If you have read access, then yes. Conventional desktop and server linux distributions would allow this behavior. As does android. Good luck using dylibs without it, anyways.
Since the android market is so fragmented and customized, this probably saves them from having to buy lots of phones when diagnosing crashes.
The knee-jerk reaction is to feel uncomfortable but these are system files, shipped with the phone, that are accessible to anyone who purchases the phone. This saves FB the trouble of spending $200 every time a new OS update comes out. Personally, with that knowledge, I don't have a problem with this - however, I have a ton of problems with other stuff FB does so I'm happy to keep not using their service.
> If you have read access, then yes. Conventional desktop and server linux distributions would allow this behavior.
The difference is in people's expectations of mobile vs. desktop apps. You'd never install untrusted software on your desktop, but mobile OSes provide the sense that software is isolated. In Android, that's mostly an illusion.
I feel like users install untrusted software on the desktop all the time and it's called closed source software.
It's not like Facebook is some small, unknown malware peddler so that its software should be considered "untrusted". If anything, it's untrusted because it's coming from a scummy company and opaque (due to being closed source).
You're right that it being from Facebook makes things a little different. At the same time, I've never needed to install a native desktop app from Facebook and I'd have some suspicion about doing so if such a thing existed, for exactly this reason.
> The difference is in people's expectations of mobile vs. desktop apps. You'd never install untrusted software on your desktop
I knew many Linux desktop users who had installed the Slack client back in the days we used Slack at work. Myself I have installed Skype. Not that I find Skype particularly good, but sometimes I need to communicate with people who have no clue about software freedom.
So, yes the number of "untrusted apps" is significantly lower on a (Linux) desktop, but "you'd never install" is an incorrect characterization.
I'm not making a moral judgement (FB is a big yikes), just technical. They'd have to:
- build lists of every phone, including carrier variant and internal revisions (pretty common!), to make sure they could be sure they had a complete library
- rely on the manufacturer to publicly post the ROM (cheaper mfg wont do this) (or somehow retrieve the URL from the update mechanism, said URL not easily accessible from userspace)
- handle the multiple different packaging mechanisms that android phones, especially older versions use (Google has gone a long way in remediating this but FB has to support billions of devices that don't adhere to best practices).
- For ROM packages that are encrypted, they'd need to acquire the keys from real devices.
- and they still would not have visibility into non-posted firmware, such as factory versions with day 1 upgrades (aka many many devices)
1. Uploading files from the user phone to their servers is straight up copyright violation in plenty of cases.
2. I have doubts that you need copies of all kinds of system libraries to debug that crash. They won't help you debug a crash dump (assuming they don't have debug symbols left in for some reason). They generally won't help you reproduce the crash unless you actually know reproduction steps - it wouldn't surprise me if they tracked every user action, but I doubt they do - so it takes many of those crashes to even start debugging. At that point you probably know precisely which library you need and can obtain it legally.
That said, I agree that uploading the files themselves is not necessary to fingerprint users (the hashes would totally suffice). Unless they do the uploading as a cover-up story, which doesn't make much sense either.
At the very least, the privacy-respecting solution would be to upload hashes and only upload libraries once some critical mass of users had reported the hash along with a bug. Even then, you would only upload the files themselves from some capped number of users.
But...what about my pitchfork? The knee-jerk reaction to every Facebook blog spam entirely diminishes the harm they've done to nations around the world.
Yeah sorry, they could send ro.build.fingerprint instead if they really wanted to know what version of builds and devices out there are causing issues.
I can see this as an opt-in but not as a silent, default behavior.
If you have read access, then yes. Conventional desktop and server linux distributions would allow this behavior. As does android. Good luck using dylibs without it, anyways.
Since the android market is so fragmented and customized, this probably saves them from having to buy lots of phones when diagnosing crashes.
The knee-jerk reaction is to feel uncomfortable but these are system files, shipped with the phone, that are accessible to anyone who purchases the phone. This saves FB the trouble of spending $200 every time a new OS update comes out. Personally, with that knowledge, I don't have a problem with this - however, I have a ton of problems with other stuff FB does so I'm happy to keep not using their service.