Facebook payed more than 100 000 dollar to an unknown security company to develop a zero-day exploit to aid the FBI in catching a child predator and succeeded in catching him.
It is unknown which exploit Facebook used, the exploit made use of a vulnerability in the movie player of Tails, Facebook engineers wrote a program that attached the exploit to a video, which a victim send to the perpetrator. This is the first time Facebook helped the police hack someone.
The man the FBI caught blackmailed girls to give him nude pictures. Sources within Facebook said that the man was one of the biggest dangers on the site, he plead guilty to 41 charges. The man made use of Tails, a Debian distribution designed specifically to remain anonymous on the internet. The FBI did try to hack the man before, but the tools the FBI used were inadequate to hack Tails.
According to one of the Facebook employee the code responsible for the the vulnerability was naturally patched out of Tails.
The decision was controversial within the company, some saying that the idea of a private company buying a zero-day exploit is “fucked up” and “sketchy as hell”.
3 months ago I recommended people to try out Tails, I’m not sure if I can recommend Tails now. It got hacked, that is true, but not after a big company like Facebook had to spend 100 000 dollar for a temporary exploit. If you no longer want to use Tails, there is also still Qubes and Whonix.
Here is the original article.