We go back and forth on whether we actually like the idea of instant messaging apps. See, it’s really nice to always immediately be in contact with friends and family but it also super-duper sucks to always be in contact with friends and family. They’re nice to have during a pandemic, sure but sometimes, it’s nice to just put your phone down and not have to worry about a messaging coming asking for some unnecessary task to be completed for the office or “please, we need to get your aunt to the hospital”. Man, so annoying, right?
With so many instant messaging apps out there, most of them doing roughly the same thing, it seems like a good idea for someone to really delve into the weeds and check which ones are okay and which ones totally suck. It’s a vast thing to study though, so to provide a decent little cutaway of the relevant apps that can be extrapolated, you need to get specific and look into something like link previews. Which, fortunately for us, some clever clogs have been doing.
A link to the… present?
You’ve seen link previews, even if you have no idea what the term means. You know when someone sends you a link and a little image or piece of text is included in the message? That’s a link preview, and they make chatting way more convenient. The downside to this added bit of context is that these previews often consume an unnecessary amount of bandwidth, drain batteries, and, worst of all, potentially expose chats that are meant to be protected through end-to-end encryption, opening up users to sensitive data leaks and making personal accounts vulnerable to cyber attacks.
Considering that these link previews requires the app to open the link separately and scan the content in it (which obviously opens users up to all kinds of malware) you obviously would want to be using the least secure apps as infrequently as possible.
Messaging apps should just chill, dude
So which were the worst apps? Well, according to researchers, Talal Haj Bakry and Tommy Mysk, Facebook Messenger and Instagram were the most vulnerable messaging apps. Both apps copy and download a link in its entirety, which is obviously not ideal because you could potentially be downloading gigabytes of potentially hazardous data. Mysk went the extra mile and showed off how Instagram was downloading 2.6GB worth of data… from just a link preview, which is WILD.
The same research indicates that LinkedIn is only marginally better as it limited data downloads to 50MB off link previews. Similar limitations were seen for Slack, Discord, Twitter and Zoom which limited data downloads between 15MB and 50MB.
So let’s just be aware that even though instant messaging apps go on about the security of end-to-end encryption, there’s always a loophole that can be exposed somewhere. And also, Facebook’s messaging services, be they Facebook Messenger or Instagram’s offering, are kinda terrible overall.
(Source: Ars Technica)