Mission
Create a compelling, evidence-driven website at **fb.definitelynot.ai** that presents the complete Facebook iOS surveillance investigation findings in an accessible, visually stunning format. This site must transform our technical investigation into an undeniable public disclosure.
COMPLETE SOURCE MATERIAL INVENTORY
Primary Investigation Directories
| Directory | Contents | Priority |
|---|---|---|
| ` | Root investigation - reports, scripts, evidence | CRITICAL |
| ` | Orchestration docs, Frida scripts, architecture | CRITICAL |
| `./analysis/facebook/` | Decrypted IPA, binary, capture logs | CRITICAL |
| ` | Extracted audio files (.m4a) | HIGH |
Evidence Subdirectories
Plain Text
evidence/
│ ├── agents/ # 50+ agent reports (SA-001 to SA-025)
│ │ ├── INDEX.md # Master index with grades
│ │ ├── phase2/ # 7 Phase 2 reports
│ │ └── phase3/ # 11 Phase 3 reports
│ └── *.md # Evidence supplements
├── agent-findings/ # Duplicate findings + logs
├── on-device-reports/ # Device capture logs (.log)
├── realtime-capture/ # Live capture logs
├── live-capture/ # Monitor logs
├── results/
│ └── extracted_audio/ # LSB extraction binaries
├── scripts/ # 50+ Frida/JS hooks
├── decompiled/ # Decompiled code
├── stego-analysis/ # Steganography analysis
├── suspicious-blobs/ # Suspicious binary data
├── mitm-capture/ # MITM proxy setup
├── packet-capture/ # Network captures
├── packets/ # Disclosure packets (Lina Khan, Cory Doctorow)
├── apple/ # Apple disclosure
├── fbi/ # FBI disclosure
├── ftc/ # FTC complaint
├── media/ # Press materials
└── public/ # Public disclosureBinary Analysis Directory
Plain Text
./analysis/facebook/
├── 345.0/
│ ├── Facebook.app/ # Decrypted app bundle
│ │ └── Frameworks/ # All frameworks (FBSharedFramework, etc.)
│ ├── facebook-decrypted.ipa # Full decrypted IPA (116MB)
│ ├── facebook-345.0-security-report.md
│ └── ANALYSIS/ # Analysis artifacts
├── data-exfil/ # Key extraction scripts
│ ├── extract-audio-key.js
│ ├── extract-ssl-keys.js
│ ├── frida-stealth.js
│ ├── SSL_BYPASS_STRATEGY.md
│ └── PROXY_ARCHITECTURE.md
├── CATEGORY-SPOOF-PROOF.log # 289KB proof log
├── category-capture-36504-events.log # 1.2MB events
├── comprehensive-capture2.log # 358KB
└── comprehensive-live-capture.log # 239KBOrchestrator Directory
Plain Text
ORCHESTRATOR.md # Master orchestration plan
├── DYNAMIC_AGENTS.md # Dynamic agent definitions
├── STATIC_AGENTS.md # Static analysis agents
├── SYNTHESIS_AGENTS.md # Synthesis agents
├── INVESTIGATION_TARGETS.md # Decompilation targets
├── PHASE2_ARCHITECTURE.md # Phase 2 architecture
├── extract-audio-key-fixed.js # Fixed Frida scripts
├── extract-ssl-keys-fixed.js
├── fb-capture-minimal.js
├── frida-stealth-fixed.js
└── investigate_audio.py # Audio investigation scriptCOMPLETE FILE INVENTORY
Markdown Reports (102 files)
**Agent Reports (SA-001 to SA-025):**
- undefined
**Addendum Reports:**
- undefined
**Hypothesis Reports:**
- undefined
**Summary Documents:**
- undefined
**Disclosure Documents:**
- undefined
**Technical Reports:**
- undefined
Frida/JavaScript Scripts (50+ files)
**Key Monitoring Scripts:**
- undefined
**Key Extraction Scripts (from data-exfil/):**
- undefined
Log Files (Evidence)
**Runtime Capture Logs:**
- undefined
**On-Device Logs:**
- undefined
Binary Data
**Extracted Audio:**
- undefined
**App Binary:**
- undefined
HYPOTHESIS STATUS (Current)
| Hypothesis | Confidence | Threshold | Status |
|---|---|---|---|
| H1: Microphone Capture | 82% | 75% | **MET** |
| H2: Indicator Suppression | 78% | 75% | **MET** |
| H3: Steganography | 85% | 95% | Below |
| H4: Network Exfiltration | 92% | 95% | Below (-3%) |
| H5: Remote Control | 85% | 75% | **MET** |
CRITICAL FINDINGS TO FEATURE
1. Dual-Layer Encryption (SA-025)
Plain Text
Mic → Opus → Noise E2EE (AES-256-GCM) → QUIC TLS 1.3 → Server- undefined
2. VoIP Background Wake (SA-024)
Plain Text
+---------------------------------------------------------------+
| VoIP BACKGROUND WAKE CAPABILITY |
+---------------------------------------------------------------+
| 1. Facebook server sends VoIP push via APNS |
| 2. iOS wakes app instantly (even if force-quit) |
| 3. App can activate audio session, capture mic |
| 4. No user interaction required |
+---------------------------------------------------------------+3. Server-to-Capture Chain (SA-012)
- undefined
4. Category Spoofing (SA-011)
- undefined
5. Steganographic Extraction (SA-014)
GLSL
highp vec4 extractFromSample(highp vec4 c) {
highp float minC = min(0.5, min(c.r, min(c.g, c.b)));
highp float diffC = max(0.5, max(c.r, max(c.g, c.b))) - minC + 0.001;
return step(0.5, (c - minC) / diffC);
}- undefined
6. Real-Time Streaming (SA-015)
- undefined
TECHNICAL REQUIREMENTS
Novel Technology Showcase
Implement to demonstrate sophistication:
- undefined
ASCII Art Preservation (CRITICAL)
The ASCII diagrams are pivotal evidence. They MUST be:
- undefined
Key diagrams to preserve:
- undefined
SITE ARCHITECTURE
Page Structure
Plain Text
/ Landing: "What Facebook Is Doing"
/evidence Interactive evidence explorer
/timeline Investigation timeline
/hypotheses H1-H5 status dashboard
/technical Deep-dive reports
/technical/sa-001 Individual report pages
/technical/sa-025
/methodology How we investigated
/pipeline Interactive audio pipeline visualization
/encryption Dual-layer encryption explainer
/scripts Frida scripts browser
/logs Runtime log viewer
/implications Legal/privacy implications
/take-action What users can do
/disclosures Official disclosures (Apple, FBI, FTC)Landing Page Flow
- undefined
Evidence Explorer Features
- undefined
AGENT ORCHESTRATION PLAN
Agent 1: Content Harvester
Plain Text
Task: Scan all directories and extract structured data
Input: All 4 source directories
Output: JSON database of all evidence
Actions:
- Parse all 102 .md files
- Extract ASCII art blocks verbatim
- Tag by hypothesis, grade, phase
- Build cross-reference index
- Catalog all scripts with descriptions
- Index all log files with summariesAgent 2: Visual Designer
Plain Text
Task: Create component library
Framework: React/Vue/Svelte (TBD)
Components:
- EvidenceCard (grade badge, summary, links)
- TimelineItem (date, finding, significance)
- HypothesisMeter (confidence bar, threshold line)
- ASCIIRenderer (monospace, animation support)
- PipelineVisualizer (interactive SVG)
- CodeViewer (syntax highlighting, address links)
- LogViewer (filterable, searchable)Agent 3: Interactive Builder
Plain Text
Task: Implement interactivity
Features:
- SSE for live evidence reveal
- Evidence explorer with filtering
- Animated pipeline visualizations
- Search functionality (full-text)
- Cross-reference navigation
- Deep linking to any evidenceAgent 4: Infrastructure
Plain Text
Task: Deploy to fb.definitelynot.ai
Actions:
- Set up hosting (Vercel/Cloudflare/VPS)
- Configure SSL/TLS
- Set up CDN for static assets
- Implement caching
- Add privacy-respecting analytics
- Configure social cards (OG tags)Agent 5: Content Writer
Plain Text
Task: Create accessible content
Deliverables:
- Lay summaries for each hypothesis
- "Explain like I'm 5" versions
- Press-ready statements
- Social media snippets
- FAQ documentVISUAL DESIGN
Theme
- undefined
Typography
- undefined
Key Visual Elements
- undefined
DELIVERABLES
MVP (Minimum Viable Site)
- undefined
Enhanced Features
- undefined
QUALITY GATES
Before Launch
- undefined
Evidence Integrity
- undefined
TONE & MESSAGING
Do
- undefined
Don't
- undefined
SUCCESS METRICS
- undefined
**START BY**:
- undefined
*Prompt generated: 2025-12-30* *Total evidence files: 102 markdown, 50+ scripts, 20+ logs* *Total source size: ~50MB documentation, 116MB binary*