Why You Should Stop Using Your Facebook Messenger App
upstart writes in with an IRC submission for c0lo:
Why You Should Stop Using Your Facebook Messenger App:
If you're one of the billion-plus people using Facebook Messenger, then you'd be well-advised to switch to an alternative. Unlike its Facebook stablemate WhatsApp, Messenger is missing the critical security required to protect your content from prying eyes. Everything you send on Messenger passes through Facebook servers to which it has access. We know Facebook "spies" on this content to make sure you're following its rules, well a new security report claims it also downloads your private content to its own servers without any warning.
The team behind the report has good form in holding major tech platforms to account on security grounds. Tommy Mysk and Talal Haj Bakry pushed Apple into the clipboard access warnings that are such a famed part of iOS 14; their research also caught TikTok indiscriminately reading Apple users' clipboards, part of the technical backlash that ultimately led to U.S. action against the viral Chinese platform.
Mysk and Haj Bakry had initially set out to study how various messaging platforms handled so-called "link previews." When you send a link to a website, a news article or other online content-including private documents, the recipient of your message will often see a preview of that content. Clearly this requires the link to be followed somewhere and somehow, and its data returned. The way that's done, though, is critical. Get it wrong and messaging platforms can access private data, download personal information to their servers, even expose user locations.
[...] This new report shows what all that means in practice. And so, if you're sticking rigidly to a poorly secured messaging platform, including Facebook Messenger or, worse, SMS, then now's the time to switch. WhatsApp remains a good everyday choice with a huge user base and all the functionality you need, notwithstanding Facebook's monetization drive. But there are clearly even more secure options if you want to escape Facebook altogether.
"Apps that generate link previews on servers might leak the content of links," Mysk warns. "If the leaked content is deemed personal, then personal user data is definitely at risk. It is unclear for how long such servers store the data, and if these servers store the data securely or conform to the same privacy policy that the app states. Since Facebook didn't answer any of these privacy concerns, I'd refrain from sending links to private information in such apps. If you want to be on the safe side, just switch to an end-to-end encrypted app."
Read more of this story at SoylentNews.