01 April 2024

Facebook Hacked Into Snapchat, Google, and Amazon

Because of course they did. Facebook Secretly Wiretapped Competitors: Documents | ZeroHedge

"Move fast and break things." That is the Silicon Valley creed, or it was. In this case what was broken appears to have been the law.

So let's start with the conclusion.

Facebook’s actions amounted to wiretapping and violated federal law.

What they did (allegedly) was set up Man-in-the-Middle attacks. These are (or were anyway) fairly common attacks. The tech is well known. If your private phone connects to your employer's WiFi, they are probably doing a Man-in-the-Middle attack to read all of your network traffic. A, because they can, and B, the courts said that they could. (It is their WiFi, after all).

In one email, Mr. Zuckerberg wrote that there was a need to receive information about Snapchat but that their traffic was encrypted. “Given how quickly they’re growing, it seems important to figure out a new way to get reliable analytics about them. Perhaps we need to do panels or write custom software. You should figure out how to do this,” he wrote.

The details of what they did, are fairly technical, and I'm not sure that ZeroHedge does the best job of explaining it. Clicking on the link would be a good place to start if you're interested in the details, but there are probably better articles. Most journalists who don't work in tech will not understand the details themselves, and won't be trying to present them anyway. And some journalists who do work in tech are still journalists, not hackers, and will be confused.

Still the legal implications are interesting enough.

Lawyers for the plaintiffs, who are advertisers, have asked the court handling the case, the U.S. District Court in northern California, to grant them three additional hours with Mr. Zuckerberg so they can ask him more about what happened. They also asked for sanctions against Meta, which owns Facebook, because Meta did not disclose the program when initially asked for all information and data that Facebook derived from Onavo’s work.

By the way, if you don't want your employer to read your network traffic, don't connect to their WiFi. Also don't use their phone for your business. They have the right to read that traffic as well. (It is their phone, after all.)

Hat tip goes to Did Facebook Run A Man-in-The-Middle Hack Against Competitors?

  1. This is all from Snapchat’s court documents, so you have to put an “allegedly” on all this.
  2. If all the allegations are true, Facebook has just broken all sorts of federal anti-hacking laws, including the Computer Fraud and Abuse Act (CFAA), the Electronic Communications Privacy Act (ECPA), the Identity Theft and Assumption Deterrence Act, and probably half a dozen more I haven’t even thought of.
  3. That Zuckerberg himself is (allegedly) directly implicated in deliberately breaking federal law is pretty breathtaking. He could be looking at serious jail time. Or would be, if he weren’t such a big Democratic Party Donor.

No comments:

Post a Comment

Comment Moderation is in place. Your comment will be visible as soon as I can get to it. Unless it is SPAM, and then it will never see the light of day.

Be Nice. Personal Attacks WILL be deleted. And I reserve the right to delete stuff that annoys me.