Some users have noticed settings that let Meta analyze and retain phone photos

I don’t understand why apps need access to my photos at all. (with some very specific exceptions,) apps should only access a photo, which I first select using the system photo picker. There’s no need for apps to access the entire camera roll just so I can select one photo to use with that app.

I know that that’s partially implemented with the limited photo access now, but it’s confusing from a UI perspective and I don’t understand why this isn’t the default.

The only apps that need full access to my camera roll, are apps like Google Photos, Nextcloud or Immich. Everyone else can suck a lemon.

Not just Apple, Google too. Companies having zero audit trails over files they send to their servers is why I wrote off Windows for good. I noticed Microsoft Defender may randomly send files to be inspected, but there's not audit trail of what files they've sent. This is also why on iOS I force every app to only take files I hand select, I assume malicious intent from all apps. I periodically remove files they're allowed to see back down to 0.

If you only grant ‘Limited Access’ to an app to your photos you can review and modify at any time exactly which photos each app has access to.

Oh I can't wait to get friend suggestions for random people from my camera roll and vice versa. Meta literally creating a social graph of all people you ever captured. Three letter agencies secretly leaching metas network cable for this extremely helpful information. At this point your camera roll can be public as well.

yeah they do that for location*, they should warn if an app is constantly accessing the camera roll

I feel like what they would try to do in such a case is to make up some excuse to scan all the photos so you don't know what they're actually doing.

They shouldn't allow apps to give themselves permissions without an OS generated confirmation dialog. Google figured this out years ago

And risk their revenue? No way. It will come as “privacy preserving on-device-blabla” something that ultimately wouldn’t really protect users, only move the problem elsewhere in the stack. Like any other “privacy” feature of iOS.

audit logs of all privacy and sensitive-related events should be required by regulations

> would put huge pressure on reputable developers

It wouldn't put any pressure on Meta

In the iPhone you can select which photos are accessible by apps.

That’s not even necessary.

On your phone, go to Settingd -> Facebook -> photos -> limited access

And you can choose which photos Facebook has access to.

When you first give an app access to your photos, you have the “Limited Access” option.

Apple should also stop letting apps know that we have given them a limited photos or contacts list:

Telegram refuses to work if you provide it with just 1 dummy contact.

Some other clingy apps also get pouty and demand full roll access each time you try to use a photo.

What's even worse: For years, Apple has also allowed many apps including Facebook/TikTok/Tinder to use the "iCloud Keychain" API to store invisible information that tracks you across app reinstalls and EVEN DEVICE RESETS, because it's stored in your iCloud account, and there's no way for you to see what is stored or manually delete it without going through FB/etc and no way to be sure that they are indeed deleting everything.

I've ranted about that a few times but people just shrug it off like wtf (I imagine other people who abuse these APIs want to keep it buried)

Zuckerberg is now the bad guy from Ready Player One in all but name.

The devs get paid a fine salary, and can't afford it lose it, or they'll probably miss payments on their expensive vehicles and houses. So they do as they're told and don't complain.

Speaking as someone who joined them before they were like this, and left when they became this, Meta attracts talent by paying 50% more than anyone else. It’s very hard to leave when you get used to it.

Apple should improve the UI of this photo selection because it’s very cumbersome to scroll and select the same photos twice.

You should do this for apps even if you trust them.

One issue with permissions is that they apply to the entire app, including any third-party dependencies. Lots of apps use libraries given to them by advertising services -- they notoriously exploit permissions given to the app.

The problem is people have to actually do this, and it's cumbersome.

The solution is just straight up banning apps from the app store which request full photos permissions but only need a picker.

Whatsapp only needs a picker, it's not Google photos. Just make that part of the developer terms and start banning low hanging fruit and the apps will confirm in no time.

Android also has limited photos access nowadays.

That's on newer iOS versions and, by extension, on newer Apple devices only though.

what if my library was trillions of photos of poop shaped like a face

Even without permission, they're doing as much as they can technically manage: https://localmess.github.io/

Uninstall is indeed the only option. There is no way in hell this is the last time they do something like this, nor is it the first.

> Facebook, Meta, MetaQuest, Instagram and deleted my accounts. I’ll never put one of their apps on my phone again.

Hope you also removed WhatsApp, a very popular chat app especially outside the USA.

By definition they are social apps, so it's not usually up to just individuals whether to use them. For example if I stopped using what's app I'd cut myself off from the majority of my friends and family.

If you're not paying for it, you are the product.

I treat WhatsApp as a hostile app[1], which means I deny any access to my stuff even if I get a subpar experience. In places where it's required (as where I live), this is the bare minimum a privacy-minded person can do.

[1] https://manualdousuario.net/en/a-less-affectionate-approach-...

On iOS, whatsapp is weirdly pushy about getting unlimited access to your photo album.

They also go out of their way to make it hard to save a photo without granting full access. Creepy.

I was going to proudly boast that I don’t have any Meta apps on my phone. Got rid of FB a long time ago, never jumped on the Instagram train.

Then I your post and now I realize I’m still in the Meta world. Forgot about whatsapp for a second.

I just got a new phone and have been using WhatsApp via browser. It's a fight (e.g. you have to force desktop layout) and clearly something they'd prefer you didn't do but ... it's usable. Common actions like sharing photos, replying/reacting to a message, etc. all require multiple taps and futzing with the zoom level but they are possible. There are a few actions, like viewing one-time photos which are not available and the biggest problem is that you're still tethered to a device running a fully fledged version of the app. When your session expires, you're required to authenticate again by scanning a code generated by the native app. Thankfully, my old phone is still functional and this is one of the reasons I'm keeping it around. I'm considering it tainted by Meta and, since I won't be taking new photos or doing anything substantive with it, I guess that's fine.

I only have WhatsApp for communication in a club committee I'm on. I have a whole separate Android profile to maximise it's separation from anything and everything else.

I gave up Samsung Galaxy entirely over this .. even ended up switching to iPhone because I couldn't find another Android I liked as much.

Every Galaxy I ever owned came with uninstallable facebook apps, despite paying over 1k for the phone.

On the last one I had, I went in and did the ritual deleting facebook, and going in the settings to disable their other background apps.

I checked the phone 8 months later, and found that they had installed even more facebook apps that were now running without my consent.

That was the end of those phones for me, and I'm amazed that I put up with it for so long.

While I still have WA installed for unrelated reasons, I'm so happy for Matrix Bridges...

[dead]

That might be how they implement it technically, but I think the rules allow for some wiggle room.

If I move to a new state, I typically have a grace period to change the state of registration on my vehicle. I'm not immediately penalized for having out of state plates the very next day but if I get pulled over 3 months after I've moved, I might have a tougher time.

I don’t know if it’s discord or apple but there is something akin to this on iOS now. You can cherry pick which images are accessible. Kind of a pain actually when trying to tell a joke, but understandable why it exists.

For sharing to be a mechanism to transfer data between apps without needing excess permissions is intended, yes.

> putting Messenger on my GrapheneOS phone is dumb

Depends on your intentions. Privacy, security?

THIS, a billion times, for every insecure device, every popular operating system running today, and every popular programming language.

NONE of these systems were conceived or built with capability security in mind, none of them are even appreciably moving in this direction. None of them provide their developers or users user friendly interfaces for fine grained control and oversight of file system, networking, computing and memory resource usage.

They don't allow developers to hollow out the attack surface of their programs by compartmentalization and reifying rights as objects as CapSec prescribes; they cannot, due to their fundamentally broken architectures, provide powerful guarantees such as: "this part of the code cannot access any other resources and is restricted to pure computation, its only effect will be the result it returns".

That no one is seeing this, listening and learning, is a disgrace, a collective, civilization-scale failure to apply this knowledge. The exploits will continue until we learn. And until user agents and their creators are forced, by choice and by law, to truly act to the best of their ability in the best interest of their user.

https://en.wikipedia.org/wiki/Principle_of_least_privilege

I need whatsapp to communicate with global KOLs for work.