Facebook Android app caught seeking 'superuser' clearance
And what reason would you have not to trust Facebook with your personal data?
Updated Social networking giant and market-leading data broker Facebook is once again taking heat for playing fast and loose with its access to personal information.
This time, it's the Facebook Android app that is under the spotlight after folks noticed it requesting an extraordinary amount of access privileges – specifically, requesting "superuser" access to a device, granting it full control over a handheld.
Netizens noted that the change has happened in recent days, leading to speculation that a new feature or update is to blame, and it may not have been intentional.
A Facebook bug is generating requests for ‘Superuser’ permissions to access user's devices!— Matt Navarra (@MattNavarra) May 18, 2018
This is not going to go down well.
For Android devices, the "superuser" classification would basically grant an app full access to the device and data stored on it. Unfortunately, Facebook is staying silent on the matter, and has not responded to a request for comment.
The app's sudden insistence on full access to Android is a particularly bad bit of timing from a company that is staggering after the massive scandal at Cambridge Analytica and the revelation that the research house was able to collect and analyze detailed information it pulled from tens of millions (exact figures vary) of Facebook user accounts without their full knowledge or permission.
Fallout from the revelations led to Facebook chief Mark Zuckerberg being hauled before the US congress with another grilling scheduled by the European parliament. Zuck has, however, refused to grace the UK's Parliament with his presence.
While it is not yet known what the reason is for the jump in privileges, researchers who have examined Android's code have suggested it could be due to the SDKs used by some new features.
@facebook using @WhiteOps SDK to fight fake stories:— Nikolaos Chrysaidos (@virqdroid) May 18, 2018
- Checking white/black listed domains
- Checking lots of features to detect fake stories / bots etc
Do they collect those info? pic.twitter.com/Q6GRjKcgw7
The situation is reminiscent of the 2016 findings that Facebook's app was getting microphone access for the placement of ads, something the social network would later deny. ®
Updated to add
“A coding error in one of our anti-fraud systems caused a small number of people running the Facebook app and certain permission management apps on rooted Android phones to see a request for additional access permissions. We do not need or want these permissions, and we have already fixed this issue. We apologize for any confusion,” Facebook said in a statement.