this post was submitted on 03 Jun 2025
512 points (100.0% liked)

Technology

70916 readers
3397 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
L4s@hackingne.ws
512
Meta and Yandex are de-anonymizing Android users’ web browsing identifiers - Ars Technica (arstechnica.com)
submitted 3 days ago by otter@lemmy.ca to c/technology@lemmy.world
58 comments fedilink hide all child comments
 

Tracking code that Meta and Russia-based Yandex embed into millions of websites is de-anonymizing visitors by abusing legitimate Internet protocols, causing Chrome and other browsers to surreptitiously send unique identifiers to native apps installed on a device, researchers have discovered. Google says it's investigating the abuse, which allows Meta and Yandex to convert ephemeral web identifiers into persistent mobile app user identities.

The covert tracking—implemented in the Meta Pixel and Yandex Metrica trackers—allows Meta and Yandex to bypass core security and privacy protections provided by both the Android operating system and browsers that run on it. Android sandboxing, for instance, isolates processes to prevent them from interacting with the OS and any other app installed on the device, cutting off access to sensitive data or privileged system resources. Defenses such as state partitioning and storage partitioning, which are built into all major browsers, store site cookies and other data associated with a website in containers that are unique to every top-level website domain to ensure they're off-limits for every other site.

you are viewing a single comment's thread
view the rest of the comments
[–] Kerb@discuss.tchncs.de 47 points 3 days ago (3 children)

they still try that?

i can't remember the last time i have seen one of those warnings.

[–] cygnus@lemmy.ca 35 points 3 days ago (1 children)

I'm guessing you use Firefox? It's much better at evading that tracking.

[–] chronicledmonocle@lemmy.world 5 points 3 days ago

Nah I saw it on FF as well. Forcing an update on the "Quick Fixes" blocklist on uBlock Origin got rid of it.

[–] UnderpantsWeevil@lemmy.world 11 points 3 days ago

The business cycle dictates that companies try to re-implement bad ideas every six months to two years.

If the idea was good, they'd have implemented it and made their money. Only bad ideas are still ripe for exploitation and new economic growth, because you haven't had someone as smart as me to make them work right.

[–] Sixtyforce@sh.itjust.works 5 points 3 days ago

Google doesn't do global roll outs with their updates. The anti adblock stuff especially. They target only some % of randomly selected users to spread confusion online, and I would guess their hope is to frustrate people into disabling ad blockers on Youtube after reading a bunch of misinformation and placebo bad advice when looking for tech support.