Facebook Hacked Users Phones to Snoop on Encrypted Data
Media is reporting that documents emerging from a legal case are revealing that in 2016 Facebook created a project to intercept and decrypt traffic on user’s phones to gain a competitive advantage.
I am still wrapping my head around the ethical, criminal, privacy, regulatory, and legal liability of Facebook essentially hijacking user's mobile devices to gain access to data that purposefully was being protected against #privacy invasion.
My guess is Facebook built a network shim to monitor traffic patterns from apps to specific domains, but potentially they may have also maneuvered to undermine the protection of the data contents as well. I expect more specific details will emerge with criminal, civil, and regulatory investigations.
This type of capability is something that sophisticated cyber hackers strive to achieve. The ability to identify source/destination of encrypted traffic, potentially redirect it, and possibly undermining protective data encryption is hugely powerful!
The fact that a major company created and deployed such malicious software (acting in detrimental ways to the user for the benefit of the attacker), showcases the lack of #ethics on the part of Facebook.
There needs to be appropriate accountability (ex. criminal, civil punitive, regulatory license revocation, etc.) based upon what full investigations uncover.
Read TechCrunch article that describes the man-in-the-middle attack: https://techcrunch.com/2024/03/26/facebook-secret-project-snooped-snapchat-user-traffic/