Jeter, just one subordinate Endless cloning of Facebook/Twitter For MAGA, angry at social media rules against conspiracy theories and bigotry, she sold herself to potential users as a way to escape the totalitarian tyranny of tech giants like Facebook and Google. Surprise! This ballpark comes with a million warnings, first and foremost being that Gettr doesn’t seem to do it at all.
According to new research recently conducted by Yale Law School Privacy Lab founder Sean O’Brien Published by Talk Liberation InvestigatesGettr’s web and smartphone apps contain trackers that would allow Facebook and Google to track users as they roam the Gettr’s supposed freedom of expression. (O’Brien is also the chief security officer for Panquake.com, a crowdfunded, blockchain-powered social network that hasn’t launched yet, meaning he works for a competitor.)
Gettr . code It includes two trackers that are ubiquitous across the web — a browser cookie that tracks users in search of google browserSprawling AdSense Network, and the The notorious Facebook pixel, a tiny dot embedded in millions of sites across the web Facebook Voices Every time it is loaded. These tools functionally allow Gettr to take advantage of the same type Web tracking technology is ubiquitous Its directors, such as former Donald Trump aide and CEO Jason Miller, Owns condemn. The price of admission is of course sharing that much data with Facebook and Google.
In addition to the Facebook and Google trackers, Gettr uses similar third-party tools like AppsFlyer and Countly, which provide web browser fingerprinting (creating unique user IDs) and behavioral data. Altogether, these trackers are able to transmit “accurate behavior and location data” and enable continuous cross-device tracking of Gettr users, according to the report. Only AppsFlyer is able to collect details such as “IP address, cellular network provider, OS version, phone model, and exact and accurate location information”.
The privacy issues don’t end there, as the report also identifies a number of major security vulnerabilities.
Furthermore, the report states that Gettr “connects to many external domains” with hotlink content such as news articles, blogs, and videos. It indicates that standard security practices such as adding security headers, referral headers, and other default settings are apparently not implemented, while GETTR loads a lot of unencrypted or mixed HTTP content. not only this Significant security risks – content from third-party domains could theoretically be infected with malware – potentially also exposing users to “monitoring by the original source”. It also creates opportunities for police or network administrators, such as University or corporate IT departments, to monitor any unencrypted traffic. Given that this site hacked Within hours of opening and the apparent lack of technical expertise among the type of users that Gettr flirts with, this is a pretty big security hole.
Although a Huge data leak It includes personal data stolen last year, O’Brien wrote, and Gettr still allows anyone to access its API without security measures like a verification key. While Gettr removed email addresses and location data from the API after the leak, according to the report, the lack of verification means that it can be “queried by anyone with basic technical skills” to download data such as a user’s entire post history or everyone they follow almost without restrictions. .
O’Brien He told the Daily Dot In an interview, Gettr’s commitments to users regarding privacy and security are “disingenuous,” adding: “People don’t realize the full scope of tracking using Gettr…I think there are a number of things they need to change architecturally.”
Jeter private policy It acknowledges the use of tracking tools, specifically acknowledging that it uses Google tools: “We may use third-party services such as Google Analytics to help us analyze our performance, deliver the Services, and advertise to you.”
Miller’s gist was that Gettr would not censor users in the same way that the right wing would They accuse social networks Like Facebook and Twitter than to do. But while it may have more flexible rules than these competitors (and questionable capabilities to actually enforce them), find out content deletion, account bans, and spam purging is the minimum To keep the site usable at all. as TechDirt noticed last monthNot only did Gettr ban white supremacist Nick Fuentes for violating their terms of service, he went even further Ban the word “groyper”—An Internet meme that has become slang for a small legion of Fuentes followers — from the entire site. Gizmodo tested this on Tuesday and found that trying to post the term “groyper” results in an error saying “Oops! An error occurred while submitting your post”. Whatever system is in place does not seem to work very well, although repeated attempts to popularize the term eventually lead to success.
Getter did not respond to a request for comment for this story, but we’ll update if we hear back. Miller sent Motherboard a statement excerpt below:
This report misses a lot of things, and a more responsible front-end fact-checking could have helped the author avoid any needless confusion. Unlike Big Tech social media platforms, GETTR does not sell user data, and we are committed to protecting users from Big Tech overreach and political discrimination. On GETTR, everyone is treated the same regardless of their ideology. We are a safe space for freedom of expression, independent thinking and most importantly, user data. This is the difference between us and our competitors in Silicon Valley.
These so-called trackers are used only for targeted ads on Facebook and Google that we display to promote GETTR, and as part of remarketing efforts designed to encourage people to return to our platform. This information is not shared with anyone else. For data analytics, it is used strictly for internal quality assurance and customer experience improvement purposes only.