only have the service if you accept the tracking. I don't think it is unethical to strip the parameters, but I also don't think Facebook has any obligation to make that easy.
As an analogy, I think it's fine for users to run ad blocking software, but I also think it's fine for sites to attempt to only show content to users who view the ads.
For what it's worth, the work of an few engineers implementing the business decisions of their employer does not make those people inherently evil. It is their job, and they need to pay the bills somehow.
This change is highly anti-consumer and potentially unethical, yes, but it makes perfect sense towards the group's own business interests.
> For what it's worth, the work of an few engineers implementing the business decisions of their employer does not make those people inherently evil
I think when people do unethical actions, it makes the person doing the unethical action unethical. People are defined by their actions. I'm also tired of this 'need to pay the bills somehow' excuse. Someone who has an engineering job at Facebook has vast career options.
They are not forced to do that work at a gunpoint, and as software engineers who managed to land jobs at FB, they most certainly have plenty of other options - even within FB.
I have no idea if it's doable in this FB context, but usually when links can't be anonymized, the next move is to make them produce irrelevant data by adding noise.