An underreported detail from these “I got my Facebook data” stories: combining Facebook with the (non)-privacy-protections of Android is like setting wild dogs loose on a buffet.
How much effort do you suppose it would take to grok the obfuscated Facebook code? Even decompiled to Java instead of Smali.pic.twitter.com/l5568tZcIQ
-
-
I’ve personally done this several times. Decompilation sucks, but Android API calls aren’t obfuscated so it’s really not that hard to find them. You can also instrument a “phone” and dynamically run the app.
-
While clever obfuscation is possible, it would also be perfectly reasonable for Google to look askance at any attempt by Facebook to deliberately obfuscate code that collects data from the phone. (Or they could demand the source.)
- 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.