Dangerous And Ridiculous: Facebook Won't Let Sites Join Its Internet.org Program If They Encrypt Traffic
from the bad-move dept
Karl touched on this with his recent post on Facebook’s Mark Zuckerberg defending his Internet.org and its walled garden of “zero rated” services, but it deserves a separate post. You see, part of Zuckerberg’s announcement was that Internet.org was expanding to let in other sites, but there are serious restrictions, and there’s a big “sorry, you’re not welcome” for sites that use HTTPS to protect the privacy of their users:
To qualify, they must meet three criteria:
- they cannot be data-intensive. Videos, high-resolution photos and internet-based voice and video chats are among the banned content
- they must be able to run on cheaper feature phones as well as more powerful smartphones. To ensure this is the case, the use of JavaScript, Flash, the secure HTTPS communications protocol and certain other web-based products are not allowed
- they should encourage the exploration of the broader internet if possible, to encourage users to ultimately pay for access
You could raise serious questions about all of these conditions, and the kind of walled garden that Zuckerberg is building, but keeping out HTTPS services at a time when the protection it provides is vitally important seems ridiculous.
To be fair, when confronted on this, Zuckerberg claims this is only a temporary situation, mostly driven by the fact that older handsets/browsers can’t handle HTTPS, but frankly that’s a weak excuse, given the risks associated with unecncrypted traffic.
Filed Under: https, security, zero rating
Companies: facebook, internet.org
Comments on “Dangerous And Ridiculous: Facebook Won't Let Sites Join Its Internet.org Program If They Encrypt Traffic”
No HTTPS = no on-line shopping, no private conversation to discuss personal matters, oh and no organizing political actions or protests.
Did I read that right? Facebook won’t allow sites that use https?
Talk about hypocrites. Facebook itself uses the https protocol and they refuse to allow sites to join internet.org if THEY use it too? LOLS
Got something for Mark Zuckerberg and Facebook:
http://s12.postimg.org/hg9kwizbh/image.jpg
I'd call Z a shithead
But then that would be an insult to shitheads all over the world!
I lol at what the founder of FB considers “data intensive”. FB is pretty ridiculous in that category for a ‘web page’. But yes, that’s pretty weak tea regarding HTTPS, “I don’t know how.”
New->OLD
Let’s see here:
1. Can’t use broadband applications.
2. Can’t use secure transmission
3. Pushes users to paid services.
Inspiration! He should name it AOL.
He’s lying/being misleading. He’s referring to working on its own encrypted proxy through which ALL INTERNET.ORG SERVICES DATA WILL PASS.
Quite convenient, no? Let sites themselves use their own encryption so they can be SAFE FROM FACEBOOK as well.
Not defending Zuckerberg or anything here, but, it does pay to stop and think for a minute about where Internet.org is being deployed and what devices people in these areas have to connect to the internet.
These aren’t college kids in Missouri with MacBooks and fibre, this is deep Africa and an old Nokia.
The needs of the customers of Internet.org are not the needs of us, and it is an error to see them like that. It’s a kind of cultural myopia.
Re: Re:
Requiring that a site offers HTTP or both HTTP and HTTPS would be a reasonable way to ensure old devices are usable, banning HTTPS is unreasonable.
Re: Re: Re:
I think you miss my point slightly. These aren’t people doing online banking and tax returns, its more of a community noticeboard.
Re: Re: Re: Re:
And you miss the problems inherent in that assumption, that they don’t WANT to do more with the internet. The types of phones being discussed by Zuckerburg (cheap feature phones) are way more capable then the old Nokias you describe, and its only limited to a community notice board because facebook limits it to being a community notice board, and is still claiming its giving them the internet. ALso, the assumption that the only reason you want secure communications is ‘online banking and tax returns’ is a bit disingenuous as well. The inability for anyone, including facebook, to know what you are doing on the internet is a big step forward for human rights, and facebook wants to undermine that.
Re: Re: Re: Re:
You are missing the point. People in these areas do MORE online banking than you or I.
M-Pesa is the #1 app in many parts of Africa.
Re: Re: Re:2 Re:
M-Pesa doesn’t seem to be online banking, its more of a micropayment scheme using your pre-pay credit on your phone.
Re: Re: Re: Re:
What about confidential communications with medical workers, or human rights organizations? Encryption effects more than just banking.
Re: Re:
Nope that’s crap too.. Look up “Facebook lite” it’s an android App that is ONLY available in non ‘western” countries (or by download from non App store places) and you will see it has pure encryption, ability to stream video and high photos, as well as incorporates FB CHAT, Facebook,FB Groups, and EVERYTHING that facebook itself can do..
Oh and it’s used by any Android variant from version 2.1 upwards. Also it’s been ported to Symbian as well.
Who made it you might ask? Well FACEBOOK themselves did.
How big is it? — under 300 Kilobytes!
So this bullshit about not able to do SSl, Streaming, or data intense stuff is total BULLSHIT and is another reason why everyone needs to avoid internet.org like the plague and go with other things that are not reliant on a company with major ulterior motives.
Re: Re:
I had a cheapie flip phone many years ago that could be used to access web sites in a limited fashion. But it could handle HTTPS as well as Javascript. New cheapie flip phones commonly sold in poor countries are even more capable than the ones I had in those days.
Zuckerberg’s explanation is shaky at best. The more likely explanation is that they want to be able to examine all traffic to extract data they can monetize.
An encrypted layer can be built on top of this
Both ends of a connection need encryption. That encryption does not need to be built into the internet infrastructure you are using. All you need is the ability to communicate messages, like raw packets, or ‘packet messages’ of data over a TCP connection.
Those messages are encrypted blocks. The other end that you connect to has to understand them.
So that other end could be some sort of relay or gateway to the free internet and that gateway would be located in the free world (if there still is such a thing).
On your local end you would have a proxy that your browser connects to. That proxy encrypts traffic and pipes it back and forth between a gateway or gateways in the free world. In fact, the more gateways the better.
Perhaps the next anarchy protocol needs to support ‘streams’ where every packet of the stream can come from a different IP address. Think like a TCP stream, but each packet of the stream might come from a different TOR exit point. At the receiving end the ‘anarchy protocol’ support (think the TCP reassembly of packets into a stream) would reassemble packets from diverse IP addresses into the stream from which it started at the other end. This would not only allow encryption, but would significantly hinder traffic analysis. When sending, every packet of an outgoing stream would take a different route and might even go to a different TOR entry point.
Censorship and Spying are damage which will be routed around.
Dear Zuckerberg: dump the internet.org brand. IT’s boring. I hear Prodigy.net is available…
If traffic is encrypted they won’t get their government money
Think about it...
If this walled garden has encrypted traffic inside it, ol’ Zucky & Co. can’t snoop on it to profile its users.
I just don’t care. I’ve never been on Facebook and I’m not missing it now. He can keep his spy apps and sites and hope it pays. I’ll not be missing that either.
Re: Re:
Glad you have the option to not use facebook. Don’t you want everyone to have that option?
yes it is dangerous and it is ridiculous but the way sucker mouth works is to to trawl up all the customers info before the feds do. that can then be sold off to the various companies that want to advertise or to keep hammering people with mail and calls! there is absolutely no way he is gonna do anything unless it makes him money!
Internet.org is CIA. Time to wake up.
does zuckerburg use encryption on his personal files though.
My assumption would be yes he is a hypocrite as sees himself as above the little people that helped make him worth so much
Internet.org irrelevant
So let me get this straight: Internet.org is adopting a 2005 service model in 2015? That just means that it is obsolete before it starts. It will prove irrelevant.
So, if this crap gets big will the kids be learning that this pubehead invented the internet?
Of course not
What if they advertised something facebook didn’t like? No, Facebook needs to be able to monitor it all. Don’t worry, they won’t abuse that power.
Actually it is TLS not SSL.
But isn't it Facebook's own business
Unless I’m missing something, this is Facebook’s own money. Maybe this idea is bad/wrong/stupid. But dangerous? – give me a break. IIRC nobody forces people to use it, right?
Like it – use it. Don’t like – don’t use.
To the point – Facebook’s argument is “this is better than nothing”. I fail to see counter-argument here. Does Mike think that in fact, this is worst than nothing? Why? Because Facebook may profit?
All this “abuse their power” BS is funny. Last time I checked, Facebook is just a website. It’s not “Umbrella Corp.”, you know. They don’t have private army or black helicopters.
It’s just a website. Get real.
Re: But isn't it Facebook's own business
“Unless I’m missing something, this is Facebook’s own money. Maybe this idea is bad/wrong/stupid. But dangerous?”
It’s bad for the internet because it harms the effort to achieve net neutrality in a particularly pernicious way. It’s also deceptive because it claims to be providing internet access when really it’s just providing access to a limited set of websites. This is teaching the target audience all the wrong things and makes some of the worst abuses of big internet companies (like Facebook) seem normal and acceptable.
“Facebook’s argument is “this is better than nothing”. I fail to see counter-argument here.”
The counter-argument is simple: that’s a false dichotomy. The choice isn’t between Facebook’s approach or nothing.
“Last time I checked, Facebook is just a website.”
You should check again. Facebook is a LOT more than just a website.
Re: Re: But isn't it Facebook's own business
Stupidos
Most of the “poor” people that internet.org targets are seen come to Europe as “refugees”, holding Samsungs far better than mine HTC. Let’s be honest – this shit internet.org is because someone is greedy to take over the low educated people in Africa…
HTTP to HTPS
I recently switched from http to https and facebook banned/blocked me. So is this the reason? I contacted em but no one has gotten back to me yet.