Researcher discovers what Facebook Onavo VPN is REALLY tracking

Facebook Onavo VPN

Facebook’s ‘Protect’ VPN feature has come under further fire after security researcher Will Strafach published a blog post showing what’s really going on under the hood.

Social media giant Facebook recently launched their ‘Protect’ feature with little fanfare. ‘Protect’ for all intents and purposes is a VPN service created by Onavo which was acquired by Facebook some time ago.

Hurrah Facebook for promoting privacy you may think, well not so fast.

Tracking, Tracking, Tracking

The media were quick to pan the new ‘Protect’ feature with headlines such as “Don’t Trust the VPN Facebook Wants You to Use”, “Do Not, I Repeat, Do Not Download Onavo, Facebook’s Vampiric VPN Service” and “Why Facebook “Protect” is all but protection”.

Some may think that Facebook was unfairly given a rough ride, however their lack of privacy commitments in the past have certainly helped build that reputation.

Security Researcher Will Strafach endeavoured to find out what information if any was being collected about users who choose to enable the Facebook Protect feature.

Strafach opted to investigate the iOS edition of Facebook Protect which is the most prominent version of the feature. His published findings make for some uneasy but almost expected reading.

Facebook Protect tracking revealed

Strafach discovered that Facebook uses an extension known as a “Packet Tunnel Provider” which is running consistently while the Protect VPN feature is connected.

The purpose of this extension is to retain and send data about the user in question back to Facebook themselves periodically.

This data includes:

  • When a users’ screen is turned on or off
  • Total Wi-Fi data usage, even without using the VPN
  • Total mobile data usage, even without using the VPN
  • Regular information on how long the VPN has been connected

The Protect VPN app stores 49 “events” in memory after which it is passed to a log file to be uploaded to Facebook.

Strafach writes that attempting to monitor such uploads proved difficult. One extremely minor positive is that Facebook uploads this information via the secure VPN tunnel and as such is the reason for the hindered research.

What this means for you

While some may remain underwhelmed about the details retained and shared with Facebook it’s worth remembering that this tracking is all based app-side. Meaning these are activities happening within the app itself on your device.

Facebook through its Onavo VPN runs VPN servers that users connect to. What happens to your data at these so called “end-points” is unknown.

Although data travels securely from your device to Facebook’s VPN servers it is then removed of its encryption before being passed onto the wider internet.

While no one is suggesting Facebook is vacuuming this data en masse, the question of what are they doing with your data remains.

Free VPN services always risky

Free VPN services have always been risky. As running a service costs money, the old saying of if you’re not paying for the service then you are the service rings true.

Providers of VPN services need to generate revenue, if that doesn’t come from you paying for it then it often comes from data about you being sold or utilised in other ways.

While Facebook clearly has infinite funds available in comparison to the traditional “Free” VPN services, it’s a company intent on making money and bolstering it’s foothold in almost every industry using any means.

As was the advice before the published research, it is better to sign up for a paid-for VPN service such as those offered by reputable companies like IPVanish, ExpressVPN and NordVPN. Whose job it is to protect your privacy and not to use data generated for their own gain, unlike Facebook.

Data is valuable, your data is personal, as Strafach’s research has shown, Facebook are again harnessing your data for their own gains.

Leave a Reply

Your email address will not be published. Required fields are marked *