Onavo provided a compression + VPN service for people traveling; they let users use little or no data while roaming, and still get internet access. I do not know what their original business plan was, but Facebook bought them for the ability to spy on users.
Their MITM was, in fact, the raison d’etre of Onavo. And then, they were bought by Facebook. And then there was just some more analytics added. At no point, as I understand it, was it built explicitly for evil - and I suspect very few employees were in on the real reasons.
Plausible deniability works for many things.
I am happy to answer any questions you have about questioning or ethics at the time. Assuming that people's reaction to this was wrong, while not knowing what that reaction was, or having less than 5% of the context, isn’t going to help much.
Short answer: No, there were strong arguments for it. I reached out for institutional support to answer some questions, groups that I expected to be a lot more supportive than the ACM, but I found the reaction seriously lacking. Your intuition that groups like the ACM should offer assistance is sensible but completely overlooks many problems: geopolitics, different types of security, and individual capacities, among others. Each institution has its priorities; those are not always compatible, and it’s unclear who should have precedence. The ACM won’t help you if the argument is the kind of compromise with the devil that spy agencies often make or if problematic tools are used in efforts to dismantle large criminal groups.
I don't think you understand how Onavo works.
We seem to be able to manage this with bridges, planes, electrical & hydro installations etc. No reason it shouldn't be the same for critical software infrastructure.
Why do you think Meta's work is critical software infrastructure?
