Connect with us

Internet

Instagram messages on the web could pose an encryption challenge

Published

on

It’s a relatively slow week on the platforms-and-democracy beat, so let’s talk about something small but fascinating in its own way: the arrival of Instagram messages on the web.

An unfortunate thing about being a xennial who grew up using (and loving) the world wide web is that most developers no longer build for it. Over the past 15 years, mobile phones became more popular than desktop computers ever were, and the result is that web development has entered a slow but seemingly inexorable decline. At the same time, like most journalists, I spent all day working on that same web. And with each passing year, the place where I do most of my work seems a little less vital.

This all feels particularly true when it comes to communications tools. Once, every messaging kingdom was united with a common API, allowing us to gather our conversations into a single place. (Shout out to Adium.) But today, our messages are often scattered across a dozen or more corporate inboxes, and accessing them typically requires picking up your phone and navigating to a separate app.

As a result, I spend a lot of time typing on a glass screen, where I am slow and typo-prone, rather than on a physical keyboard, where I’m lightning-quick. And each time I pick up my phone to respond to a message on WhatsApp, or Snapchat, or Signal, I inevitably find a notification for some other app, and the next thing I know 20 minutes have passed.

All of which is to say, I was extremely excited today to see Instagram’s announcement that it had begun rolling out direct messages on the web. (The company gave me access to the feature, and it’s glorious.) Here’s Ashley Carman at The Verge:

Starting today, a “small percentage” of the platform’s global users will be able to access their DMs from Instagram’s website, which should be useful for businesses, influencers, and anyone else who sends lots of DMs, while also helping to round out the app’s experience across devices. Today’s rollout is only a test, the company says, and more details on a potential wide-scale rollout will come in the future.

The direct messaging experience will be essentially the same through the browser as it is on mobile. You can create new groups or start a chat with someone either from the DM screen or a profile page; you can also double-tap to like a message, share photos from the desktop, and see the total number of unread messages you have. You’ll be able to receive desktop DM notifications if you enable notifications for the entire Instagram site in your browser.

Instagram didn’t state a strategic rationale for the move, but it makes sense in a world that is already moving toward small groups and private communication. Messengers win in part by being ubiquitous, and even if deskbound users like myself are in the minority, Facebook can only grab market share from rivals if it’s everywhere those rivals can be found. (iMessage and Signal, for example, have long been usable on desktop as well as mobile devices.)

Now, thanks to this move, I can make greater use of Instagram as both a social and reporting tool, and the web itself feels just a bit more vital. All of which is good news — but, asks former Facebook security chief Alex Stamos, is it secure? After all, Facebook is in the midst of a significant shift toward private, end-to-end encrypted messaging, with plans to create a single, encrypted backend for all of its messaging apps.

Alex Stamos@alexstamosReplying to @CaseyNewton

This is fascinating, as it cuts directly against the announced goal of E2E encrypted compatibility between FB/IG/WA. Nobody has ever built a trustworthy web-based E2EE messenger, and I was expecting them to drop web support in FB Messenger. Right hand versus left?265:28 PM – Jan 14, 2020Twitter Ads info and privacySee Alex Stamos’s other Tweets

Stamos went on to highlight two core challenges in making web-based communications secure. One is securely storing cryptographic information in JavaScript, the lingua franca of the web. (This problem is being actively worked on, Stamos notes.) The second is that the nature of the web would allow a company to create a custom backdoor targeting an individual user — if compelled by a government, say. For that, there are few obvious workarounds.

One alternative is to take the approach that Signal and Facebook-owned WhatsApp have, and create native or web-based apps. As security researcher Saleem Rashid told me, the web version of WhatsApp generates a public key in the browser using JavaScript, then encodes it in a QR code that a users scans with their phone. This creates an encrypted tunnel between the web and the smartphone, and so long as the JavaScript involved in generating the key is not malicious, WhatsApp should not be able to encrypt any of the messages.

When I asked Instagram about how it plans to square the circle between desktop messages and encryption, the company declined to comment. I’m told that it still plans to build encryption into its products, and is still working through exactly how to accomplish this.

Granted, when I think of the tasks that I hope Facebook accomplishes this year, encrypted Instagram DMs are low on the list. But with our authoritarian president browbeating Apple today for failing to unlock a suspected criminal’s phone, the stakes for all this are relatively clear. We will either have good encrypted messaging backed by US corporations, or we won’t. As Apple put it this week:

“We have always maintained there is no such thing as a backdoor just for the good guys,” the company explained. “Backdoors can also be exploited by those who threaten our national security and the data security of our customers. … We feel strongly encryption is vital to protecting our country and our users’ data.”

On one level, today’s Instagram news is a small story about a niche feature. But in the background, questions about the security of our private communications are swirling. Which should give us all reason to watch Facebook’s next moves here very closely.

THE RATIO

Today in news that could affect public perception of the big tech platforms.

Trending down: Facebook said it doesn’t need to change its web-tracking services to comply with California’s new consumer-privacy law. The company’s rationale is that routine data transfers about consumers don’t fit the law’s definition of “selling” data. The move puts it at odds with Google, which is taking the opposite tack.

Trending down: GrindrOkCupid and Tinder are sharing sensitive user data like dating choices and precise location to advertisers in ways that may violate privacy laws, according to a new report. I don’t want to downplay that, but if you think that data is sensitive, you should see the average Grindr user’s DMs.

GOVERNING

⭐ Two days before the UK election in December, some 74,000 political advertisements vanished from Facebook’s Ad Library, a website that serves as an archive of political and issue ads run on the platform. The company said a bug wiped 40 percent of all political Facebook ads in the UK from the public record. Rory Smith at BuzzFeed has the story:

In the wake of the failure during the UK elections, Facebook said it had launched a review of how to prevent these issues, as well as how to communicate them more clearly.

But the events of Dec. 10 are not the first time Facebook’s Ad Library has failed since its launch in May 2018. The API, which is supposed to give researchers greater access to data than the library website, went live in March 2019 and ran into trouble within weeks of the European Parliament election in May. Researchers have been documenting a myriad of issues ever since.

The platform also drew the ire of researchers when it failed to deliver the data it promised as part of a partnership with the nonprofit Social Science Research Council and Social Science One, a for-profit initiative run by researchers — a project that was funded by several large US foundations. Facebook said it remains committed to providing data to researchers, but the SSRC and funders have begun withdrawing from the project due to the company’s delays.

Russian military hackers may have been boring into the Ukrainian gas company at the center of the impeachment inquiry, where Hunter Biden served on the board. Experts say the timing and scale of the attacks suggest that the Russians could be searching for potentially embarrassing material on the Bidens, similar to what Trump was looking for. On Twitter, security experts like Facebook’s Nathaniel Gleicher have urged caution when writing about this story, arguing that the case for attribution to Russia is thin. (Nicole Perlroth and Matthew Rosenberg / The New York Times)

There’s been an explosion of online disinformation, including the use of doctored images, from politicians. They do it for a simple reason: It’s effective at spreading their messages, and so far none have paid a price for trafficking in bogus memes. (Drew Harwell / The Washington Post)

Artificial personas, in the form of AI-driven text generation and social-media chatbots, could drown out actual human discussions on the internet, experts warn. They say the issue could manifest itself in particularly frightening ways during an election. (Bruce Schneier / The Atlantic)

The Treasury Department unveiled new rules designed to increase scrutiny of foreign investors whose potential stakes in US companies could pose a national security threat. The rules are focused on businesses that handle personal data, and come after the United States has heightened scrutiny of foreign involvement in apps such as Grindr and TikTok. (Katy Stech Ferek / The Wall Street Journal)

The Harvard Law Review just floated the idea of adding 127 more states to the union. These states would add enough votes in Congress to rewrite the Constitution by passing amendments aimed at making every vote count equally. Worth a read.(Ian Millhiser / Vox)

The New York Times editorial board interviewed Bernie Sanders on how he plans carry out his ambitious policy ideas if faced with the Republican-led Senate that stymied so many of President Barack Obama’s proposals. Notably, he says he’s not an Amazon Prime customer and tries never to use any apps.

Workers for grocery delivery platform Instacart are organizing a national boycott of the company next week to push for the reinstatement of a 10 percent default tip on all orders. One of 2020’s big stories is going to be tech-focused labor movements; this is but the latest example. (Kim Lyons / The Verge)

Microsoft CEO Satya Nadella strongly criticized a new citizenship law that the Indian government passed last month. The law, known as the Citizenship Amendment Act, fast-tracks Indian citizenship for immigrants from most major South Asian religions except Islam. India is Nadella’s birthplace, and one of Microsoft’s largest markets, making his comments all the more notable. (Pranav Dixit / BuzzFeed)

INDUSTRY

⭐ Facebook’s push into virtual reality has resulted in a slew of new patents, mostly for heads-up displays. The company won 64 percent more patents in 2019 than in 2018. Christopher Yasiejko and Sarah Frier at Bloomberg explain what this might mean:

The breadth of Facebook’s patent growth, said Larry Cady, a senior analyst with IFI, resembled that of intellectual-property heavyweights Amazon.com Inc. and Apple Inc., which were No. 9 and No. 7, respectively, with each winning more than twice as many patents as the social media titan. Facebook’s largest numbers were in categories typical of Internet-based computer companies — data processing and digital transmission, for example — but its areas of greatest growth were in more novel categories that may suggest where the company sees its future.

Facebook’s 169 patents in the Optical Elements category marked a nearly six-fold jump. Most of that growth stems from the Heads-Up Displays sub-category, which Cady said probably is related to virtual-reality headsets. Facebook owns the VR company Oculus and in November acquired the Prague-based gaming studio behind the popular Beat Saber game. One such patent, granted Nov. 5, is titled “Compact head-mounted display for artificial reality.”

Popular “e-boys” on TikTok are nabbing fashion and entertainment deals. They’re known mostly for making irony-steeped videos of themselves in their bedrooms wearing tragically hip outfits composed of thrifted clothes. Some observers predict that top e-boys will have success reminiscent of the boy bands of yore. (Rebecca Jennings / Vox)

YouTube signed three video stars — Lannan “LazarBeam” Eacott, Elliott “Muselk” Watkins and Rachell “Valkyrae” Hofstetter — to combat Amazon’s Twitch and FacebookExclusive deals for top video game streamers have been one of the big tech stories of the year so far. (Salvador Rodriguez / CNBC)

Uncanny Valley, Anna Wiener’s beautiful memoir about life working at San Francisco tech companies, is out today. Kaitlyn Tiffany has a great interview with Wiener in the Atlantic. Read this book and stay tuned for news about an Interface Live event with Wiener in San Francisco next month!

Mark Bergen, friend of The Interface and a journalist at Bloomberg, is writing a book about YouTube titled Like, Comment, Subscribe. Bergen is a former Recode colleague and ace YouTube reporter, and this book will be a must-read in our world. (Kia Kokalitcheva / Axios)

The Information published a Twitter org chart that identifies the company’s 66 top executives, including the nine people who report directly to CEO Jack Dorsey. (Alex Heath / The Information)

A new app called Doublicat allows users to put any face on a GIFs in seconds, essentially allowing them to create deepfakes. The app launches just as prominent tech companies like Facebook and Reddit ban deepfakes almost completely. (Matthew Wille / Input)

Source:
https://www.theverge.com/interface/2020/1/15/21065596/instagram-direct-web-dms-encryption-security-stamos

Continue Reading
Advertisement
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Internet

Google Chrome prepares new tab groups feature that creates groups automatically

Published

on

By

Months after announcing it, Google finally rolled out tab groups widely in the past couple of weeks. Now, an improvement could be coming to Chrome’s tab group feature — the ability to recreate them automatically.

In the latest Chrome Canary release, a new flag is present that describes a feature Google is working on. That flag, titled “tab groups auto create,” is one that has had us scratching our heads since it popped onto our radar earlier this week.

Google’s description, too, unfortunately doesn’t help matters. the company simply explains that the feature “automatically creates groups for users, if tab groups are enabled” in Chrome. What does that mean? We’re not entirely sure, but there are a few possibilities!

For one, Google might be able to remember tab groups from a previous session and drop them into a group when opened. Alternatively, Google could intelligently create groups based on similar types of tabs. At this point, it’s all up in the air. We can say pretty confidently, however, that this feature is not live in the latest Canary release.

Source: https://9to5google.com/2020/09/17/google-chrome-tab-groups-automatic-flag/

Continue Reading

Internet

Facebook Is Apparently Adding Instagram Stories to Its Key Application

Published

on

By

Facebook has built it no key that it would like to entwine Instagram into its principal blue app as a great deal as possible (to some Instagram users’ chagrin.) Its most recent experiment evidently requires placing Instagram stories right on Facebook.

In accordance to a report in the Verge, some Facebook customers have lately started looking at Instagram stories in their Fb story feeds. A Fb representative apparently verified the news to Matt Navarra, a social media marketplace commentator and advisor, and stated that it was a restricted examination. The representative added that Facebook would be listening to feedback from its group on the prospective new characteristic.

In a screenshot posted by a Twitter consumer and Navarra on Friday, Fb seemingly points out that not just anyone can view an Instagram story on Facebook. In get to do so, consumers have to website link their Instagram accounts to Facebook and have this viewing placing turned on. Fb states that men and women who don’t abide by a user on Instagram will not be ready to see that user’s tales.

Fb also purportedly pressured that even however tales will be in two sites, users’ overall practical experience would not improve. That is mainly because people will nevertheless essentially be sharing their tales with the similar persons on Facebook and Instagram. In addition, Instagram stories on Facebook (which will have a pink and orange circle) will surface with a user’s Instagram take care of. And even though the tales will be seen on Fb, end users will see all tale sights and replies on Instagram.

In new many years, Facebook has labored to convey all of its popular apps, which involve WhatsApp and Instagram, nearer with each other. Very last thirty day period, Facebook released a new exam working experience on Instagram messaging for some users. The new experience up-to-date the look of Instagram immediate messages and promoted the likelihood of chatting with individuals who use Fb.

Who knows, possibly in the foreseeable future we won’t have an application named Instagram or Fb. We’ll just have a person giant purple and blue app, owned by Facebook, that does almost everything.

Source: https://poptimesuk.com/facebook-is-apparently-adding-instagram-stories-to-its-key-application/175242/

Continue Reading

Internet

Cloudflare goes down; crypto websites hit

Published

on

By

Cloudlfare, an internet service provider responsible for various functions, went down Sunday morning, taking down many websites, including some crypto sites.

The company confirmed in a tweet it experienced issues around 9:24 am Eastern time caused by a third-party transit provider. Network stability returned around 11 am though Cloudflare said it is still monitoring for other potential problems. In a statement emailed to Cointelegraph, Cloudflare chief technology officer John Graham-Cumming said:

“Today we saw a widespread Internet outage online that impacted many multiple providers. This was not a Cloudflare-specific outage. Level 3/CenturyLink was responsible for an outage that affected many Internet services, including Cloudflare. Cloudflare’s automated systems detected the problem and routed around them, but the extent of the problem required manual intervention as well.”

A large majority of the internet uses Cloudflare. News reports noted several popular websites went down following Cloudflare’s network issues, including streaming site Hulu and cooperative gaming services PlayStation Network and Xbox Live.

Crypto websites were not immune. Bitfinex Chief Technology Officer Paolo Ardoino tweeted that the Cloudflare outage caused any connection issues to Bitfinex Sunday morning.

Picture

Cloudflare’s last outage made people question if crypto holders are truly decentralized. That outage reportedly affected Bitcoin transactions.

Source: https://cointelegraph.com/news/cloudflare-goes-down-crypto-websites-hit

Continue Reading
Advertisement

Trending

Copyright © 2020 Inventrium Magazine

%d bloggers like this: