There are strong parallels between organised abuse of Facebook and FB’s attempts to respond, in the last 24 months, and malware on Windows and Office and Microsoft’s attempts to respond, 20 years ago.
Initial responses in both cases have taken two paths: tactical changes to development and API practices to try to make the existing model more secure, and attempts to scan for known bad actors and bad behavior (virus scanners then and human moderators now)
For Microsoft’s malware problem, however, this was not the long-term answer: instead the industry changed what security looked like by moving to SaaS and the cloud and then to fundamentally different operating system models (ChromeOS, iOS) that make the malware threat close to irrelevant.
Facebook’s pivot towards messaging and end-to-end encryption is (partly) an attempt to do the same: changing the model so that the threat is irrelevant. But where the move to SaaS and new operating systems happened largely without Microsoft, Facebook is trying to drive the change itselfRead More