Start United States USA — IT Facebook and Instagram's In-App Browser Exploits Expose User Privacy Concerns

Facebook and Instagram's In-App Browser Exploits Expose User Privacy Concerns

154
0
TEILEN

Research reveals that in-app browsers can deliver more than just a relevant website.
Meta takes advantage of this allowance by building custom web browsers into its Facebook, Instagram, and Messenger mobile apps that inject JavaScript into web pages. A researcher by the name of Felix Krause built a tool to detect JavaScript injection and opened this tool in various mobile apps. As expected, apps that use Apple’s SFSafariViewController, like Telegram, don’t inject any JavaScript. However, Krause’s tool detected JavaScript injection when opened in the custom web browsers built into the Facebook, Instagram, and Messenger mobile apps.

At first, Krause thought that these custom in-app browsers might be injecting the Meta Pixel, which is a bit of JavaScript code that tracks user behavior across websites.

Continue reading...