Former Facebook security chief Alex Stamos criticises Instagram for extending DMs to web
Stamos in a series of tweets explains how Instagram’s decision to extend DMs to web could hurt the goal to bring end-to-end encrypted compatibility between Facebook, Instagram, and WhatsApp.Updated: Jan 15, 2020 11:45 IST
Former Facebook chief security officer Alex Stamos has criticised Instagram for extending direct messages support to the web. Stamos said the move goes against Facebook’s goal of bring end-to-end encrypted compatibility between Facebook, Instagram, and WhatsApp.
“This is fascinating, as it cuts directly against the announced goal of E2E encrypted compatibility between FB/IG/WA. Nobody has ever built a trustworthy web-based E2EE messenger, and I was expecting them to drop web support in FB Messenger. Right hand versus left?,” said Stamos in a tweet.
With a web messenger, all you need is leverage over the company that writes, operates and distributes the code on a per-user basis. This is exactly what happened to Lavabit. Fixing this problem is extremely hard and would require fundamental changes to how the WWW works.— Alex Stamos (@alexstamos) January 14, 2020
“The second major issue is the model by which code on the web is distributed, which is directly from the vendor in a customizable fashion. This means that inserting a backdoor for one specific user is much much easier than in the mobile app paradigm,” he said.
Facebook last year had revealed plans to unify the underlying messaging feature on its three instant messaging apps including Messenger, Instagram, and WhatsApp. The company had said it was working to bring end-to-end encryption, which would make it difficult for anyone other than sender and recipient to access the messages exchanged. Facebook’s plans to unify these platforms, however, had stirred privacy concerns.