Find local businesses, view maps and get driving directions in Google Maps. Facebook's mobile messenger has been installed over 16 million times on Google Play store alone and if you were one of the few who had.
Update
A few months ago we brought you the news that Harvard student and would-be Facebook intern Aran Khanna had created the Marauder’s Map, a Google Chrome extension that used Facebook Messenger metadata to track people based on where messages were sent, casting light on a huge privacy flaw in Facebook’s app. Download the extension and it was easier than ever for creepers who aren’t your friends to stalk you. Now it looks like Khanna’s little experiment cost him his internship at the social media giant.
The chain of events goes back to two days after Khanna posted the Chrome extension when Facebook asked him to disable it. Khanna complied. Then three days later Facbook contacted him again to unceremoniously rescind his internship. According to a case study for the Harvard Journal of Technology Science written by Khanna, he was canned because “the extension violated the Facebook user agreement by ‘scraping’ the site.”
A spokesperson for Facebook told Boston.com “This mapping tool scraped Facebook data in a way that violated our terms, and those terms exist to protect people’s privacy and safety.”
Whether he violated their terms or not, Khanna’s extension did uncover a major problem with Facebook’s data sharing practices, and for his acute know-how in showing the ways it could be manipulated he was dumped. It looks like Mark Zuckerberg thinks he’s the only Harvard undergrad who can create new computer apps in his dorm room.
Khanna ended his study with a series of questions highlighting Facebook’s faults saying, “What does this say about privacy protection? Can we reasonably expect Facebook or others with an interest in collecting and sharing personal data, to be responsible guardians of privacy? Could this work have been done inside Facebook to understand how its users view the collection and sharing of their data?” Facebook has yet to answer the questions, and probably never will. You don’t make it to 10 thousand employees without cutting a few interns loose.
A new extension for Google Chrome allows users to track willing Facebook friends. Dubbed the “Marauder’s Map” after similarly stalker-ish Harry Potter's killer app, the tool uses metadata available when Facebook Messenger is location enabled.
Created by Harvard student Aran Khanna, who will be interning at Facebook this summer and initially used to it track his friends, the map seems like it might be illegal, but definitely isn't. Available GPS data is simply being visualized.
Khanna says he created the app to show “the potentially invasive usage of the information you share,' informing consumers about the nature of their decisions. Here's a different way of looking at it: Khanna accidentally created an open-source FourSquare competitor and posted it to Github.
While writing the code for the extension, Khanna found that Facebook Messenger metadata is able to track precise latitude and longitude coordinates within less than a meter of the person using the app. That's great news for social butterflies and bad news for anyone trying to lay low.
Facebook’s mobile messenger has been installed over 16 million times on Google Play store alone and if you were one of the few who had taken the time to scroll down the permissions list when you were installing the app, you probably remember that it requires both Approximate and Precise Location access (besides a lot of other permissions).
It does seem like ages ago but a most important thing that we forgot about Facebook Messenger is that the app sends our location to the server each time we send a message.
Now that might sound harmless, unless you check out this new Chrome extension aptly titled “Marauder’s Map“. Using this rather “creepy” extension, you’ll be able to visualize exactly where your facebook friend has messaged you from (of course, without their knowledge or consent, it won’t be so creepy otherwise!). Don’t confuse this with the “Nearby friends” app from Facebook. Sharing your location is the main feature of the app, which then helps you check out who is available close to you but this extension visualizes a entirely different (and creepy) thing. Looking to turn off the feature before you even read the rest of the post, here’s the CNET guide to do so.
LOCATION PRIVACY? I SOLEMNLY SWEAR, I AM UP TO NO GOOD!
The extension utilizes the GPS coordinates that’s embedded inside each Facebook Messenger message to locate your position at that given point in time. Fortunately, this isn’t a real-time tracking tool. But it does mean, anyone who you texted using Facebook Messenger can see where you have been at the time you messaged them. (So much for lying about being late because of public transportation! Good luck with that excuse, after this extension!).
Furthermore, by gathering a couple weeks’ worth of chat data on the map and looking at the location clusters you can even figure out his weekly schedule. With this you can predict exactly which building he would be in at a given time. – Aran Khanna, medium.com
When police officers are concerned about their location privacy, I think it hardly an issue that can be brushed aside. One of the fundamental issues with Location privacy is that we are more worried about some governmental agency tracking us illegally more than our geo-tagged tweets, google’s location history or as this creepy chrome extension has shown – your Facebook Messenger messages. It’s so easy to forget and underestimate the fact that our location history is attached to every single message, which when aggregated over time can clearly show your weekly schedule, etc.
Wondering why someone would publish such an extension in the Chrome store? Aran Khanna who developed the extension, explains his motivations with a blog post on medium – here’s the link.