If you thought your Facebook chats are safe from prying eyes, you’re apparently wrong. Bosnadev says that Facebook’s chats are being scanned by a CIA-funded company, a discovery Bosnadev made after looking into some unusual activity on a website triggered by a link present in a Facebook chat.
“During the testing of an application we’ve set up in a non-published area we have noticed some unusual activity. The link for the app was sent via Facebook chat and afterwards comes the interesting part,” Bosnadev said, publishing a list of “lots of IPv6 for a single Facebook check” as the aforementioned interesting part.
Further investigating the matter, Bosnadev tracked logs for a new URL address that was sent over Facebook chat and discovered similar behavior.
Upon researching Facebook chat scans, Bosnadev discovered information about a third-party company called Recorded Future that’s received funding from Google Ventures and the CIA. Apparently, this company was the primary culprit for scanning Facebook chats.
Obviously, it’s one thing to have Facebook scan your chats for preventing criminal activity, something the social network has been doing for years, and something entirely different to have a third party doing the same thing.
Apparently, Recorded Future “continuously analyzes the open Web” including links that have not been published anywhere else but on Facebook chat, which should be a secure location for private conversations. More details about this potential Facebook privacy concern are available at the source link.
UPDATE: Both Facebook and Recorded Future have commented on the matter, denying that any chat content is scanned by Recorded Future.
“Hi everyone. I work on the security team at Facebook, sweis wrote on Hacker News. “While investigating the claims of this post, we’ve confirmed that Facebook doesn’t use Recorded Future – an open source aggregator of public data – to scan any private content. That means we haven’t partnered with or directed Recorded Future to scan anyone’s message links.”
“It’s hard to tell precisely what’s going on based on the amount of information in the post. It’s possible that another interaction, including one that could be occurring on the client machine, is consuming the URL and generating this behavior. We’ll update if any new information is discovered,” he added.
“Hi everyone – the team here at Recorded Future looked into this and dug into our logs to confirm what happened,” user mattkrf also wrote on the same site. “Our systems followed this URL after it was posted on a public site. Our system constantly explores links published on the web. We’ve checked our logs and confirmed that this is what happened in this specific case. It’s not related to any Facebook chat messages containing this link. Our system doesn’t access that information.”