- 0 Posts
- 9 Comments
Are you under the impression that Facebook owns Snapchat? Because they don’t. Nothing about this little “blame people for using proprietary services” rant is actually relevant to what happened. At all.
You should read the article because you clearly didn’t. Hell, all you’d have to do is read the first paragraph to understand they were spying on the users of a competitor.
The spying was done by a proprietary service (Facebook’s VPN). Blaming the users for anything on that scale is dumb and futile, but it still reinforces the idea of avoiding proprietary services as much as possible, especially anything on the client side.
The article didn’t explain how the attack worked though. Did the Snapchat client not use anything like TLS to connect to the Snapchat server? Did the Facebook VPN somehow still intercept it, e.g. with a certificate that Snapchat trusted but that Facebook used for spying? Die that cert also work in browsers and did it somehow pass a third party audit, that at least Mozilla requires? I do know Mozilla looks very askance at such things, and they booted out at least one cert vendor over something like that a few years ago.
If Snapchat used some kind of device-wide TLS stack that Facebook managed to subvert, that should be treated as an OS vulnerability (assuming we’re talking about mobile devices). There’s a bunch of stuff that apps simply cannot do unless the user first goes through some complex procedure to root the phone. Messing with the TLS stack should be one of them.
Nice phone but too expensive for most users imo. We need sub $200 phones with removable batteries.
Another thing, I got a new phone about 3 months ago but the old one still has some unmigrated info on it. So once in a while I power it on to access something. It has stayed charged because there isn’t a battery sucking Bluetooth beacon running when the phone is off. I’d hate to have to keep charging the phone when it’s just sitting in a drawer.
8.5 minutes and interesting, based on this article:
https://theintercept.com/2024/03/09/fbi-dhs-gamers-extremism-violence/
The FBI wants to have online game companies help them spy on text and voice conversations between game players.
You’re broadcasting to family who will likely be using gmail, so what difference does it make? Google will get all the emails either way. Anyway, logical argumentation is completely useless in a personal situation like that.
If you want the address to be stable in the long term, you should probably use your own domain name instead of gmail or proton, if you’re not already doing that. After that, it’s possible to switch the hosting without changing the email address.