Motherboard reports that Facebook hired a cybersecurity firm to develop a zero-day exploit for the video player in Tails (The Amnesic Incognito Live System). Facebook provided this exploit to the FBI to aid in the apprehension of a predator using Facebook to harass victims. This exploit was not disclosed to the Tails developers.
Also covered by Gizmodo, as seen on Schneier's blog.
[Ed Note - The zero day was provided to the FBI via a third party, not directly from Facebook.]
(Score: 5, Insightful) by Anonymous Coward on Monday June 15 2020, @02:14AM (2 children)
If the software isn't secure for criminals, it isn't secure for anyone. Exploits should be reported directly to the software projects, not to the FBI or NSA. Facebook should be burned to the ground.
(Score: 5, Interesting) by Username on Monday June 15 2020, @02:42AM
Yeah, having some large corporation running exploits on my computer when I visit their website doesn't sit right with me. I'm sure there is some law against this sort of shit. They'll probably get away with it too since they pay off the politicians. Which pisses me off even more.
If I paid someone to create an exploit and used it against facebook, pretty sure I'd go to prison.
(Score: 2, Interesting) by Anonymous Coward on Monday June 15 2020, @04:24AM
What kind of shitty protection does Tails provide, if surreptitious traffic can leave the node in the clear?