this post was submitted on 19 Jul 2023
1031 points (91.7% liked)

Technology

58303 readers
10 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

Not sure if this is a good place for this post or not, but here goes.

I reject outbound connections to meta domains at the firewall. I noticed this banking app refuses to prompt for login credentials unless I am on mobile or a public WiFi network. I watched my FW logs and noticed many rejected connections to graph[.]facebook[.]com.

I contacted their support team, but they denied the connection was their app. I shared the screenshot on this post and they closed my case without comment.

I emailed the address on the Google play store and they also denied the connection was their app. I shared the screenshot and they asked if I downloaded the app from the play store, implying the official app doesn't do this, but of course it does.They closed my case without proper resolution as well.

Just thought I'd share this here so people know that some banks make direct connections to Facebook to share analytics, without your knowledge or informed consent, and they lie about it when called on it.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 103 points 1 year ago* (last edited 1 year ago) (1 children)

Launchdarkly is likely a culprit as well. Just doing a background search reveals that the service allows dev teams to do A/B testing, enable new features without releasing a new version, and various other "dynamic" functions.

OP is on the wrong side of Occam's razor

[–] [email protected] 30 points 1 year ago* (last edited 1 year ago) (2 children)

This is definitely probably it. I can't believe more things aren't broken by blocking launchdarkly

[–] [email protected] 14 points 1 year ago (1 children)

If you set it up correctly it defaults to a specific flag state if it can’t connect. I.e. always show the user the old treatment instead of the new if you can request the actual state of their enrollment.

They get blocked constantly and my old company just routed the requests through our domain so they’d stop getting blocked

[–] [email protected] 4 points 1 year ago (1 children)

I think you underestimate how shitty software can be.

[–] [email protected] 1 points 1 year ago* (last edited 1 year ago)

When I worked at IBM and was between service delivery contracts to other clients, I had to use Lotus SmartSuite.

[–] [email protected] 3 points 1 year ago

I have it blocked in NextDNS haven’t seen any issues in 4 years without it. Blocking ntp.org has definitely caused issues especially with IOT devices.