@Argus
yea - whats new?

@Argus downright scary.

@Argus @aral On the other hand, Android has built-in iptables firewall which can be administered from commandline just as on Linux or with easy interfaces like AFWall+ (or for non-rooted devices through a virtual Virtual Private Network (a local VPN to self, to block all non-firewalled traffic, thus "virtual VPN")).

At least for for rooted Android devices one can also block hostnames via the hosts-file (/system/etc/hosts is a redirect (symlink) for /etc/hosts) just as on any non-closed UNIX(-like) system and even on Windows. I've seen apps that claim to be able to manage the hosts-file even without root on Android, but I have not tested any of those.

@Argus Easy solution: Stop using Facebook and block all the IPs it owns on your firewall.

@Argus oh wow this test with a flashlight app is really telling

https://privacyinternational.org/node/2494

@Argus

This has been a thing for awhile. Does the report mention what the companies get in return for sending all the data to Facebook? Is it just a money thing?

@Argus Facebook is evil 😡

@Argus I notice the FB SDK collects the phone's advertising_id plus a static FB "anon_id".

Assuming the anon_id stays the same per app (or per phone?) this allows FB to work around users who reset their advertising ids and keep tracking them as the same user

@Argus for some reason im particularly disappointed in Clue, they always seemed like a trustworthy app to me

@Argus

Wow. That makes me want to DNS black hole Facebook's domains.

@Argus
Wonder if this includes apps that say "no ads" in the store

@Argus

Mostly use Free and Libre Open Source software. Then if you still have a few proprietary apps, disable any and all trackers using ClassyShark3xodus and AdAway.

Here's my list for Android:

https://www.reddit.com/r/Android/comments/awuodb/my_installed_apps_list_mostly_of_free_and_libre/