Facebook - Defensive Computing

FACEBOOK

TOPICS BELOW
Things to know about Facebook, Facebook Marketplace scams, The Facebook Spying Pixel, Facebook Configuration Articles, Facebook Privacy, Periodic Facebook Maintenance, Hacked Facebook Accounts, Deleting Facebook Content, Quitting Facebook, Facebook bad

No doubt there are many defensive strategies for Facebook (aka Meta), with the strongest one being avoidance. That's what I do. This section may be a bit haphazard because not being a Facebook user, I can't verify things.

THINGS TO KNOW ABOUT FACEBOOK top

It is safer to use the Facebook website as opposed to their mobile app. Better yet, use private browsing mode. Better still, use the Facebook website from a Chromebook in Guest Mode.
April 8, 2025: Meta introduces restricted Teen Accounts to Facebook and Messenger by Aisha Malik of TechCrunch. Accounts of teenagers will be automatically converted to the new Teen type account (this assumes the birthday on file is legit or close to legit). Teens will only receive messages from people they follow or have messaged before. Only existing friends of a teenager can see and reply to their stories. Tags, Mentions, and comments will be limited to people the teenager follows or who are their friends. Kids under 16 will need their parents' permission to change any of the settings.
We're Introducing New Built-In Restrictions for Instagram Teen Accounts, and Expanding to Facebook and Messenger by Facebook.
March 28, 2025: All The Data Facebook Collects - And How To Stop This by Lena of Tuta. Quoting: "... most users are ignorant and unaware of Meta's deep reach into the public and private lives of its users through their range of apps. A lot of what Facebook does on a larger scale is unknown to us." The article has next to nothing about defending against Facebook spying.
January 25, 2024: iPhone apps abuse iOS push notifications to collect user data by Bill Toulas for Bleeping Computer. Security firm Mysk found some apps that use a trick to run in the background. The apps further abuse things by spying on us while running in the background. The apps they called out were TikTok, Facebook, X (Twitter), LinkedIn, and Bing. The defense is to disable notifications for these apps. To do so: Settings -> Notifications -> select an app -> disable "Allow Notifications".
Facebook spying: Each Facebook User is Monitored by Thousands of Companies by Jon Keegan for The Markup. January 17, 2024. The article is about research done by Consumer Reports which found that the scale of Facebook surveillance is massive and includes information about what people do outside of Facebook and Instagram. Facebook (aka Meta) knows what stores you walk into, what news articles you read and almost every website you visit online. This website does not report your activity here to Facebook. Facebook also spies on the activities of non-Facebook users. Good news: The article has instructions on how a Facebook user can see which companies are reporting on them (below). Bad news: the company names are sometimes useless drivel.
--Go to accountscenter.facebook.com/info_and_permissions
--Select "Your activity off Meta technologies" -> then "Recent activity"
--To prevent a company from future spying, select "Disconnect"
The same article was published by Consumer Reports: Each Facebook User Is Monitored by Thousands of Companies by Jon Keegan January 17, 2024
July 27, 2023: How Do I Report A Fake Facebook Account? by Leo A. Notenboom. There are too many steps to summarize here, so read the article. Suffice it to say, the first step is not at all obvious.
March 16, 2023: Don't get hacked on Facebook. Do these 6 things now by Heather Kelly for the Washington Post. The article starts out noting that it is a million times easier to prevent a Facebook hack than it is to fix one after the fact. Among the defensive steps: 2FA, use better passwords (rounding up the usual suspects) and insure that Facebook has a current email address on file for you. Also, be alerted to all log-ins to your account (see article below from Facebook). So that you don't get scammed, the article warns that Facebook will never text, email or call you to ask for your log-in information or the two-factor authentication code. The article also discusses backing up Facebook data, saying an entire account can be saved (contacts, posts and other information). Photos on Facebook can also be copied to other services.
See the devices that are logged in to your account here. It should also show approximately where in the world those devices are located.
To see information Facebook knows about your activity in other apps and on other websites, see Off-Facebook Activity. From Facebook, you can get to the same data with Settings -> Your Facebook Information -> Off-Facebook Activity. This was introduced in Jan. 2020. Fowler (above) suggests clicking on "Clear History" to remove that data. To have Facebook stop using your off-Facebook activity, look for "Manage Future Activity" and then make sure "Future Off-Facebook Activity" is turned off. Note the word "using" - they will still collect the data.
Get notified if a bad guy logs into you Facebook account. See Get alerts about unrecognized logins to Facebook from Facebook (undated, of course). The alerts occur when someone tries logging in from a device or web browser that Facebook does not recognize. The alerts will tell you which device tried logging in and where it's located. A list of recent devices that have logged into your Facebook account can be found in your Security and Login Settings.
April 4, 2023: No bullsh*t opt-out: Free noyb tool for quick and broad Facebook objections is now online! New tool to opt out of targeted advertising. More: Welcome to noyb’s Meta Opt-Out Tool!.
November 2022: How to remove your phone number or email from Facebook, even if you have no account by Martin Brinkmann. Facebook may have the email address or phone number, of people who never signed up for the service. They published a tool in mid-2022 to remove personal information from the site. They did not announce the tool and it is not widely known. Read about it here. The URL is facebook.com/contacts/removal
June 2022: This article from Malwarebytes Labs, Facebook users targeted in massive phishing campaign, has a section with Tips to avoid Facebook phishing. by Christopher Boyd.
June 2020: Giving Facebook less data is a good idea. Even better: Just use it less by Rob Pegoraro in Fast Company. You can take some steps to limit how much Facebook knows about you. But as long as you use the service, it can monetize your interests and activity.
October 2019: From John Opdenakker If you get a friend request from someone you don't know it's better not to accept it. This might be a scam and your online security and privacy might be in danger. Facebook friends can see all your profile information and even information about your friends. They can abuse this information to scam you and your friends.
January 2019: A Guided Tour of the Data Facebook Uses to Target Ads by Bennet Cyphers of the EFF. Not much defense offered.
March 2018: Are you ready? Here is all the data Facebook and Google have on you by Dylan Curran for The Register.

FACEBOOK MARKETPLACE SCAMS top

Detecting them and reporting them.

April 11, 2024: Facebook Marketplace Scams: 3 Warning Signs You Should Not Ignore by Leo A. Notenboom. In brief: taking the conversation off Facebook and paying with either Gift Cards or cryptocurrency.
February 2022: 10 Facebook Marketplace Scams to Watch Out For by Tim Brookes for HowToGeek. The scams covered are: Shipping Insurance, Sellers Requesting Payment in Advance, Sellers and Buyers Who Take the Transaction Elsewhere, Fake House and Apartment Rental Listings, Car Deposit and Vehicle Purchase Protection, Stolen or Faulty Goods, Gift Cards, Identity Fraud and Personal Information Harvesting, Overpayment Refunds and, of course, Fake Goods.
From Facebook: Recognizing Scams. They say: If you see something you think is a scam, you should stop communicating with the buyer or seller and report the suspected scam to Facebook.
From Facebook: Avoiding scams on Facebook
From Facebook: Report a Facebook Marketplace scam. Applies to seller scams, buyer scams and listing scams.

THE FACEBOOK SPYING PIXEL top

The Facebook tracker pixel is the main way that Facebook spies on people. It is JavaScript code (usually) that companies put on their websites to report back to the Facebook mother ship. The NSA must be so jealous.

An example of spying via the Facebook Pixel Tax Filing Websites Have Been Sending Users' Financial Information to Facebook from The Markup (November 22, 2022). Among the services doing this: TaxAct, TaxSlayer, and H&R Block. Ars Technica also wrote about this: Major tax-filing websites secretly share income data with Meta by Ashley Belanger (Nov 22, 2022). Neither article says anything about defending yourself, so each qualifies as scare mongering click bait.
A quick look at the documentation (links below) shows that it should be possible to block the Facebook Pixel. If it is implemented via JavaScript, then it is loaded from connect.facebook.net which can be blocked. If it is implemented as an IMG (image) element, then it is loaded from www.facebook.com which people that do not have Facebook accounts can block.
One way to block these sub-domains is with DNS. A service such as NextDNS lets you specify domains and sub-domains that should be blocked. NextDNS offers free starter accounts. Every desktop web browser offers secure/encrypted DNS as an option and if you point this to your NextDNS account, you can block whatever you want, in that one browser. A nice feature of NextDNS is the optional logs. After configuring it to block the Facebook Pixel you can review the logs to verify that the blocking is working.
Another way to block sub-domains is in your router, either with DNS or parental controls or a firewall rule or whatever. That said, not many routers can block domains. One that can is the Pepwave Surf SOHO.
A third approach to blocking sub-domains is by modifying the hosts file for your Operating System
A fourth approach is to use a DNS service provided by a VPN. The one from Windscribe is excellent for this.
In addition to the sub-domains above, you might also want to block: graph.facebook.com, api.facebook.com, apps.facebook.com, staticxx.facebook.com and web.facebook.com.
Meta Pixel documentation from Facebook about their Pixel
Facebook tracker pixel documentation from Facebook
Facebook has a browser extension intended as a debugging tool for their Meta Pixel. Someone interested in blocking the Pixel can use this to verify that it is really being blocked. See the Meta Pixel Helper documentation from Facebook. It was also mentioned here: In 2023, Resolve to Fix Your Organization’s Meta Pixel Problem by Maria Puertas and Simon Fondrie-Teitler for The Markup (January 31, 2023).
NOTE: These Washington Post articles are written by a non-techie who can only go so far with technical issues. While the advice in these articles can be useful, it is far from complete. For serious blocking of Facebook spying, see the topic above. The public is cheated when the mainstream media does not employ techies to cover tech subjects.
1. How to block Facebook from snooping on you by Geoffrey Fowler for the Washington Post (Aug 2021). Discusses changes that impact what Facebook and Instagram can learn about you outside of their apps.
2. There’s no escape from Facebook, even if you don’t use it also by Geoffrey Fowler (Aug 2021). Discusses why you want to bother making all the changes in the prior article. Quoting: "It isn't just the Facebook app that's gobbling up your information. Facebook is so big, it has convinced millions of other businesses, apps and websites to also snoop on its behalf. Even when you're not actively using Facebook. Even when you're not online. Even, perhaps, if you've never had a Facebook account."
Facebook's surveillance is hard to avoid. They partner with websites, apps and stores to track you when you are not using Facebook. Geoffrey Fowler of WaPo wrote about this in Jan. 2020: Facebook will now show you exactly how it stalks you - even when you’re not using Facebook. The article is focused on a new "Off-Facebook Activity" tool (see it at facebook.com/off_facebook_activity). To be spied on, you don't have to be logged in to the Facebook app or website. Companies can report other identifying information to Facebook, enough to match you to your Facebook account. Fowler found that Home Depot told Facebook when he visited its online store, viewed an item or added an item to a shopping cart. Other spies he found were The Atlantic, Amazon's Ring app, the Peet’s Coffee app and the website for an HIV drug.
To limit this: Settings -> Your Facebook Information -> Off-Facebook Activity -> Manage Your Off Facebook Activity -> Manage Future Activity. Still not done. Click another "Manage Future Activity" button. Curse Facebook. You want the toggle next to "Future Off-Facebook Activity" to be gray. If it is blue, click it, then click "Turn Off"

FACEBOOK CONFIGURATION ARTICLES top

Settings are somewhat hidden. To find the Settings:
mobile app: "More" tab -> gear icon at the top of the screen
website: Start at the down arrow in the top-right corner -> Settings & privacy -> Settings
September 2, 2025: Is Meta secretly scanning your phone's camera roll? Check this setting to find out by Elyse Betters Picaro for ZDNet. In the Facebook app, click on the hamburger menu in the bottom right corner -> Settings and Privacy -> settings -> Camera roll sharing suggestions. Then turn off "Get camera roll suggestions when you're browsing Facebook" and " Get creative ideas made for you by allowing camera roll cloud processing".
January 17, 2025: Mad at Meta? Don't Let Them Collect and Monetize Your Personal Data by Lena Cohen for the EFF. This is an excellent article, well worth reading. The configuration changes suggested here are in the Accounts Center. The article covers both Instagram and Facebook. Needless to say, the options that increase your privacy are buried very depp.
1. For both mobile apps, go to Settings -> Accounts Center
2. On the web, go to accountscenter.facebook.com or accountscenter.instagram.com
3. Then, Ad preferences -> Manage Info tab (this tab may be called Ad settings depending on your location) -> Activity information from ad partners -> Review Setting -> Select "No, don't make my ads more relevant by using this information"
4. And: Ad preferences -> Manage info (called Ad settings depending on your location) -> Ads shown outside of Meta -> Select "Not allowed" -> click the "X" button to close the pop-up. Depending on your location, this setting will be called "Ads from ad partners" on the Manage info tab.
5. And: Accounts Center -> Your information and permissions -> Your activity off Meta technologies -> Manage future activity -> Disconnect future activity -> Continue button -> confirm one more time by clicking the "Disconnect future activity" button.
November 3, 2024: You're overexposed online. This service fixes 223 privacy settings for you. Geoffrey A. Fowler for the Washington Post. The article is about an extension/service from a startup called Block Party. It is available on the Windows, macOS and Linux versions of Chrome, Firefox, and Edge. It works on the websites of Facebook, Instagram, Google, YouTube, X, LinkedIn, Reddit, Strava and Venmo. For these 9 companies, it reviews your privacy settings, recommends changes and can make the changes for you. There is a 7 day trial, after which the service is $20/year. I would add to the article that you might want to disable the extension when you are not using it. Quoting: "I thought I had my Facebook, Google, Instagram, X, Venmo and LinkedIn on privacy lockdown. Then I got terrified by a new service called Block Party. It scans nine critical apps for 223 privacy, security and other settings. Again and again, Block Party found problems with how I'd set up my accounts that left me exposed ... Tech companies want to collect as much of your data as possible, and, often, to share it widely. So they present privacy and other settings with so many confusing knobs and buttons that it feels like flying a 747. There are 44 different privacy settings on Facebook alone. Worse, apps move around settings - and keep adding new ones that find more ways to exploit your personal data."
January 5, 2024: Change these 11 Facebook settings by Jared Newman. You have to pay to read this article, but I find Newman's newsletter to be worth paying for. The article groups the tweaks into these categories: Eliminate annoyances, protect your privacy and Control who sees what
January 2, 2024: Meet Link History, Facebook’s New Way to Track the Websites You Visit by Thomas Germain for Gizmodo. Very good article. Facebook recently rolled out a new "Link History" setting that creates a special repository of all the links you click on in the Facebook mobile app. This does not apply on their website. You can opt out. Facebook has always kept track of the links you click on, so this is confusing. Worse, when you click on a link in the Facebook or Instagram apps, the website loads in a special browser built into the app, rather than the OS default browser. This lets Facebook spy on you. More on this new option from Facebook.
October 24, 2023: This Privacy Setting Helps Keep Instagram and Facebook From Tracking You by Katie Teague of CNET. Quoting: "The new Activity Off-Meta Technologies tool, previously known as Off-Facebook Activity, lets you see and control data that apps and websites share with the platforms -- and monitor the kind of information third-party apps can access. With the privacy feature, you can clear the history of apps and websites that have shared your data. You can also disconnect any information Meta has shared from your account."
In Facebook -> Settings & Privacy -> Settings -> Off-Facebook Activity
To control which ads you see in either the mobile app or website:
Settings -> Meta Accounts Center -> Ad preferences.
November 2021: 16 Settings to Make Facebook Less Evil (or at Least More Private) by Pranay Parab for Life Hacker.
September 2021: Facebook privacy settings to change now Washington Post
June 2021: 7 Important Facebook Privacy Settings to Change Right Now by Tim Brookes. The article covers: Delist Your Profile from Search Engines, Make Your Friends List Private, Restrict Visibility of Your Older Posts En Masse, Enable Timeline Review, Disable Facial Recognition, Restrict How You Are Found on Facebook, Review Connected Apps and Websites and Preview How Others See Your Profile.
January 28, 2021: Guide to Facebook Privacy and Security Settings by Larry Magid, for ConnectSafely.
Cybersecurity 101: Protect your privacy from hackers, spies, and the government by Charlie Osborne and Zack Whittaker of ZDNet (Dec. 2020) has some tweaks for Facebook settings.
How to Use Facebook Privacy Settings by Thomas Germain of Consumer Reports. Last updated Sept. 2019.
How To Stop Facebook From Blabbing Out Your Phone Number by Monica Chin (March 2019)
Basic Privacy Settings & Tools from Facebook. Quite long. Undated.
Configure: For what its worth (not much) you can stop graphic videos from autoplaying. In the Facebook mobile app do: Menu -> gear icon -> Preferences -> Media -> Never autoplay videos.
Hands off my data! 15 default privacy settings you should change right now by Geoffrey Fowler in Washington Post (June 2018).
Suggestions from the article:
1. In Timeline settings turn on the option to review posts you are tagged in before the post appears on your timeline. Settings -> Timeline and Tagging -> Review section -> enable both options.
2. In the Facial Recognition settings, set "Do you want Facebook to be able to recognize you in photos and videos?" to No.
3. In the Ad Preferences settings: Under Your information, turn off ads based on your relationship status, employer, job title and education. Under Ad settings, set "Ads based on data from partners" and "Ads based on your activity on Facebook Company Products that you see elsewhere" to Not allowed. Also, set "Ads that include your social actions" to No One.

FACEBOOK PRIVACY top

The Facebook Privacy Checkup is incomplete. Your profile information should be set to "Friends of Only Me" which, in English, means private. Also, set "Future Posts" and "Stories" to "Friends" and click the button for "Limit Past Posts" and select "Limit" More.
Check the Facebook Privacy Shortcut
Configure: News Feed preferences let you manage sensitive posts and outright lies (evaluated by fact-checkers)
In the app, tap the 3 horizontal lines -> gear icon -> Settings and Privacy -> Preferences -> News Feed
The default is "Reduce". Change it to "Reduce more"
Configure: In Settings --> Your Facebook Information --> Access Your Information --> Profile Information --> About --> Contact and Basic Info, set your birthday to "Only Me"
CONFIGURE PRIVACY: Privacy Settings:
1. Profile and Tagging -> Reviewing. set both item to On
2. Change "Who can see your friends list" from Public to Friends or Only me.
3. Consider only letting friends see your posts rather than making them public.
4. Consider changing who can send you friend requests. It defaults to Everyone. Another option is "Friends of Friends."
5. Consider restrictions for "How people can find and contact you."
6. Turn off Location and Face recognition.
7. Set the default privacy setting for future posts to "Friends".
8. Restrict the visibility of your past posts to Only Friends with "Limit The Audience for Old Posts on Your Timeline" -> Limit Last Posts. Anything that was shared publicly or with friends of friends will be changed.
9. Set your phone number "Friends" or "Only Me"
10. At Ads -> Ad Settings there is much to change. Under "Categories used to reach you" de-select all details about yourself. Remove anything under "Interest categories" and "Other categories". Set "Ads shown off Facebook" to "Not Allowed". Under "Social" select "Only me" for who can see what ads you have liked.
11. Clearview AI does facial recognition and was profiled in the New York Times (Jan. 2020). They copy pictures from many sources including Facebook. To block them, change a privacy setting, so that search engines can not link to your profile.
Configure: For help configuring Facebook for maximum privacy, consider the Jumbo mobile app. There are links to it in both the iOS and Android topics.
Don't share: your birthday, your current location or that you will be away from home for a while.
Goes without saying: use a long password for Facebook, and one that you do not use anywhere else.
In Ad Preferences you can see how Facebook has categorized you.
Mozilla created a Facebook container extension for Firefox. They claim it prevents Facebook from tracking you around the web. What it can not do, is block Facebook tracking on iOS or Android.
Location: How to disable Facebook location tracking by Jack Wallen (Oct 2019). Understanding Updates to Your Device’s Location Settings by Facebook (Sept 2019) is about new Location settings in Android 10 and iOS 13. How to stop Facebook from tracking your location by Lori Gil (March 2018). Thinking bigger, see the section here on Location Tracking.
August 2020: How Facebook and Other Sites Manipulate Your Privacy Choices by Arielle Pardes in Wired. The article is about how companies use Dark Patterns (confusing language, manipulative interface design) to trick people into saying yes, when they want to say no. One cited example is the Facebook Privacy Checkup.

PERIODIC FACEBOOK MAINTENANCE top

The Facebook Settings page is always changing so review it from time to time.
Remove old devices that still have access to your account at the Security and Login page, in the Where You're Logged In section.
Remove old apps that still have access to your account at the Apps and Websites page. Settings -> Apps and Websites.

HACKED FACEBOOK ACCOUNTS top

Defense: Your Facebook password should not be used for anything else.
Defense: Your Facebook email address should not be used for anything else. It should also be one that still works. See Add or remove an email address from your Facebook account from Facebook.
Defense: Articles suggest using Two Factor Authentication and may give you the impression that it's perfect. It is not. There are different types of 2FA. Any free and easy type will not be as secure as an expensive and harder to use type. See How two-factor authentication works on Facebook from Facebook.
If you do use 2FA with Facebook, you should also get and save recovery codes. These are get-out-of-jail-free codes for when the 2FA fails.
Official starting point: www.facebook.com/hacked
October 22, 2024: A new recovery option is coming soon: Need to recover your Facebook or Instagram account? Meta has a new trick for that by Artie Beaty for ZDNET. Several years ago, Facebook shut down its facial recognition system over privacy concerns. Now, it is coming back for security purposes. Rather than having to uploading an official ID or birth certificate, they are testing a new option to regain access to your account: video selfies. Meta will use automated facial recognition to compare your video to the profile picture on the account. What if the bad guy who hacked your account changes the profile photo? The article does not say. If you want this option in the future, your profile photo should be recent and high quality.
Hello? Hello? Is This Facebook? Anybody There? (Nope.) by Kirsten Grind in the Wall Street Journal (May 2022). Beware IT charlatans who tout their expertise in restoring Facebook accounts. Thousands turn to JustAnswer, a website that connects people with experts in various industries. A Reddit post suggested that people locked out of their account seek help from a specific employment lawyer. He helped one person. Another person purchased a $300 Oculus virtual-reality headset (it is now called Meta Quest) because it has a dedicated customer-service phone number. This worked. In March, Facebook introduced Facebook Protect, which it said added another layer of security to some accounts. Some users said the new feature instead blocked them from accessing Facebook.
Recovering locked Facebook accounts is a nightmare. That’s on purpose. by Tatum Hunter in the Washington Post (September 2021). Hacked.com is a service for people locked out of online accounts. The article mentions someone who paid them $500 to get back into their Facebook account. It is a lesson in the cost of a free service - no tech support.
The article was updated August 21, 2024. The Washington Post has clout. When the reporter contacted Facebook about one particular person whose account had been hacked and lost, Facebook sent the victim a link and their password was reset. For one day. Then the bad guys got back in. No idea how. Recovering an account is either difficult or impossible. The article ends with the usual mandatory advice: use 2FA and unique passwords.
Your Facebook Account Was Hacked. Getting Help May Take Weeks - Or $299 NPR All Things Considered (August 2, 2021). One person only got Facebook's system to accept her driver's license after she covered up everything but her name and photo with a Post-it note. Someone purchased a $300 Oculus Quest 2 just for access to Facebook customer support. It worked and he plans to return the device without ever having used it.
FYI: The long, lonely wait to recover a hacked Facebook account by Tatum Hunter (November 2022). Facebook has no real customer support. This is always the cost for a free service. Hacked.com helps victims recover hacked Facebook accounts. When Facebook users can't get help, they turn to the ITRC or Federal Trade Commission, which collects complaints about online fraud.
FYI: It is so hard to recover a hacked Facebook account, that a black market has sprung up. Facebook employees, even some security guards, would take bribes to restore hacked accounts. From Meta Employees, Security Guards Fired for Hijacking User Accounts by Kirsten Grind and Robert McMillan in the Wall Street Journal (Nov. 2022)

DELETING FACEBOOK CONTENT top

How to Delete Your Old Posts on Instagram, Facebook and Twitter by Dalvin Brown in the Wall Street Journal (Feb. 2022). Discusses the Manage Activity feature that was introduced in 2020 to help people remove large numbers of posts.
Facebook's Clear History Tools Won't Actually Delete Your Data by Thomas Germain of Consumer Reports (Aug. 2019)

QUITTING FACEBOOK top

From Facebook: Deactivating or Deleting Your Account. They say that a deleted account will have all the posts and photos removed after a few days. They say.
You've decided to quit Facebook. Here’s how to migrate your online life elsewhere. Washington Post (Oct 2021)
How to Permanently Delete Your Facebook Account by Brian Barrett of Wired (Oct 2021). Also has info on downloading your data beforehand. The final section How to Limit Facebook Tracking You is un-informed.
Smashing Security podcast episode 75: Quitting Facebook with Graham Cluley, Carole Theriault and Maria Varmazis. (April 2018)

FACEBOOK BAD top

This section is a bit like reminding people that water is wet. Goes without saying. Still, a few reminders:

September 8, 2025: Whistle-Blower Sues Meta Over Claims of WhatsApp Security Flaws by Cecilia Kang in the New York Times. Quoting: "The former head of security for WhatsApp filed a lawsuit on Monday accusing Meta of ignoring major security and privacy flaws that put billions of the messaging app's users at risk, the latest in a string of whistle-blower allegations against the social media giant. In the lawsuit filed in the U.S. District Court for the Northern District of California, Attaullah Baig claimed that thousands of WhatsApp and Meta employees could gain access to sensitive user data including profile pictures, location, group memberships and contact lists. Meta, which owns WhatsApp, also failed to adequately address the hacking of more than 100,000 accounts each day and rejected his proposals for security fixes, according to the lawsuit. Mr. Baig tried to warn Meta’s top leaders ... that users were being harmed by the security weaknesses ... In response, his managers retaliated and fired him in February, he claims."

May 15, 2025. A really damning article in the Wall Street Journal. Meta Battles an 'Epidemic of Scams' as Criminals Flood Instagram and Facebook by Jeff Horwitz. Facebook and Instagram have been overtaken by fraudsters and they are fine with it. The article makes it very clear that Meta does not care. Zelle said that Meta is the prime source of the online fraud they encounter. Why is Meta ignoring bad stuff? To make money of course. Their executives said that harsher anti-scam measures would annoy and discourage advertisers. How lenient is Meta with advertisers? Very. Quoting: "One late 2024 document reviewed by the Journal shows that the company will allow advertisers to accrue between eight and 32 automated 'strikes' for financial fraud before it bans their accounts. " As is typical of the mainstream media, the article says nothing about defense. DNS is one way to block malicious ads. Also, knowing the rules of Domain Names.

In October 2020, Leo A. Notenboom had to take a break from Facebook. Quoting: "The divisiveness, the anger, the misinformation, the legions of otherwise rational people ready and willing to accept piles and piles of manure as truth ... become too much" He wrote about using Feedly and RSS as a substitute in My Solution to Social Media Overload.

July 2020: If You're Not Terrified About Facebook, You Haven't Been Paying Attention by Carole Cadwalladr of The Guardian.

October 2019: Facebook inflated the average time users viewed video on the platform. Facebook to Pay $40M Under Proposed Settlement in Video Metrics Suit. Professor Scott Galloway summed this up: The viewership metrics were inflated by 150 to 900%. Whole companies shifted their strategy to video. Companies going bankrupt, people losing jobs, FB gets away with 0.18% of annual income ($40M / $22B), a slap on the wrist.

In August 2019 we learned that Facebook Paid Contractors to Transcribe Users' Audio Chats (Bloomberg) just like all the providers of Voice Assistants. Contractors (it's always contractors, never employees) transcribed audio from people who opted in to having their Messenger app voice chats transcribed.

April 2019: Quite a quote about Facebook: "morally bankrupt pathological liars who enable genocide (Myanmar)" (ZDNet)

April 2019: Facebook does not remove bad guys until they are publicly shamed in a high profile way. By Brian Krebs

April 2019: Mark Zuckerberg leveraged Facebook user data to fight rivals and help friends, leaked documents show NBC News

See also Facebook Messenger in the Secure Messaging topic.