Edgar Survints / Android Authority
tl; drag
- New research shows that Meta and Nandex used a flaw in Android to connect web browsing data to the app identify.
- This method ignored hidden format, cookie clearing, and other privacy concerns.
- Researchers say only one sure fix is to install the affected apps for now.
Updated: June 03, 2025 (evening 4:30 pm et): Since the story of the story below, Yandex has contacted us and clarified his official status in the following statement:
Yandex strictly complying with data protection standards and does not designate user data. The feature in question does not collect any sensitive information and it is aimed at improving the personal nature of our apps. After reviewing the concerns, we have decided to stop using it and are in the process of removing the feature from our applications. We are also in talks with Google to ensure full compliance with their App Store policies.
Original article: June 03, 2025 (12:05 pm et): You have long been convinced that using the Poshito mode on your Android device or clearing cookies will help advertisers prevent your web activity from tracking. However, new research shows that this may not be true, especially if you have some famous apps installed.
As reported ARS Technica And researchers behind the local Mess project have been revealed that both Meta and Russian Tech giant Yandex have been found using methods that can link web browsing to Android. Researchers found that the tracking method exploits the way that allows Android browsers and apps to discuss the same device.
The tracking scripts contained in the dispute are meta -pixel and the Andex meter, which embedded in millions of websites. Although these tools aim to help measulate site owners’ engagement, research suggests that they are being used to transmit hidden messages from browser to apps such as Facebook, Instagram, and Endex maps using a local network connection on your phone. If you were logged in to any of these apps, they could pick up a unique ID from your browsing session and link it to your account, even in Poshunito mode.
Meta started using this technique at the end of 2024, but the Andex has been allegedly doing so since 2017.
This is a major problem as it prevents the most common privileges of privacy. It doesn’t matter if you clean your cookies, refrain from logging into sites, or browse in private condition. As long as the relevant app is installed and quietly running in the background, the company can still learn which websites you are visiting.
It works by sending a browser data to the Lofule Local Host. Android does not inform users or indicates permission when this happens. When a meta -pixel or acepse meter load site, it can connect these apps through a local host, and is sending data quietly.
Meta started using this technique at the end of 2024, but the Andex has been allegedly doing so since 2017. Meta told ARS Technica That it has stopped this feature and said that it is working with Google that it is described as a “potentially wrong confrontation” to resolve how the policies should be applied. Google said the tracking behavior violates the Play Store policies and the expectations of the privacy of Android users, while Nandex has not yet responded to the request for a comment.
Brave and browsers, such as brave and dick Dickgo, have already blocked some of this behavior, and Google has begun refreshing works in Chrome, which has shut down specific methods used. But researchers have warned that these reforms are temporary. Some adaptation to the code may be around them, unless Android adds more basic restrictions on how apps can access local ports.
Meta Pixel and the Nandex Meter are widely spreading, which appears on nearly Six Millions and three million websites, respectively. According to the study, the majority of sites with these trackers begin to collect the data as you descend on the page, often before any consent popup appears.
If all this seems unpleasant, the reason is that most people will agree that this is. According to the research team, the only certain way to stop such Android tracking is to fully install the affected apps.
Have a tip? Talk to us! Email our staff at News@Androidauthority.com. You can remain anonymous or get the credit for information, it’s your choice.
