Highlights
- Popular messaging apps at risk to leak your data
- Sharing links in your messages invokes link preview, which can download large amounts of mixed content
- Link preview can introduce risk to leak your data, and/or install malware on your device
- Be aware of the risk factors associated with the messaging apps you use
Messaging Apps Can Leak Your Data
Did you know that many messaging apps are at risk to leak data? The referenced article illustrates exposure by messaging app. The table in the article lists the most popular messaging apps, along with their preview handling characteristics. It’s interesting to note that one of the messaging apps can leak encrypted data, and 3 of them come with risk for running malicious code on your device!
Link Preview Presents An Exposure
Now, I expected that some messaging apps probably weren’t very secure. What’s revealed in the article goes far beyond what I expected. The exposure happens when you share links in your messaging apps. When you include a link to an internet address, messaging apps will usually insert a preview of the linked resource. According to the article, preview can be insecure.
Some messaging apps can handle unlimited capacity for downloading preview content. Others limit their preview content capacity, typically 20-50 MB. That’s still a lot of content bandwidth, and plenty of room for malware. This presents a risk to leak your private data, to chew up your network bandwidth, and to drain your battery.
Some Messaging Apps More Exposed
According to the article, messaging apps with the highest exposure are Facebook, Linkedin, and Instagram. Examples of messaging apps with no exposure for this are iMessage (yay Apple), Reddit, and surprisingly to me, TikTok!
Link previews are a ubiquitous feature found in just about every chat and messaging app, and with good reason. They make online conversations easier by providing images and text associated with the file that’s being linked. Unfortunately, they can also leak our sensitive data, consume our limited bandwidth, drain our batteries, and, in one case, expose links in chats that are supposed to be end-to-end encrypted.
Read the ars Technica article:
Study shows which messengers leak your data, drain your battery, and more
