I want to preface this by saying that yes, I know that Instagram is bad. I am planning to get rid of it in the future but as of now I have to keep it for communication with people who are only on that platform.

So I have grapheneOS, use protonvpn (free version), use mull as my browser, and do not have google play services enabled on my phone. I do have some apps downloaded through aurora store such as Instagram, whatsapp, mychart, and mint mobile, but the rest came from f-droid.

I have noticed multiple times that after having private conversations on matrix, I get Instagram content in my feed that is scarily accurate to the conversation I had on the other platform immediately after. I know that things discussed in Instagram direct messages and group chat will give suggested content based on those conversations, but I get stuff that that is very specific to what I have ONLY discussed on matrix and didn’t look up via my browser.

So my question is how is Instagram doing this and what can I do to mitigate the spying it’s doing on my other apps. Thanks.

  • Atelopus-zeteki@kbin.run
    link
    fedilink
    arrow-up
    0
    ·
    3 months ago

    whatsapp is owned by Meta. I did a quick DDG search to see if I was correct and got this:

    “Meta owns several companies, including Facebook, Instagram, WhatsApp, Messenger, Threads, Meta Quest, Horizon Worlds, Ray-Ban Stories, Mapillary, Workplace, and Portal (discontinued).”

    I’ve been working to get the people I communicate with on Signal.app, instead. Other more informed individuals may be able to make additional suggestions.

  • shortwavesurfer@lemmy.zip
    link
    fedilink
    arrow-up
    0
    ·
    edit-2
    3 months ago

    Use it only through your web browser or bite the bullet and don’t use it at all despite those people that are currently on it. Maybe explain in a meme why you are leaving and where you can be found.

  • Zak@lemmy.world
    link
    fedilink
    arrow-up
    0
    ·
    3 months ago

    I don’t think Instagram can read your Matrix conversations, but may be able to predict your interests with fancy algorithms or buying information from data brokers, even if it’s related to things you did on another device.

    If you want to be more sure it’s not spying on your phone, uninstall the app and use it through your web browser.

    • countrypunk@slrpnk.netOP
      link
      fedilink
      arrow-up
      0
      ·
      3 months ago

      I might just have to do this, although having a VPN and accessing it on desktop might flag my account and/or lock it. Would having Instagram on my old phone and taking it off my current one help?

  • bionicjoey@lemmy.ca
    link
    fedilink
    arrow-up
    0
    ·
    3 months ago

    If the only thing you use it for us chat, I think you can chat with instagram users on FB messenger instead, which you can then heavily restrict in terms of the OS permissions you give to it.

    • countrypunk@slrpnk.netOP
      link
      fedilink
      arrow-up
      0
      ·
      3 months ago

      Wait, really? Can I log in with my Instagram account onto it? If so that’s great news because the main reason I’m keeping it right now is the chat, but sometimes get sucked into the content vortex.

      • bionicjoey@lemmy.ca
        link
        fedilink
        arrow-up
        0
        ·
        3 months ago

        I’m not sure, I think it may use an FB account. But you could make one specifically for this one use-case and then nuke your IG account.

  • Pasta Dental@sh.itjust.works
    link
    fedilink
    arrow-up
    0
    ·
    3 months ago

    If you want to be extra safe I guess the best way would be to use the web version of Instagram with ublock origin installed. If you can find a way to use Firefox containers on Android as well it could really restrict what they can access.

  • rhymepurple@lemmy.ml
    link
    fedilink
    English
    arrow-up
    0
    ·
    3 months ago

    Its really hard to tell from a technical perspective, especially without having closely monitored all of your digital activity (and those that you have been in close contact with) in the days/weeks leading up receiving the ads. Some things that Meta could have done (in varying degrees of realism) include:

    • read anything you downloaded from your Matrix client, like file attachments
    • read your notifications if they contain any contents of the conversation
    • read your clipboard if you copy/pasted anything into/out of a Matrix client
    • actively participating in the room and associated your Matrix ID to your Meta account(s)
    • scraped the contents of the room if it is public and unencrypted
    • others in the Matrix room saved your Matrix ID in your contact information within their contacts
    • Meta is recording your screen outside of Meta’s apps
    • a Meta library is used in another app/service on your device that is sharing information back to Meta
    • read an attachment that you downloaded elsewhere then shared on Matrix
    • Meta read screenshots you or others took of the conversation
    • Meta has a back door in the Matrix server or client software used
    • the administrators of your Matrix home server (or the administrors of any other home server in the room) are sharing non-encrypted information to Meta to offset hosting costs
    • Meta is running a home server of a user in the room
    • you or someone you are associated with clicked on a link shared in the Matrix room that contained a tracker or led to a site that contained a tracker

    Its really hard to comprehensively and conclusively avoid all “spying” that Meta/Instagram could do to you. The best thing that you could do is something that many people aren’t capable or willing to do - not install any Meta software, don’t use any Meta services, block any Meta IP addresses and/or domain names, and advocate that those around you do the same.

    Realistically, the best advice that youre going to get has already been said. Use the web browser instead of the app as much as possible, ideally in a different browser and/or user profile. If you must have the app installed, keep it in a separate profile and kill the app and/or profile whenever it is not in use. Review all of your security and privacy settings in all Meta apps. Review any apps/services you allowed Meta to connect to/from (and the security/privacy settings of those apps). Reduce the amount of information that you enter/share on Meta platforms. Review the other users that you are connected with on Meta’s platforms.

  • dwindling7373@feddit.it
    link
    fedilink
    English
    arrow-up
    0
    ·
    3 months ago

    It happens to me as well, in my instances it’s most likely the social network they tied me to. Some friends of mine are heavy Instagram users and whenever I hang out with them I get almost real time relevant ads on my isolated Instagram.

  • TheSun@slrpnk.net
    link
    fedilink
    arrow-up
    0
    ·
    3 months ago

    Use the user profiles feature of grapheneos to make a “social” profile and only use that to access Instagram / facebook.

    Meta sells your convo data on WhatsApp for ads, if you use it you will get targeted ads regardless.

    Other options are signal (Molly on fdroid), simplex, etc.

    • Deello@lemm.ee
      link
      fedilink
      arrow-up
      0
      ·
      3 months ago

      My car has an aux cable to connect to my phone. The cable died again so I’ve been rediscovering the radio and I’ve been been hearing commercials for whatsapp. They advertise E2EE as a feature. What you are saying is a contradiction to that. Is it possible to have E2EE AND have them sell your convo to third parties?

      • noodlejetski@lemm.ee
        link
        fedilink
        arrow-up
        0
        ·
        3 months ago

        they encrypt the content, but not the metadata. so Meta might not know what you’re talking about, but will know who do you talk with, how often, where from, for how long, and so on. that’ll often be more valuable for advertisers than the contents of the messages themselves.

        • zingo@sh.itjust.works
          link
          fedilink
          arrow-up
          0
          ·
          edit-2
          3 months ago

          More importantly, Meta also has the encryption keys of any WhatsApp conversation.

          It’s like a fucking META password manager that unlocks your vault… (…as in your WhatsApp conversations) and locks it when they are done spying, whenever they feel like. Repeatedly.

          You have no control, as in a secure private conversation unless you have the keys on your device.

        • Deello@lemm.ee
          link
          fedilink
          arrow-up
          0
          ·
          3 months ago

          So E2EE but they have a copy of the keys to use at their discretion. Cool, we have digital landlords now.

          E2EE* plaintext with extra steps

        • Atelopus-zeteki@kbin.run
          link
          fedilink
          arrow-up
          0
          ·
          3 months ago

          This is particularly insidious, as they claim to use the same encryption as Signal, developed by Open Whisper Systems. But Meta allows themselves access. 2 billion users. SMH.

  • Orbituary@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    3 months ago

    I have to keep it for communication with people who are only on that platform.

    This is always the excuse. Same one people use for FB.

    Drop it. If you want to keep talking to them, get their number. I’d they don’t give it to you, they’re not your friend and not someone you need to talk to.

    Stop feeding the platform that feeds your addiction.

    • countrypunk@slrpnk.netOP
      link
      fedilink
      arrow-up
      0
      ·
      3 months ago

      Dude, you don’t know anything of my situation. Why are you being so judgmental when I just asked a question. I’m not asking for lectures like this, which is why I made extra sure to clarify that I already know that Instagram is bad and I have to use it for a set amount of time.

      • Orbituary@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        3 months ago

        Because it’s everyone’s answer. Always.

        “I hate it, but I use it to talk to people.”

        • countrypunk@slrpnk.netOP
          link
          fedilink
          arrow-up
          0
          ·
          3 months ago

          People are important. It’s necessary for mental health to balance privacy and being able to have a life.

      • Ilandar@aussie.zone
        link
        fedilink
        arrow-up
        0
        ·
        3 months ago

        Best to just block people who use the “if you don’t use MY messaging platform of choice, you’re not my friend” argument. They are completely deranged and not living in the same world as the rest of us.

    • GolfNovemberUniform@lemmy.ml
      link
      fedilink
      arrow-up
      0
      ·
      3 months ago

      If you want to keep talking to them, get their number. I’d they don’t give it to you, they’re not your friend and not someone you need to talk to.

      From my experience this is completely false unfortunately.

          • Wilzax@lemmy.world
            link
            fedilink
            arrow-up
            0
            ·
            3 months ago

            If you can lose a friend over putting your foot down about what platforms you want to message them on, they’re not a good friend.

            It’s the kind of sad situation where you have regrets no matter what you do. If they’re unwilling to find a different way to contact you when you leave Instagram, they’re probably unwilling to do a lot of things for you. You would regret relying on them when something actually hard happens and they leave you hanging.

            • GolfNovemberUniform@lemmy.ml
              link
              fedilink
              arrow-up
              0
              ·
              3 months ago

              Such case is possible but I saw different. Maybe I am wrong here idk. The thing is you not willing to stay on the platform they want to stay on actually makes you a bad friend for those that don’t know anything about privacy but it’s besides the point.

  • tomalley8342@lemmy.world
    link
    fedilink
    arrow-up
    0
    ·
    3 months ago

    You probably discussed it because you were aware and interested in it, and your awareness and interest showed through in your other trackable habits outside of your chatroom. You only notice when they guess your interests correctly.

    • countrypunk@slrpnk.netOP
      link
      fedilink
      arrow-up
      0
      ·
      3 months ago

      It’s more likely than not that, but I would like to err on the side of caution and figure out a way to fix it just in case my suspicion is true.

    • PetroGuy@lemmy.ca
      link
      fedilink
      arrow-up
      0
      ·
      3 months ago

      this is the real answer. unless you gave the app a bunch of permissions it shouldn’t have, they cannot see what you do/say in matrix. but they don’t need to. you willingly feed them enough information through location/posts/comments/private messages/friends/contacts/+a very long list of things for them you figure out your interests and serve you tailored ads.

      • Guntrigger@sopuli.xyz
        link
        fedilink
        arrow-up
        0
        ·
        edit-2
        3 months ago

        I’m not so sure. I’m interested in this thread because I had a recent issue like this. I barely use Instagram, hadn’t booted the app for a month or something, only have it to support my SO’s art account. Never comment/DM, just likes. Had a lengthy in person conversation about tattoos and the idea of getting them at current location. I didnt do any searches on my phone or any other device for that matter. Don’t have any tattoos, or ever look at that content on insta (only follow art and wildlife photography accounts). Booted up Instagram that day and was getting purely adverts for local tattoos studios on my feed. Checked my permissions, all disabled. The only explanation I have is that it’s somehow still listening. That can’t possibly be a coincidence.

        • noodlejetski@lemm.ee
          link
          fedilink
          arrow-up
          0
          ·
          3 months ago

          The only explanation I have is that it’s somehow still listening.

          or the other person participating in the conversation had looked them up.

          • Guntrigger@sopuli.xyz
            link
            fedilink
            arrow-up
            0
            ·
            3 months ago

            I had considered that, but that would mean they are collating and amalgamating data coming from a single IP, which is almost as bad as listening to my microphone. Both are data gathering without my permission.

            • noodlejetski@lemm.ee
              link
              fedilink
              arrow-up
              0
              ·
              edit-2
              3 months ago

              they are collating and amalgamating data coming from a single IP

              lol no shit. of course they’re aggregating location data, this is how, among other examples, some therapists ended up having their patients recommended as Facebook friends in the past.

              if they see someone being frequently in the same location you are and at the same time you are, they will leverage your relationship to serve you ads based on their (and, presumed by the algorithm, shared to some extent) interests.

  • Ebby@lemmy.ssba.com
    link
    fedilink
    arrow-up
    0
    ·
    edit-2
    3 months ago

    I feel a lot of these responses miss the mark. If I read it correctly, you suggest matrix is the data leak and the results of which show in Instagram.

    Matrix has many clients, one of which could be leaking data, but not necessary from your end of the conversation.

    There are also keyboards which analyze input, and high privileged apps that can read notifications.

    From what I understand, Meta apps can scan a device for a list of apps installed (probably somesort of fingerprinting concern) but can’t actually read app interactions or content.

    I’d say hi in a chat with some clear, unique keywords on a new or old/wiped device and see if the leak continues. It may not be you at all, but it would identify the problematic device