this post was submitted on 19 Jul 2023
1030 points (91.7% liked)

Technology

59593 readers
3951 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

Not sure if this is a good place for this post or not, but here goes.

I reject outbound connections to meta domains at the firewall. I noticed this banking app refuses to prompt for login credentials unless I am on mobile or a public WiFi network. I watched my FW logs and noticed many rejected connections to graph[.]facebook[.]com.

I contacted their support team, but they denied the connection was their app. I shared the screenshot on this post and they closed my case without comment.

I emailed the address on the Google play store and they also denied the connection was their app. I shared the screenshot and they asked if I downloaded the app from the play store, implying the official app doesn't do this, but of course it does.They closed my case without proper resolution as well.

Just thought I'd share this here so people know that some banks make direct connections to Facebook to share analytics, without your knowledge or informed consent, and they lie about it when called on it.

you are viewing a single comment's thread
view the rest of the comments
[–] ChatGPT@lemmy.world 164 points 1 year ago (3 children)

It’s probably NTP a lot of banking apps have extra protections and if it can’t determine the time from its own trusted authority it may not allow the connection.

[–] rcmaehl@lemmy.world 102 points 1 year ago* (last edited 1 year ago) (1 children)

Launchdarkly is likely a culprit as well. Just doing a background search reveals that the service allows dev teams to do A/B testing, enable new features without releasing a new version, and various other "dynamic" functions.

OP is on the wrong side of Occam's razor

[–] stardust@lemm.ee 30 points 1 year ago* (last edited 1 year ago) (2 children)

This is definitely probably it. I can't believe more things aren't broken by blocking launchdarkly

[–] Radium@sh.itjust.works 14 points 1 year ago (1 children)

If you set it up correctly it defaults to a specific flag state if it can’t connect. I.e. always show the user the old treatment instead of the new if you can request the actual state of their enrollment.

They get blocked constantly and my old company just routed the requests through our domain so they’d stop getting blocked

[–] minikieff@lemmy.world 4 points 1 year ago (1 children)

I think you underestimate how shitty software can be.

[–] saltesc@lemmy.world 1 points 1 year ago* (last edited 1 year ago)

When I worked at IBM and was between service delivery contracts to other clients, I had to use Lotus SmartSuite.

[–] ChatGPT@lemmy.world 3 points 1 year ago

I have it blocked in NextDNS haven’t seen any issues in 4 years without it. Blocking ntp.org has definitely caused issues especially with IOT devices.

[–] 14th_cylon@lemm.ee 22 points 1 year ago (6 children)

how would that explain connection to facebook?

[–] randomguy2323@lemmy.fmhy.ml 49 points 1 year ago (1 children)

It is not only Facebook that is been block if you take the time to read the log you will see the NTP connection is being block too.

[–] xintrik@lemm.ee 3 points 1 year ago

The app in the screenshot is just capturing packets. The list shown are connections made during the capture and closed just means the connection is not currently active.

That said, I downloaded Ally, ran that same packet capture but never saw anything sent to Facebook. I got to the login screen just fine.

[–] popekingjoe@lemmy.world 49 points 1 year ago* (last edited 1 year ago)

It doesn't.

OP is claiming that disallowing the connection to Facebook is stopping the log in, but it might be blocking the connection to the ntp server instead.

[–] EpicFailGuy@kbin.social 23 points 1 year ago

@14th_cylon

@s38b35M5 @ChatGPT

It doesn't, the implication is that it's not the connection to FB what's making the app not work, but the lack of NTP sync.

Plenty of apps reach out to FB for widgets, or those stupid "share your experience with your friends" buttons that no one uses ... that's why we block them in the first place.

[–] rcmaehl@lemmy.world 10 points 1 year ago* (last edited 1 year ago)

Ads & Analytics, like most things.

https://developers.facebook.com/docs/graph-api/overview/

Wouldn't surprise me if there's an in-app ad / self promotion / community announcements / et al that is managed via FB's Graph API

[–] danc4498@lemmy.world 6 points 1 year ago (1 children)

Is it normal that a bank app tries to connect to meta?

[–] Action_Bastid@lemmy.world 25 points 1 year ago* (last edited 1 year ago) (1 children)

Meta provides a lot of other backend B2B services beyond just Facebook, Instagram, and Threads.

You think that's the only way they have of scarfing down data? Absolutely not, they make other useful tools as well that businesses can use, because if they can't get their info directly from you, they can get it from the people you have to regularly interact with instead.

[–] danc4498@lemmy.world 8 points 1 year ago (3 children)

This is gross… but also not something I’ve really thought about.

[–] graphite@lemmy.world 6 points 1 year ago

You better start thinking about it.

[–] Captain_Ender@kbin.social 4 points 1 year ago

A lot of companies have massive backend services they don't really advertise. Amazon makes most of its profits from AWS which is pretty much the primary distribution hub of the entire Internet.

[–] grue@lemmy.world 2 points 1 year ago

It's yet another reason why folks who suggest boycotts instead of legislative solutions to corporate abuse are deluding themselves.

[–] almar_quigley@lemmy.world 4 points 1 year ago

The implication is that OP’s assessment is incorrect and the blocked requests to launchdarkly are what’s preventing them from logging in. The Facebook requests don’t show a source so they could be from another device.

[–] s38b35M5@lemmy.world 3 points 1 year ago* (last edited 1 year ago) (2 children)

When I unblock the Facebook address, the app opens as expected.

I'm not blocking any NTP. My home servers rely on it (just TrueNAS checks time every 3 minutes...), but I do block DNS outbound to force using my own DNS.

[–] fatalicus@lemmy.world 24 points 1 year ago

You are blocking NTP though. Look at your image, all the way at the bottom.

[–] marmo7ade@lemmy.world 15 points 1 year ago (1 children)

I do block DNS outbound to force using my own DNS.

This doesn't make sense. Blocking outbound DNS is effectively blocking everything, as you can see if your screenshot. Launchdarkly and NTP are both "closed". Did you look at your own screenshot?

Do you know how DNS works?

[–] heyitsmikey128@lemmy.world 2 points 1 year ago (1 children)

I'm going to assume that hopefully OP knows how DNS works and meant he blocks all outbound DNS requests from his devices and sets a specific DNS for his external queries from his FW/Router. I do the same thing.

However, he is blocking NTP right there so who knows.

[–] xintrik@lemm.ee 0 points 1 year ago

PCap is just a packet capture. "Closed" in this context just means the connection is no longer currently active.