Facebook Secret Messaging
- Thread starter ethan
- Start date
Soldato
- Joined
- 18 Oct 2002
- Posts
- 8,320
- Location
- The Land of Roundabouts
Lets face it, nothing on Facebook / Google etc should ever be considered private (no matter what they preach) or even deleted for that matter, the day Facebook's deleted archives are released will be an interesting day!
The Streisand effect, people that go to such lengths just draw more attention to themselves.
I saw one on Google that had clearly been removed, so next time i drove past i took a look at it. If it wasn't removed I'd have never taken any notice!
Plain site is far more effective at hiding oneself from preying eyes
My mate even contacted Google to get his house blurred on Google Street View. Apparently he's on Facebook but I'm not close enough a mate to know his pseudonym
The Streisand effect, people that go to such lengths just draw more attention to themselves.
I saw one on Google that had clearly been removed, so next time i drove past i took a look at it. If it wasn't removed I'd have never taken any notice!
Plain site is far more effective at hiding oneself from preying eyes
Why would I need to? This is the internet, if there was some flaw in it, someone else will already have done the leg work and posted about it online. But all I see are people who hate on Facebook/Google and scream "HURRRRRRR PRIVACY!!!!!"
This doesn't make sense. By your logic, there are no flaws in any software because if there was, someone would have posted it online.
People find exploits and then don't reveal them for all sorts of reasons. 0-days are potentially worth a lot of money to hackers - look at the Shadow Brokers leak to see how the NSA was hoarding 0-day exploits for its own uses.
No I'm on about in terms of Facebook, as this is what is being discussed. It's one of the the biggest things on the net, if there was a hole in end to enc encryption, then it would have been picked up long ago as it's not something that has suddenly been turned on. It's been enabled for a long time now.
Let's be real, you're just being paranoid for no satisfactory reason.
Let's be real, you're just being paranoid for no satisfactory reason.
Soldato
- Joined
- 18 Oct 2002
- Posts
- 8,320
- Location
- The Land of Roundabouts
Why would I need to? This is the internet, if there was some flaw in it, someone else will already have done the leg work and posted about it online. But all I see are people who hate on Facebook/Google and scream "HURRRRRRR PRIVACY!!!!!"
Personally i'm not on a debate about the need for privacy and why people seek it.
But there's plenty of instances of various Apps having there certificate pinning removed or bypassed allowing a MITM attacks (and plenty of guides our there). And you have to take there word on no one else having there certificate signing key. i doubt they will ever allow you to use your own signed certificates.
Essentially its there to make people feel secure but in reality its just a little harder to get to.
Where have a demonstrated paranoia?
I think it's sad that so many people are quick to dispense with a healthy skepticism and such things as basic verification. Facebook does not have the best track record as far as protecting its user data, and although it's encouraging that they're implementing things like this they are being forced to do so because their user base is demanding it, not out of any in-built altruism. Facebook are not a security company and I'm not sure they have the ability to fully secure their products, good intentions or no.
As the old Russian phrase goes, "trust, but verify".
Bugs take time to be found, just because there are a lot of users doesn't mean that they're found immediately (especially by someone who will report it) after a company releases them into the wild.
Heartbleed in SSL took 2 years to be found and reported.
Shellshock was released in 1989 and wasn't reported until 2014.
Both Bash and OpenSSL are used by a huge amount of people, it doesn't mean that these bugs are easily found.
Hmm I forgot about heartbleed, and indeed that's true. My bad, I'm revoking part of what I said earlier, although I still maintain there are too many people up in arms about the topic due to the bodies involved being Facebook, Google etc.
Man of Honour
- Joined
- 29 Mar 2003
- Posts
- 57,755
- Location
- Stoke on Trent
The Streisand effect, people that go to such lengths just draw more attention to themselves.
I saw one on Google that had clearly been removed, so next time i drove past i took a look at it. If it wasn't removed I'd have never taken any notice!
Plain site is far more effective at hiding oneself from preying eyes
There are already servers to scan everything and it has already cost billions of dollars. The time it would take for a human to read emails is not relevant in this day and age. Heck forget email lol, we're already at the level where computers and CIA spyware, for example Windows 10 and Facebook, are used to autonomously transcribe conversations you're having at home!!!
Not only that but raw data flow through IXPs is tapped so it's not even just emails that are being read, it's core internet traffic! Not only that but all these organisations have operatives working in house to intercept things before they're even encrypted for transport. Not only that but this isn't end to end encryption. Does Facebook actually generate the encryption using an independent method or are they in charge of the generating? Are the message packets directed straight to the client device or are they directed to facebook servers and then relayed?
Last edited:
Man of Honour
- Joined
- 29 Mar 2003
- Posts
- 57,755
- Location
- Stoke on Trent
bomb terrorist al queda al qeeda al qeda bomb sadam hussain osama bin laden bomb terrorist 9/11 7/7 bomb isis syria terrorist
That should keep them busy
That should keep them busy