27
votes
Facebook banned someone for developing a Chrome extension designed to reduce its addictiveness
Link information
This data is scraped automatically and may be incorrect.
- Title
- Facebook Banned Me for Life Because I Help People Use It Less
- Authors
- Louis Barclay
- Published
- Oct 7 2021
- Word count
- 1203 words
I think this is yet more evidence that vendor-owned app stores are a bad idea. This is not something that would have been possible to "take down" if it were just hosted on a website somewhere, or even on GitHub; they could cease-and-desist the author, but users (who have the whole source code, since it's JavaScript!) could just rehost it elsewhere.
As it is, though, large companies with lots of incentive to cave to almost any legal pressure, and to enforce "real" author identities, control the ways most people install software, so even if someone did rehost it as a dev-mode extension, many fewer people would have access. It would be a whack-a-mole of reposting it on the Google Chrome app store, getting S&D'd by Facebook, rinse and repeat.
The downside of that, though, is malware. This seems like a pretty straightforward script he's made so it's not materially that much harder for anyone a little technically inclined to do it themselves.
Yeah. I'd argue that there are more ways to mitigate the malware threat than to mitigate the threat of total control by megacorps, though, and those tend to require less political capital.
Such as what? The reason things centralized in the first place was because people simply didn't buy or install things otherwise. Any tech savvy person basically had to impose a blanket ban on their less savvy family members from installing software off the internet at all. If you didn't you'd have a call from a cousin or in-law every other week asking to fix their computer and you'd go over there and see about 12 "search bars" and a purple gorilla in the corner of the screen.
Well, in the consumer space, the industry absolutely did go all-in on vendor app vetting. In the enterprise space, though, application allowlisting and blocklisting through very capable modern endpoint detection and response (EDR) software has become extremely popular. In the free desktop space, "just works" containerization is all the rage and has been for a while, from Qubes to Flatpak. Other approaches exist, too, in more niche areas, like jack-and-plug capability matrices, or even more systemic things where applications don't get access to arbitrary data by default - Android, for instance, is somewhat like this.
All that to say: it's a hard problem, but not an insoluble one, and lots of people have put lots of thought into it.
That’s because enterprise has IT departments to manage it. And containerization isn’t exactly user friendly for a layperson either.
Even Android can be a mess of malware if you wander off the Google Play store zone. There’s plenty of arbitrary data apps can get authorization for by sneaky means or other dark patterns. And it’s not even the active malware that contributes. Plenty of shady software exists that isn’t technically malware but ends up being extremely user hostile or privacy infringing anyway. People have made the decision that they’d rather trust their hardware makers as gatekeepers than trust themselves to parse all the shady nonsense out there, and it’s hard to blame them.
All I'm saying is, maybe we should consider the possibility that other approaches exist, instead of veering as hard as possible into allowing Microsoft, Google, and Apple to control our digital lives.
Always wondered why the hell this is such a problem? Any system that can prevent a non-signed app from running outside the App Store should also be able to just have a switch that disallows apps from reading other apps' data, prevent access general parts of the hard disk or have download-only network restrictions for installing updates.
Yeah, from the perspective of implementation, this is not a hard control to put in place. The problem is that it breaks everything not explicitly designed for it, not just malicious programs.
I agree about vendor app stores.
For accuracy, though, the author is referring to a browser extension, which he took down himself. So it's not an example of a centralized app hub being the culprit. It's about FB's ToS and the author's understandable aversion to going to court against Facebook in the UK.
Yep! The point I was making was that there'd be nothing to "take down" if these vendor app stores didn't both act as bottlenecks for most users and encourage, if not enforce, just one owner per piece of software.
Title speaks for itself. This is pretty gross behavior.
The full C&D can apparently be found here: https://louisbarclay.notion.site/Unfollow-Everything-cease-and-desist-letter-from-Facebook-ea219169421b457bb7ce010b7bf9ce1f
It isn't strictly about them not wanting people to use an unfollow extension, it also includes:
This reminds me of the (possibly apocryphal) story of an iOS developer who came up with an app called Breathe, which displayed a blank white screen for a few seconds before you opened any other app. As I remember, Apple took that one down pretty quickly too.
These companies are not our friends, and they want our eyeballs on their services for the maximum amount of time, no matter what overtures they make towards "digital wellbeing."
I'm no expert, but as far as I know something like that isn't even possible with the tools iOS gives you.
This sounds apocryphal because that seems like a function that would require system level controls that app developers can't really access. Maybe you could do it by enabling certain accessibility settings, but Apple takes a dim view of requiring accessibility settings for non-essential things as it's almost always a vector for malware.
Eeh, citation needed. Until they added system level autofill support, all password managers abused the a11y infrastructure.