There is no reason to require this setting for users who aren’t posting live videos.

  • jet@hackertalks.com
    link
    fedilink
    English
    arrow-up
    210
    ·
    edit-2
    4 months ago

    Hostage permissions

    This is why I really like grapheneos. They’ve created scoped permissions, so the operating system tells the application Yes you can see this thing, but it’s empty. Right now they’ve implemented scoped storage, and scoped contacts. So if it tries to extort you to see your entire contact list you can limit it to an empty list, a very limited list, or everything if you don’t care

    https://grapheneos.org/features#storage-scopes

    • Eager Eagle@lemmy.world
      link
      fedilink
      English
      arrow-up
      10
      ·
      edit-2
      4 months ago

      I heard of scoped permissions before but didn’t know it could also zero the outputs of sensors to trick intrusive apps. That’s a neat feature set.

    • PopShark@lemmy.world
      link
      fedilink
      English
      arrow-up
      7
      ·
      edit-2
      4 months ago

      I really hope Apple implements scoped permissions sometime soon

      Edit: lol I just realized the OP could press “Not Now” - though technically the app would then prevent posting stories still :/

      • cm0002@lemmy.world
        link
        fedilink
        English
        arrow-up
        33
        arrow-down
        1
        ·
        4 months ago

        Yea, but it’s a good phone to target, Pixels are one of the few remaining manufacturers that freely let you unlock the BL and probably one of the last that is carried by nearly all major US carriers. OnePlus used to be another but iirc they’ve stopped selling on all carriers stores

        Yes yes yes, you can buy any frequency-compatible phone you’d like from like Amazon, AliExpress, Best Buy, manufacturer store etc but that’s an expensive option for many as you have to front the entire purchase price with little exception.

        So if you want a BL unlockable phone, purchased through a carrier to take advantage of the reduced financial load of payments instead of all up front, in the US…it’s pretty much just Pixels

        • Refurbished Refurbisher@lemmy.sdf.org
          link
          fedilink
          English
          arrow-up
          3
          ·
          4 months ago

          You can’t unlock the bootloader on carrier-locked Pixel phones; they need to be SIM unlocked in order for the “OEM Unlocking” option to be available.

          • cm0002@lemmy.world
            link
            fedilink
            English
            arrow-up
            6
            ·
            4 months ago

            Yes, but it’s far easier to obtain a SIM unlock than it is to unlock a BL from a manufacturer that just says “No” instead of “As long as it gets carrier unlocked”

            I have a Pixel Fold purchased and (still) financed through T-Mobile that is BL unlocked and rooted. Most of the time they’ll override their SIM unlock requirements if you’ve had an account for awhile. Unsure about ATT, I’ve heard they’re 50/50. Verizon, ofc, are a bunch of bitches about it

        • militaryintelligence@lemmy.world
          link
          fedilink
          English
          arrow-up
          2
          ·
          edit-2
          4 months ago

          Even Verizon? I’ve had a few phones from Verizon that were supposedly easy to root or whatever but they have that shit locked down tight.

          • cm0002@lemmy.world
            link
            fedilink
            English
            arrow-up
            3
            ·
            4 months ago

            Verizon are a bunch of bitches about it, they’re as bad as Samshit. They’re a match made in hell tbh.

            Of the major 3 carriers, it’s always been T-Mobile that’s the “most friendly” to tinkerers. Technically, you can’t unlock the BL until it’s been carrier unlocked, which TMO is generally OK about overriding their requirements as long as you’ve had an account for awhile

          • TurtleTourParty@midwest.social
            link
            fedilink
            English
            arrow-up
            2
            ·
            4 months ago

            I recently bought and then returned a used Verizon pixel 8 because I couldn’t unlock the bootloader or even add a non Verizon eSIM.

        • Cris16228@lemmy.today
          link
          fedilink
          English
          arrow-up
          7
          ·
          4 months ago

          I was interested because everyone keeps talking about it and I wanted to try it myself but it’s compatible only with pixels. I have a Samsung and I changed phone recently so I’m not going to buy it again. I don’t want to spend 600+ for a new phone + 2/300? (100?) for the buds but my next phone will be a pixel🤔

            • Cris16228@lemmy.today
              link
              fedilink
              English
              arrow-up
              2
              ·
              4 months ago

              Samsung buds? I know they have 100% features with Samsung devices, I don’t know if it works with other devices

              • Mycroft@lemm.ee
                link
                fedilink
                English
                arrow-up
                2
                ·
                4 months ago

                Would be pretty shitty if they artificially didnt worked. It think it’s still an headphones that can be used even without the, I’m guessing, nice intégration with Samsung phone.

                Disclaimer: I’ve never owned Samsung buds.

                • Cris16228@lemmy.today
                  link
                  fedilink
                  English
                  arrow-up
                  2
                  ·
                  4 months ago

                  Honestly? I like the “switch between devices” sometimes I use the old phone then I switch to my main buuut… I hope they don’t do it

          • cm0002@lemmy.world
            link
            fedilink
            English
            arrow-up
            13
            arrow-down
            2
            ·
            4 months ago

            Oof, yea Samshits are the worst of the worst. They’re actively hostile to those who would dare want to use their phone how they see fit.

            Even if the stars align and people are able to breakthrough the BL lockdown, Samshit phones are designed to blow an efuse and permanently lock the phone to 80% battery capacity just for a big ol fuck you

            Never EVER buy Samshit phones if you can help it

      • rockSlayer@lemmy.world
        link
        fedilink
        English
        arrow-up
        14
        ·
        4 months ago

        It’s only guaranteed to work with pixels. It still works with other phones, but with varying degrees of success and obviously no official support.

      • olof@lemmy.ml
        link
        fedilink
        English
        arrow-up
        8
        ·
        4 months ago

        I’m using it on a Fairphone 5 since a while. Works flawless

  • Ghostalmedia@lemmy.world
    link
    fedilink
    English
    arrow-up
    12
    ·
    4 months ago

    If they don’t already have rules about this, Google and Apple should update their store rules to prevent this crap.

    • Dogeek@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      3
      arrow-down
      1
      ·
      4 months ago

      Playing devil’s advocate here but there could be legitimate reasons to prevent features of an app if you don’t give the permissions.

      Things like professional type apps that need geolocation to work (geofencing, photo geoloc) or because x big shot client wants to track their employees and you’re just forced to accept that unless you want to declare bankruptcy.

      Definitely is a very hostile pattern though and there’s no reason for meta to do this shit…

  • Raiderkev@lemmy.world
    link
    fedilink
    English
    arrow-up
    27
    ·
    4 months ago

    I set up Amazon Echo buds recently. I have no desire to use any of the Alexa crap on them and just wanted cheap, decent noise cancelling Bluetooth earbuds on prime day. You apparently can’t set them up without the Alexa app and like all the permissions. I downloaded it on an old phone that’s practically blank, set up the buds, and deleted the app. Once it’s set up you can use like regular Bluetooth earbuds. They wanted location all the time and a few others (microphone maybe?). Selecting only allow this time wouldn’t even work. I get it Bezos, u want my data, but fuck off u aren’t getting it.

    • yamanii@lemmy.world
      link
      fedilink
      English
      arrow-up
      10
      ·
      4 months ago

      You should look if it works with gadgetbridge. Maybe you can get some functionality back that the app had?

    • reallykindasorta@slrpnk.netOP
      link
      fedilink
      English
      arrow-up
      4
      ·
      4 months ago

      This does appear to be a functional workaround atm (the mobile website via safari app allows me to post photos to stories) but the editor is severely gimped so you can’t resize images and such. Desktop version doesn’t seem to allow you to post stories at all. If I NEED to share something perhaps I’ll use this.

  • Robotunicorn@lemmy.world
    link
    fedilink
    English
    arrow-up
    10
    ·
    4 months ago

    Not surprised. It’s just Meta being Meta and garbling up all yo data so that it can make money from it. Maybe don’t use the app. Try accessing from your mobile browser.

  • Shady_Shiroe@lemmy.world
    link
    fedilink
    English
    arrow-up
    6
    ·
    4 months ago

    I only use Instagram to look at the reels my family sends me, I don’t allow myself to use it for anything else because you can easily waste 2 hours and feel miserable afterwards. What I like about Lemmy is I can get through all new posts for the day in at most 20 mins and maybe learn about some interesting while I’m at it.

    • reallykindasorta@slrpnk.netOP
      link
      fedilink
      English
      arrow-up
      3
      ·
      4 months ago

      Yeah I use it to keep up with friends/family and have a private account— most people I know don’t post regular posts, only stories, so it’s actually quite easy for me to exhaust all the content I care about and then leave. The post feed is mostly ads for me since my friends don’t post. The ‘explore’ feed for me is mostly indian weddings and flood content for some unfathomable reason.

  • RangerJosie@sffa.community
    link
    fedilink
    English
    arrow-up
    61
    ·
    4 months ago

    I installed it earlier this year on android. But it wouldn’t let me sign in or browse without syncing my contacts from my phone.

    So I uninstalled it.

  • Chozo@fedia.io
    link
    fedilink
    arrow-up
    17
    arrow-down
    2
    ·
    4 months ago

    Gonna play Devil’s Advocate for a moment here.

    I assume that this isn’t actually for nefarious purposes, and is actually just a low-effort way of curbing spambots on their platform. It’s likely that the bots are using emulated devices to post from the official app, and this permission might lock up a lot of those bots. Obviously this wouldn’t be the best way to combat spambots, but I’m gonna go with Hanlon’s Razor on this one.

    I know the immediate first thought most people will have is that this is just so Meta can open up another avenue to spy on you. But let’s consider for a moment the logistics involved in that. Audio/video data is huge; capturing and parsing it it requires a non-insignificant amount of CPU/battery usage, and transmitting it will use a good bit of bandwidth, both of which would be noticeable by even novice users (since most modern devices these days will show an on-screen indicator whenever certain sensors are being activated, and will tell you what app is using it, so seeing Instagram trigger your mic/camera when you’re not using it would be immediately noticed by just about everybody). That would also make this one data stream exponentially more costly to gather and process for Meta than most of their other data streams combined.

    Also consider the fact that Meta already has over a million data points on just about every single person on the planet, anyway; what could they stand to gain by monitoring your IRL presence that they haven’t already inferred from the other, less-invasive data they’ve gathered on you? Half of the recordings they’d get would be farts and “oh my god, stop barking, nobody’s even at the door”, and Meta probably already knows that you have a dog and lactose intolerance.

    It’s more expensive to produce, it’s more likely to be detected, and there’s less of a guarantee that you even get any usable data from it at all since they already know just about everything about you already. I really don’t see spying as the end goal for this particular action, only because it doesn’t seem like a profitable venture.

    None of this is to suggest that Meta isn’t spying on you. They are. They 100% are spying on each and every one of you. I just don’t think the mic/camera are how they’re doing it.

    • 1rre@discuss.tchncs.de
      link
      fedilink
      English
      arrow-up
      21
      ·
      4 months ago

      Not even that, it’s more than likely some PM said “we want to open the camera and be ready to record when someone goes on the story tab”, then it gets implemented as needing permissions first and not considering that some people wouldn’t want to give the permissions and only upload from camera roll

  • occultist8128@infosec.pub
    link
    fedilink
    English
    arrow-up
    19
    ·
    4 months ago

    all meta’s apps are suck ngl. i hate the way i can’t paste image from clipboard in whatsapp chat without giving whatsapp permission to manage my storage.

      • occultist8128@infosec.pub
        link
        fedilink
        English
        arrow-up
        3
        ·
        4 months ago

        idk when this sh*t started but in the older versions (as far as i remember), whatsapp didn’t ask for this if the image was from my clipboard. that was one of the trick to not giving the permission to manage my files to whatsapp when sending images.