boredsquirrel<p>A few counterarguments on <a href="https://tux.social/tags/LocalMess" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LocalMess</span></a> (<a href="https://tux.social/tags/Facebook" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Facebook</span></a> <a href="https://tux.social/tags/Instagram" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Instagram</span></a> <a href="https://tux.social/tags/Yandex" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Yandex</span></a> <a href="https://tux.social/tags/LocalhostTracking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LocalhostTracking</span></a>), why this would make <a href="https://tux.social/tags/Android" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Android</span></a> worse than <a href="https://tux.social/tags/iOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>iOS</span></a>:</p><p>This vuln seems to only have existed on Android, but not everyone would need to be affected by it.</p><p>I see <a href="https://tux.social/tags/GrapheneOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GrapheneOS</span></a> as a perfected form of the Android idea (stripping the <a href="https://tux.social/tags/Advertizing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Advertizing</span></a> and Tracking from it, and adding needed permissions).</p><p>1/8</p>
digitalcourage.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
Diese Instanz wird betrieben von Digitalcourage e.V. für die Allgemeinheit. Damit wir das nachhaltig tun können, erheben wir einen jährlichen Vorausbeitrag von 1€/Monat per SEPA-Lastschrifteinzug.
Administered by:
Server stats:
812active users
digitalcourage.social: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.3
#localmess
0 posts · 0 participants · 0 posts today
Lioh<p>Wenn ihr so etwas wie Instagram oder Facebook auf dem Handy nutzt, dann verwendet bitte _niemals_ die Apps. Installiert euch Fennec mit uBlock Origin. Wie das geht habe ich hier erklärt:</p><p><a href="https://www.youtube.com/watch?v=a5-qV6OUV_o" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">youtube.com/watch?v=a5-qV6OUV_</span><span class="invisible">o</span></a><br><a href="https://www.spacefun.ch/linux-videos#android1" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">spacefun.ch/linux-videos#andro</span><span class="invisible">id1</span></a></p><p><a href="https://social.anoxinon.de/tags/localmess" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>localmess</span></a> <a href="https://social.anoxinon.de/tags/tracking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tracking</span></a> <a href="https://social.anoxinon.de/tags/surveillance" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>surveillance</span></a> <a href="https://social.anoxinon.de/tags/blackhatcapitalism" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>blackhatcapitalism</span></a></p>
C. 🐧<p><a href="https://digitalcourage.social/tags/Passwort" class="mention hashtag" rel="tag">#<span>Passwort</span></a> - der Podcast von <a href="https://digitalcourage.social/tags/heise" class="mention hashtag" rel="tag">#<span>heise</span></a> <a href="https://digitalcourage.social/tags/security" class="mention hashtag" rel="tag">#<span>security</span></a>: Lokale Sauereien von <a href="https://digitalcourage.social/tags/Meta" class="mention hashtag" rel="tag">#<span>Meta</span></a> und <a href="https://digitalcourage.social/tags/Yandex" class="mention hashtag" rel="tag">#<span>Yandex</span></a><br /><a href="https://digitalcourage.social/tags/Browser" class="mention hashtag" rel="tag">#<span>Browser</span></a> <a href="https://digitalcourage.social/tags/Facebook" class="mention hashtag" rel="tag">#<span>Facebook</span></a><br /><a href="https://digitalcourage.social/tags/WhatsApp" class="mention hashtag" rel="tag">#<span>WhatsApp</span></a> <a href="https://digitalcourage.social/tags/DSGVO" class="mention hashtag" rel="tag">#<span>DSGVO</span></a></p><p>Meta und Yandex sind bei <a href="https://digitalcourage.social/tags/Trackingmethoden" class="mention hashtag" rel="tag">#<span>Trackingmethoden</span></a> erwischt worden, die weit über das Übliche hinausgehen. Christopher und Sylvester sehen sich die Publikation "<br /><a href="https://digitalcourage.social/tags/LocalMess" class="mention hashtag" rel="tag">#<span>LocalMess</span></a>" an. Darin dokumentieren Forscher <a href="https://digitalcourage.social/tags/Tracking" class="mention hashtag" rel="tag">#<span>Tracking</span></a>-Tricks dieser Firmen, die den Nutzerwünschen explizit zuwiderlaufen, Securitymaßnahmen untergraben und <a href="https://digitalcourage.social/tags/Kommunikation" class="mention hashtag" rel="tag">#<span>Kommunikation</span></a> verschleiern.</p><p> Die Hosts haben Mühe, noch einen Unterschied zum Vorgehen typischer <a href="https://digitalcourage.social/tags/Malware" class="mention hashtag" rel="tag">#<span>Malware</span></a> zu sehen.</p><p>Webseite der Episode:<br /> <a href="https://passwort.podigee.io/34-lokale-sauereien-von-meta-und-yandex" target="_blank" rel="nofollow noopener" translate="no"><span class="invisible">https://</span><span class="ellipsis">passwort.podigee.io/34-lokale-</span><span class="invisible">sauereien-von-meta-und-yandex</span></a></p><p>Mediendatei:<br /> <a href="https://audio.podigee-cdn.net/1973369-m-54944d53cac54770deb6feecac8ac80e.mp3?source=feed" target="_blank" rel="nofollow noopener" translate="no"><span class="invisible">https://</span><span class="ellipsis">audio.podigee-cdn.net/1973369-</span><span class="invisible">m-54944d53cac54770deb6feecac8ac80e.mp3?source=feed</span></a></p><p><span class="h-card" translate="no"><a href="https://bonn.social/@ulrichkelber" class="u-url mention">@<span>ulrichkelber</span></a></span></p>
ᏕᎯᏕᏣᎻᎯ :antifa:<p>echt guter Podcast zum Thema <a href="https://troet.cafe/tags/LocalMess" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LocalMess</span></a> von <span class="h-card" translate="no"><a href="https://social.heise.de/@heisec" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>heisec</span></a></span> , wie <a href="https://troet.cafe/tags/Meta" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Meta</span></a> und Yandex mit ihren Apps als Schadsoftware agiert haben.</p><p>Die Apps <a href="https://troet.cafe/tags/Facebook" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Facebook</span></a> & <a href="https://troet.cafe/tags/Instagram" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Instagram</span></a> & <a href="https://troet.cafe/tags/Yandex" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Yandex</span></a> haben Schutzmaßnahmen des Betriebssystems umgangen, also von <a href="https://troet.cafe/tags/Android" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Android</span></a>. So konnten alle Aktivitäten im Browser getrackt werden, solange das passende Trackingscript auf der Website ausgespielt wird.</p><p>Apps deaktivieren / Werbeblocker installieren.</p><p><a href="https://passwort.podigee.io/34-lokale-sauereien-von-meta-und-yandex" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">passwort.podigee.io/34-lokale-</span><span class="invisible">sauereien-von-meta-und-yandex</span></a></p><p><a href="https://troet.cafe/tags/datensicherheit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>datensicherheit</span></a> <a href="https://troet.cafe/tags/tracking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tracking</span></a> <a href="https://troet.cafe/tags/adblock" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>adblock</span></a> <a href="https://troet.cafe/tags/adblocker" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>adblocker</span></a> <a href="https://troet.cafe/tags/podcast" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>podcast</span></a></p>
Chris-fiddler<p><a href="https://muenchen.social/tags/localmess" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>localmess</span></a> <br>Im Transcript des Podcasts „Security Now“ kann man Details als Zusammenfassung nachlesen</p><p><a href="https://www.grc.com/sn/sn-1029-notes.pdf" rel="nofollow noopener" target="_blank"><span class="invisible">https://www.</span><span class="">grc.com/sn/sn-1029-notes.pdf</span><span class="invisible"></span></a> </p><p>Und auch hier</p><p><a href="https://schleuss.online/@itnewsbot/114676551224936477" rel="nofollow noopener" target="_blank"><span class="invisible">https://</span><span class="ellipsis">schleuss.online/@itnewsbot/114</span><span class="invisible">676551224936477</span></a></p>
Chris-fiddler<p>wer noch einen Anstoß braucht Meta endgültig zu verlassen:</p><p>🔐 Security News: „Local Mess“ – Neue Tracking-Methode entdeckt!</p><p>Wer glaubt, dass Meta & Co. es beim Online-Tracking nicht übertreiben – der sollte jetzt genauer hinsehen. Ein aktueller Bericht zeigt, wie Webseiten teils heimlich das lokale Dateisystem von Nutzern auslesen, um deren Surfverhalten zu verfolgen und Profile zu erstellen. 😳</p><p>Diese Methode wurde unter dem Namen „Local Mess“ bekannt : <a href="https://localmess.github.io/" rel="nofollow noopener" target="_blank"><span class="invisible">https://</span><span class="">localmess.github.io/</span><span class="invisible"></span></a> <br><a href="https://muenchen.social/tags/localmess" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>localmess</span></a></p>
IT News<p>This Week in Security: The Localhost Bypass, Reflections, and X - Facebook and Yandex have been caught performing user-hostile tracking. This sort o... - <a href="https://hackaday.com/2025/06/13/this-week-in-security-the-localhost-bypass-reflections-and-x/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">hackaday.com/2025/06/13/this-w</span><span class="invisible">eek-in-security-the-localhost-bypass-reflections-and-x/</span></a> <a href="https://schleuss.online/tags/thisweekinsecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>thisweekinsecurity</span></a> <a href="https://schleuss.online/tags/hackadaycolumns" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hackadaycolumns</span></a> <a href="https://schleuss.online/tags/securityhacks" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>securityhacks</span></a> <a href="https://schleuss.online/tags/localmess" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>localmess</span></a> <a href="https://schleuss.online/tags/lunchbox" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>lunchbox</span></a> <a href="https://schleuss.online/tags/news" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>news</span></a> <a href="https://schleuss.online/tags/x" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>x</span></a></p>
Guardian Project<p><a href="https://social.librem.one/tags/Meta" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Meta</span></a> <a href="https://social.librem.one/tags/Facebook" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Facebook</span></a> and <a href="https://social.librem.one/tags/Yandex" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Yandex</span></a> are always looking for new ways to spy on you and track you. <a href="https://social.librem.one/tags/LocalMess" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LocalMess</span></a> is the latest in a long line of abusive methods to gather your private data. Having their mobile app installed gives them super powers. Uninstall it. If you must use these services, do not use their app, keep it in the browser, or even better, use a wrapper app, like</p><p>* <a href="https://f-droid.org/packages/it.rignanese.leo.slimfacebook/" rel="nofollow noopener" target="_blank"><span class="invisible">https://</span><span class="ellipsis">f-droid.org/packages/it.rignan</span><span class="invisible">ese.leo.slimfacebook/</span></a><br>* <a href="https://f-droid.org/packages/us.spotco.maps/" rel="nofollow noopener" target="_blank"><span class="invisible">https://</span><span class="ellipsis">f-droid.org/packages/us.spotco</span><span class="invisible">.maps/</span></a></p><p>Here is a nice technical write up:<br><a href="https://localmess.github.io/" rel="nofollow noopener" target="_blank"><span class="invisible">https://</span><span class="">localmess.github.io/</span><span class="invisible"></span></a></p><p><a href="https://social.librem.one/tags/tracking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tracking</span></a> <a href="https://social.librem.one/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a></p>
Sven Jacobs :androidHead:<p><a href="https://androiddev.social/tags/Meta" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Meta</span></a> is seriously concerning 👿 </p><p>Their apps open local ports on <a href="https://androiddev.social/tags/Android" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Android</span></a>, while their <a href="https://androiddev.social/tags/tracking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tracking</span></a> pixels, embedded in thousands of websites, connect to these ports and gather information about users. This effectively bypasses <a href="https://androiddev.social/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a> measures such as private browsing or clearing cookies, making users personally identifiable on websites that use those pixels.</p><p>Although it appears they have stopped this technique after it was uncovered, it still reveals Meta's true intentions, imho.</p><p><a href="https://androiddev.social/tags/localmess" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>localmess</span></a></p>
Johannes Schnatterer<p><a href="https://floss.social/tags/localmess" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>localmess</span></a> <br>Meta/Facebook Pixel sharing from web to Meta Android apps</p><p>> Facebook, Instagram, and several Yandex apps including Maps and Browser—silently listen on fixed local ports for tracking purposes.</p><p>> The Meta (Facebook) Pixel JavaScript, when loaded in an Android mobile web browser, transmits the first-party _fbp cookie using WebRTC to UDP ports 12580–12585 to any app on the device that is listening on those ports.</p>
TrendingLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload