Amnesty International spearphished with government spyware — Naked Security

Pegasus spyware is supposed to be used solely by governments, to enable them to invisibly track criminals and terrorists

via Amnesty International spearphished with government spyware — Naked Security

Advertisements

Zimbabwe is signing up for China’s surveillance state, but its citizens will pay the price.

china.jpgBy Amy Hawkins

Daily life in China is gated by security technology, from the body scanners and X-ray machines at every urban metro station to the demand for ID numbers on social media platforms so that dangerous speech can be traced and punished. Technologies once seen as potentially empowering the public have become tools for an increasingly dictatorial government—tools that Beijing is now determined to sell to the developing world.

In 2015, the Chinese government launched its Made in China 2025 plan to dominate cutting-edge technological industries. This was followed up last year for plans for the country to be a world leader in the field of artificial intelligence by 2030 and to build a $150 billion industry. The developing world is a big part of these ambitions. But China doesn’t just want to dominate these markets. It wants to use developing countries as a laboratory to improve its own surveillance technologies.

Many parts of Africa are now essentially reliant on Chinese companies for their telecoms and digital services. Transsion Holdings, a Shenzhen-based company, was the No. 1 smartphone company in Africa in 2017. ZTE, a Chinese telecoms giant, provides the infrastructure for the Ethiopian government to monitor its citizens’ communications. Hikvision, the world’s leading surveillance camera manufacturer, has just opened an office in Johannesburg.

The latest is CloudWalk Technology, a Guangzhou-based start-up that has signed a deal with the Zimbabwean government to provide a mass facial recognition program. The agreement is currently on hold until Zimbabwe’s elections on July 30. But if it goes through, it will enable Zimbabwe, a country with a bleak record on human rights, to replicate parts of the surveillance infrastructure that have made freedoms so limited in China. And by gaining access to a population with a racial mix far different from China’s, CloudWalk will be better able to train racial biases out of its facial recognition systems—a problem that has beleaguered facial recognition companies around the world and which could give China a vital edge.

The CloudWalk deal is built on the back of a long-standing relationship between former Zimbabwean President Robert Mugabe’s regime, seen by China as an ideological ally, and Beijing. Current President Emmerson Mnangagwa was sworn into office in November 2017 after a military coup forced Mugabe to resign after 37 years of increasingly repressive rule. But activists fear that Mnangagwa, Mugabe’s former consigliere, will continue the patterns of his predecessor, especially if his regime is backed up with new security technology.

The deal between CloudWalk and the Zimbabwean government will not cover just CCTV cameras. According to a report in the Chinese state newspaper Science and Technology Daily, smart financial systems, airport, railway, and bus station security, and a national facial database will all be part of the project. The deal—along with dozens of other cooperation agreements between Harare and Chinese technology and biotech firms—was signed in April. Like every other foreign deal done by a Chinese firm of late, it has been wrapped into China’s increasingly all-encompassing Belt and Road Initiative.

Like every other foreign deal done by a Chinese firm of late, it has been wrapped into China’s increasingly all-encompassing Belt and Road Initiative.

Like every other foreign deal done by a Chinese firm of late, it has been wrapped into China’s increasingly all-encompassing Belt and Road Initiative.

The CloudWalk deal is the first Chinese AI project in Africa. Google is opening its first Africa AI research center in Ghana this year, but Eric Olander, founder of the China Africa Project—a podcast and online resource that examines the relationship between China and Africa—noted that many Western companies “aren’t willing to make that step that the Chinese are willing to do. … [The Chinese] are willing to make an investment in a market as volatile as Zimbabwe, where companies from other countries are not.”

Indeed, with massive state and private backing for AI projects—according to a CB Insights report, nearly half of global investment in AI went to Chinese start-ups last year, surpassing the United States for the first time—Chinese companies can afford to take risks. CloudWalk itself was the recipient of a $301 million grant from the Guangzhou municipal government.

“We are concerned about the deal, given how CloudWalk provides facial recognition technologies to the Chinese police,” said Maya Wang, a senior China researcher for Human Rights Watch. “We have previously documented [the Chinese] Ministry of Public Security’s use of AI-enabled technologies for mass surveillance that targets particular social groups, such as ethnic minorities and those who pose political threats to the government.”

Some Zimbabweans are concerned about how their data will fare in China. Andy, who asked that only his first name be used, is studying for a Ph.D. at Beijing Normal University. For him, “the question is what the Chinese company will do with our identities. … It sounds like a spy game.” He also says that he “know[s] for a fact” that “the Zimbabwe government will use this tech to try and control people’s freedom.”

In Zimbabwe, freedom of expression has long been curtailed or monitored by various means. In 2015, Mugabe accepted a gift of cyber surveillance software from the Iranian government, including IMSI catchers, which are used to eavesdrop on telephone conversations. In 2016, he cited China as an example of social media regulation that he hoped Zimbabwe could emulate.

British ex-spies warn of risks dealing with Chinese telecom Huawei

By Europe bureau chief Lisa Millar

Two of Britain’s top cyber security experts have warned against ignoring Huawei, saying banning the Chinese telecommunications giant is not an option for the West.

Robert Hannigan, former director of Britain's intelligence and security organisation GCHQ.

“In the future there will be lots of technologies that we need where the best provider in the world and the best technology is Chinese,” said Robert Hannigan, the former director of Britain’s intelligence and security organisation GCHQ.

“What are we going to do about this?

“Are we going to cut ourselves off from this, or are we going to manage the risk?”

The answer, according to Mr Hannigan and Nigel Inkster — a 30-year veteran of the Secret Intelligence Service (MI6) — is to accept that with risks come rewards.

“What we need to do is look at this at the broader strategic context of who controls and dominates these technologies at a global level in the 21st century,” Mr Inkster said.

Huawei entered the British market in 2001, and by 2005 had signed off on its first UK contract with BT (formerly British Telecom) as it embarked on a multi-billion-pound upgrade of its network.

“I think those in the intelligence and security community were from the outset aware of the problem that this relationship could cause,” Mr Inkster said.

“But one has to bear in mind that … this was taking place in a different era, we were still in a kind of end-of-history moment.

“There was simply less awareness within government as a whole of these security issues, and frankly less of a disposition to take them particularly seriously.”

The Cell

In 2010, the Huawei Cyber Security Evaluation Centre (HCSEC) was created — otherwise known as The Cell.

In a nondescript brown brick building in an industrial site 90 minutes north of London sits a team of cyber security experts, employed by Huawei and overseen by the British Government.

Positions advertised for the Banbury facility say Huawei is seeking those looking to build a “rewarding career in cyber security”.

Their job is to ensure the integrity of Huawei’s products, which include equipment used across the UK’s fibre-optic network.

It is a model that has been suggested for Australia, to ease concerns about security to the critical national infrastructure.

But the July annual report from the board that oversees The Cell raised concerns, using language not seen in its three previous reports.

“Identification of shortcomings in Huawei’s engineering processes have exposed new risks in the UK telecommunication networks and long-term challenges in mitigation and management,” the report said.

“Due to areas of concern exposed through the proper functioning of the mitigation strategy and associated oversight mechanisms, the oversight board can provide only limited assurance that all risks to UK national security from Huawei’s involvement in the UK’s critical networks have been sufficiently mitigated.”

Its concerns were sent to the British Prime Minister’s national security adviser.

“It looks like a bit of a warning shot has been fired by the UK Government,” Mr Hannigan said, who until last year oversaw the board that issued the report.

“It’s [The Cell] working up to a point, is the way I’d put it.

“The question is, what’s the alternative? Is the alternative banning Huawei better? I don’t think it is actually.”

Huawei welcomed the UK report and the feedback.

“It confirms the collaborative approach adopted by Huawei, the UK Government and operators is working as designed, meeting obligations and providing unique, world-class network integrity assurance through ongoing risk management,” a spokesperson for Huawei told the ABC.

“The report concludes that HCSEC’s operational independence is both robust and effective.”

Huawei insisted it was under more scrutiny than any other telco and The Cell had been proven as the best model for compliance.

The risk

But both Mr Inkster and Mr Hannigan agreed there were risks to dealing with Huawei.

“Huawei has relied very substantially on Chinese Government investment and technological assistance to develop rapidly to the point where they are,” Mr Inkster said.

“And if the Chinese Government ask them to do something, they’re not in the position to refuse.

“The challenge for those who simply want to ban it is, what’s the alternative?” Mr Hannigan reiterated.

“The challenge for those who think they can manage it is — are you kidding yourselves?

“There is simply no magic solution.”

Topics: world-politics, government-and-politics, defence-and-national-security, information-and-communication, science-and-technology, united-kingdom, china

Facial Recognition Software Steals Identity

The future in identity theft is here on Facebook. This has already happened to some of my Facebook friends and it comes in the form of Facial Recognition software apps. Every time you try out one of their apps you resign your privacy rights of your contacts, GPS location and pictures. It then collects your selfies for its database to create virtual facial images of a person complete with aged variations, opposite sex and various other combinations. The downside to this technology is your online privacy, online behavior and security is at risk and inevitably the theft of your identity for scams and malicious attacks.

IMG_20180226_113018

Chrome, Safari, and Opera Browsers might be leaking your private information

Source: fossBytes

We often praise the autofill features of our web browsers for saving us from all the troubles of typing the details like email address, passwords, address, phone numbers, etc.

But, these features come along with some serious security risks too.

A web developer and hacker named Viljami Kuosmanen has found a flaw that’s affecting different browsers and plugins. According to his revelation, web browsers like Google Chrome, Apple Safari, and Opera, and plugins like LastPass can be exploited to leak sensitive personal information.

Browser autofill phishing in Chrome, Safari, and Opera

The phishing attack described by the hacker is very simple in application. When you fill your information in text boxes, autofill enters the profile-based information in form fields hidden from the user.

Mozilla’s Firefox is immune to this problem as it is yet to implement a multi-box autofill system, so, it can’t be tricked into filling text boxes.

Interestingly, this attack is triggered when users enter at least one information in some online form. To avert such attacks, the users are advised to disable the autofill function in their web browser.

Is Cybercrime Act, a form of censorship?

Source: Looppng

Many Loop PNG readers think the Cybercrime Act is a National Government plot to censor public comments on social media.

The National Parliament in 2016 passed the Act making it a crime to make unproven allegations about individuals using any information technology medium.

However, the National Information and Communication Technology Authority (NICTA) CEO Charles Punaha brush aside the censorship claims.

Punaha said the new Cybercrime Act is not a form of censorship in Papua New Guinea.

These are some of the comments on our news site.

“It is censorship your highness. You are telling us to watch our mouths when criticizing publicly elected officials – a norm in any democracy. Isn’t that the same as prohibiting people from watching certain movies, etc?” a reader stated.

“People or so called leaders are pushing around to have media under their control is to protect themselves from their corrupt practises so where does this freedom of speech comes in play, shame on you leaders for pushing this agenda around to pass that law,” Arnold Mara commented.

“We need freedom of speech in our country!! We all know that the media in PNG is being controlled by the Government, we need social media to expose corruption and the truth on our Parliamentarians and Senior Public servants’ immoral and unethical behaviours,” another reader commented.

Crash Course in Understanding Facebook Messenger Privacy Settings

Course Details

Facebook Messenger is a handy smartphone app that separates messaging from Facebook’s other features. But when you install Messenger, it asks for permission to edit and read your text messages, record audio, and access your location data, which creates privacy concerns for some users. In this short course, Nick Brazzi will show you what settings you can adjust on the iOS and Android versions of the app, and how they will impact how Messenger runs on your device. Watch and learn if Facebook Messenger is right for you.

Instructor

Nick Brazzi

Nick Brazzi

Staff Author, lynda.com at LinkedIn

Learn more

Reviewing privacy options and settings for Facebook Messenger

Messages are a popular feature on Facebook. Using messages you can write a message directly to another Facebook user, which they can view privately. Messages are sort of like emails or chat messages. They can only be seen by the people involved in the conversation. Now to be clear we’re not talking about regular status updates or wall posts on Facebook, just the private message system.

Recently Facebook has been making a big push to get users to use the separate Messenger app. And it looks like that change is going to be mandatory. If you wanna send Facebook messages on your smartphone you have to use the Messenger app.

This change stirred up some controversy, especially surrounding privacy concerns. Now if you need to learn how to use the Facebook Messenger app check out the Up and Running with Facebook course with Justin Seeley on lynda.com.

You can still send and receive Facebook messages on the Facebook website on a computer. Security and permissions are different between iPhone, Android, and the Amazon Fire Phone, so I wanna look at all three, starting with the iPhone. Here I am in the standard Facebook app. And when I tap on the messages button you see something interesting. If you have not already installed the Messenger app you’ll probably be prompted to do that here. In some cases you might see a button that says not now, or remind me later, but that doesn’t happen in most cases.

In most cases you’re gonna see this. The options will be install or learn more. So really your only option is to install the app. So let’s see how that works. I’m gonna go ahead and go through the installation process, so I’ll hit install. And because I’ve already installed this app on another phone you can see it’s just got the little cloud icon, which lets me download the app again here on this phone. So I’ll tap that and let it install. Once it’s installed you could go ahead and launch the app, or if you’re already inside the standard Facebook app when you look at the messages button now it’s changed to say Messenger.

And if I tap on that button now it’s gonna flip me over to the Messenger app. So you can launch the app itself, or you can get to it from within the standard Facebook app. Since this is the first time I’ve used the app on this phone I’m gonna need to log in. It already knows my Facebook account, so I can confirm that just by hitting continue. As you log in there’s an option to link the Messenger app to your phone number. This is the first privacy option that you need to consider. If you link your phone number your friends will be able to make voice calls to your phone directly through the Messenger app.

There’s also an option to send free SMS messages through the app, but of course this could be a privacy concern, you may not want people to have direct access to you through Facebook through your phone number. So if this is an issue for you you should simply decline to link your phone number to the app and everything else will work fine. To decline just hit not now down here at the bottom. It’s a very light grey, so it may be hard to see. I’m gonna confirm this by hitting skip. Now it’s worth noting that if you did set up the app and linked your phone number to the app as far as I can find there’s no way to remove your phone number after the fact.

So just be careful when you first set up the app, and if you do not want your phone number linked make sure you don’t link it. I’m also gonna skip this option about text messages just by hitting not now. And I’m gonna go ahead and allow notifications. I’ll hit OK. But let’s talk about notifications for just a moment. This is another minor question that you’ll need to address. Enabling this allows the phone to display popup notifications when you receive messages, even when the app isn’t running. This permission isn’t really a security risk, it’s just up to you to decide whether you want alerts when you receive new messages in the Facebook Messenger app.

I’m gonna go ahead and allow them. Now I’m all set up and I’ll hit OK. And from here I can see all of the conversations that I have going on inside of messages on Facebook. Now again, I’m not gonna get too much into how to use the app, that’s covered in the Up and Running with Facebook course with Justin Seeley here on lynda.com, but I do wanna talk about some privacy settings. So let’s finish talking about those notification settings. What if you decided to change your mind about notifications later? Well, if you wanna change that all you need to do is close the app and switch over to settings, and you wanna go to notification center, and you’ll see a list of all of the apps on your phone that have notifications options.

So I’m gonna scroll down and find the Messenger app and touch on that, and you can see you can adjust your notification options right here. And if you don’t want notifications at all then you can just go through and turn off all of these options. I’m gonna go back to the main settings screen and we’ll flip back over to the Messenger app. Back in the Messenger app I’m gonna compose a message. I can do that by hitting the new message button up here, or I can just tap on one of the people I’ve been having a conversation with and I can type a message to them here.

If I tap on this field right here I can type my message. But now that I’m here typing a message I wanna look at the location permissions, which is the biggest hot button topic here. You have the option to include your location when you send a message. This will include a GPS map location, so your friends can see where you were when you sent this message. Now clearly this might be a problem for some conversations, so it’s really important that you know how to turn this off. On my iPhone the location was off by default, but don’t take my word for that.

I suggest you double check that for yourself. Now looking at this field here when I’m typing a message I can see there’s a little notification here that tells me that I can enable location. What we’re really looking at is this small triangular arrow down here. If that arrow is a hollow grey that means that locations are turned off, if I tap on that button that will enable locations for this conversation. But here we see a very important option and this is part of iOS on the iPhone. It’s asking me for permission to use my current location and that’s just the way iOS works.

You have to give each app individual permission before they can access your location information. That’s why this is off by default on the iPhone. So just to see how it works I’m gonna go ahead and hit OK, which will give my phone permission to use my location for the Facebook Messenger app. And now you can see the location button is a bright blue. Now I can turn this off or on for any conversation. All I need to do is tap on that button to turn it off, tap on it again to turn it on.

And it’s really important that you take a look and you know whether that option is on or off, so you can set it the way you want it. So it’s nice that you can disable location information for each conversation, but what if you wanna disable location permissions completely for the app? What if you never want the app to have the ability to use your location? To do that, again, we’re gonna go to the home screen, we’ll go to settings, we’re gonna go to the section here in settings on privacy, and I’m looking for location services.

And again, you’re gonna see a list of all of the apps that have location services available. And you can see that the switch is turned on for Facebook Messenger. If I turn this off then that will deny permission to Facebook Messenger to use any location data at all. And this is the safest way to go. This will make it so that the Facebook Messenger app is never able to use your location. Now of course if I switch back to the Facebook Messenger app I’ll now see that the location button is dimmed out again and if I try to turn it on it’s gonna tell me that I have to go to settings to re-enable it.

I’ll go ahead and tap OK. So that’s the location settings for the iPhone. There are a couple other privacy issues that we wanna take a look at, but they’re a little bit more minor. As you’re typing a message generally you’re set to text. There is an option here to flip to the camera if you wanna send photos straight from your camera through a message. There’s an option to access photos that are saved in your camera roll as well. And if I tap on that button it’s gonna ask me for permissions to access my camera roll. So this is another one of those permission things.

And if I decide to say OK then I could choose a photo from my camera roll, select it, and send it through the message, and that works fine. But of course, like we saw you have to give it permission. The same is true of the microphone option. This option lets you send voice messages. And if I tap on this record button you can see that it’s going to ask me for permission to use my microphone. So again, this is one of those services that you have to grant permission. In this case I’m gonna say don’t allow.

And it’s gonna give me a little bit of information telling me what I’m not gonna be able to do if I don’t have the microphone enabled. I’ll just hit OK. So I did give it permission to use my photos, but I did not give it permission to use the microphone. I’m gonna go to my settings again and I’m gonna take a step back, so we’re on the main privacy screen. And you can see here in privacy settings there is an option to go through and enable or disable permission to use photos, as well as the microphone.

So those are the other special permissions that you’re gonna have to take into account when deciding on your privacy settings here on the iPhone. Now let’s take a look at those settings on an Android phone. Here in the Google Play Store I’m looking at the Facebook Messenger app and I’m gonna hit install. When I install this app I’m gonna see a warning showing me all of the app permissions that this app requires. And this is one of the biggest sources of controversy and debate about this app online.

This app requires a lot of permissions. As a matter of fact, if I scroll down here there’s an option to see all and there are even more listed here. Now I’m not gonna comment on what each and every one of these app permissions mean. There’s a lot of articles online that talk about this extensively, but what I do wanna do is talk about which of these app permissions you can disable, just like we saw a moment ago on the iPhone. So for now I’m just gonna hit accept and I’m gonna let the app install.

Once you have the app all installed and set up it’ll look like this. Now just like when I set it up on the iPhone I decided to decline the option to link my phone number to the app. But here I can see all of the conversations that I have going on inside of Facebook Messenger. Now keep in mind, the menus and the settings are a little bit different from one Android phone to the next, but they should be similar enough that you should be able to find what you need based on what we see here. I’m using the Nexus 5 phone and we’ll also look at the Amazon Fire Phone in a moment, which runs on a modified version of Android.

So first let’s take a look at the notification settings. Some Android phones give you more or less control over how notifications behave, but fortunately you can enable and disable notifications right inside the Messenger app. To do that I’m gonna go to the settings button and you can see there are two interesting options here. I wanna take a look at notifications and chat heads. When I go into notifications you can see there are several options for how you want your notifications to appear. And of course if you just don’t want any notifications at all you can turn that off up here.

I’m gonna take a step back. Chat heads is interesting. Chat heads will give you previews of the Facebook Messenger conversations you’re having even when you’re not in the app. Let’s take a look at how that looks. I’m gonna go back to my messages and I’m going to reply to a message here. And I’ll just write a quick response to this conversation. I’ll send that. So now this particular conversation is active.

I’ll take a step back, and I’m gonna hit the home button to get to my main screen. Now when I get a response to the message that I just sent we should see notifications and chat heads pop up. So that’s what the notifications and the chat heads look like. And the chat heads are neat, I can tap on them here, and I can write a response to the message without actually opening up the app. I’m gonna tap outside of this and I’m gonna go ahead and open the app, so we can look at the rest of the settings. So of course those are notifications and you can turn those on or off right here.

Now let’s talk about the big one, location permissions. So I’m gonna go back to the conversation I was just having, I’ll tap on that, tap on the field to type a message, and just like on the iPhone there’s a button that indicates whether location is turned on or off. The button is a little bit different on Android, it looks like a circular target button. Now this is the most important thing you have to recognize, the locations option is turned on by default on Android. On iPhone it is not on by default, but on Android it is.

So if you just jump in and start using the app you will be sending your GPS location to anybody you send messages to. So how do we turn that off? Well, it’s very similar to an iPhone. To turn it off for an individual conversation just tap on the button here and it turns grey. Turn it back on just by tapping on it and it turns blue. But that’s only for one conversation at a time. What if you wanna disable location services entirely for the app? I’m gonna take a step back, go to settings in the app, and you can see here that location is enabled.

All I need to do is turn off location here and when I go back to my conversation, when I tap to type in my message you’ll see that location is off. If I try to turn it on it’s gonna tell me that location is turned off for the app entirely and it’ll ask me whether I wanna turn it on. So I’m gonna go ahead and hit not now. I’m gonna leave location settings turned off. Now there is another way to handle location issues on an Android phone. To do that I’m gonna take a step back and I’m gonna go to the home screen, I wanna go into the settings for my phone.

Inside of settings I’m looking for the category of location. Here in location I can see a list of all of the apps that are using location and I’m not able to disable that individually for each app on the Nexus 5, but what I am able to do is turn off the master switch for location. This turns off location settings entirely for any app running on my phone, but it’s important to recognize that there are some apps that you might wanna use locations for, especially the Maps app for example.

And remember that you can still turn off locations directly in the Facebook Messenger app. Now if I go back to the Facebook Messenger app and I go back to my conversation and I tap to type a message you see just like on the iPhone we’ve got buttons to access the camera, as well as my photo roll, and I can access the microphone. But it’s very interesting to see here that you are not asked to give permission for the phone to use your camera roll or your microphone. This is just not an option that you have the ability to adjust on an Android phone.

So again, keep this in mind as you’re deciding whether you wanna use this app. The app is automatically given permission to use your photos and your microphone. Now some Android devices and the Amazon Fire Phone give you a little more control over notifications and location permissions. But there’s one issue here with location settings that I wanna be aware of. So I’m gonna switch over to the Amazon Fire Phone. On the Amazon Fire Phone the Messenger app in general works the same as it does on the Android phone we saw a moment ago.

One interesting thing that I’ve noticed is that it does not seem to force me to install the Messenger app when I access messages inside the Facebook app. Of course that may change in the future, but you can see here I am in the standard Facebook app and I’m able to access messages just fine. But I do have the Messenger app installed, so I’m gonna go ahead and open that up. And like I said, it looks pretty much the same as it does on any other Android device. We can go into the settings and we can make the same settings adjustments right here.

I’ve got my notifications and I’ve got my location settings, but there’s something very important that I wanna talk about with locations. This is something that I found is specific to the Amazon Fire Phone, but it may work the same on other Android devices, so it’s good to have an eye out for it. I’m gonna go into the settings here on the Fire Phone, and I’m gonna go to the section on location services. And there’s an option here to configure location based services for your individual applications.

I’m gonna tap that. And if I scroll down here I can see a list of all of the applications on my phone that use location services. And I can come in here and I can find Messenger and I can turn location services off. The idea here is that now Messenger will not be able to use any location services, but this is what I want to warn you about. In my experience with the Amazon Fire Phone this does not work the way I would have expected it to work. Let me show you what I mean.

Now that I have location services turned off for Messenger I’m gonna go back to the Messenger app and here in the settings for Messenger I can see that location services are still enabled and if I go to my conversations and I tap to continue this conversation, go here to write a message, I can see that location is enabled for this conversation. So the location settings inside of the Messenger app here on the Fire Phone override the location settings on the system settings for the phone.

This is important and you wanna make sure that you double check all of your location settings to make sure you know whether you’re sending your location when you send your messages. It’s worth noting that if I go back to settings and I go to notifications and into manage notifications I can change app notifications individually for each app here as well. So I’ll scroll to Messenger and you can see I can change all sorts of options for the notifications.

But again, I think it’s really important that you double check how the app actually behaves just in case the settings in the app override the system settings that you adjust here. Security and privacy are really important issues to be aware of with any smartphone app, but I think Facebook is a system where you should be particularly aware. It’s also worth noting that location services drain your battery faster, so location might be more than a privacy concern for you. But please get familiar with your phone’s settings and make informed decisions about how you use your apps and how you communicate with people over the internet.