Facebook's outmoded Web crypto opens door to NSA spying

Secret documents describing the National Security Agency's surveillance apparatus have highlighted vulnerabilities in outdated Web encryption used by Facebook and a handful of other U.S. companies.

Documents leaked by former NSA contractor Edward Snowden confirm that the NSA taps into fiber optic cables "upstream" from Internet companies and vacuums up e-mail and other data that "flows past" -- a security vulnerability that "https" Web encryption is intended to guard against.

But Facebook and a few other companies still rely on an encryption technique viewed as many years out of date, which cryptographers say the NSA could penetrate reasonably quickly after intercepting the communications. Facebook uses encryption keys with a length of only 1024 bits, while Web companies including Apple, Microsoft, Twitter, Dropbox, and even Myspace have switched to exponentially more secure 2,048-bit keys...

Read the full story here. Source: CNET

Instagram now has a full web feed to compliment its mobile app

Since its launch in 2010, Instagramhas remained an almost entirely mobile-only experience, only recently bringing a profile page component to the web. That changed today with the now Facebook-owned company introducing a full web-based image feed, including commentating and sharing options, for viewing your photos and those of your friends from within any browser.

Instagram co-founder Kevin Systrom announced the admittedly major step for his brand via its official blog, stating that it comes as the result of user demand. While the web feed mimics its in-app counterpart very closely -- particularly when viewed in mobile Safari or Chrome for iOS -- it most notably lacks the option to upload photos from within your browser. Systrom remarked that the feature was left out because the core of Instagram remains "about producing photos on the go, in the real world, in realtime."

[Source: TUAW]