Facebook’s “secure” messaging app has been found vulnerable to compromise by a simple call.

…malicious code,…transmitted even if users did not answer their phones, and the calls often disappeared from call logs

The discovery was made by security researchers helping protect human rights defenders from targeted attacks by private firms. These private firms sell skills to highest-bidders, like mercenaries, which tends to correlate funding from targets of human-rights complaints.

And before we go too deeply into questions like “don’t these 0click vulnerabilities exist in other platforms that exist” let me suggest we ask why human rights defenders are using Facebook at all.

We can’t prove a teapot doesn’t exist in space, but we can say with certainty that atheist lawyers are less safe when using an app delivered by a church with a track record of denying the science of safety.

“Unfortunately, NASA regulations state that Bertrand Russell-related payloads can only be launched within launch vehicles which do not launch themselves”

Headlines are popping up all over that the CIA has created an “Onion” site. If you are like me, you immediately think of things like this:

And on that note, the first story on the CIA Onion site might be something like “CIA Prototypes Real-life Wolverine Missile-claws”.

Then it would give examples of how a remote-controlled projectile can penetrate small armored spaces to murder anyone inside, as blades launch that won’t harm bystanders outside the boundary.

Oh, wait, that’s a real news disclosure.

The new missile, which has never been acknowledged publicly before today, is called the R9X and is a variant of the Hellfire missile. But unlike a traditional Hellfire, the R9X is designed with six long blades that only emerge from the missile seconds before impact. The R9X, nicknamed the “flying Ginsu” by insiders, doesn’t contain a warhead. The goal, according to anonymous U.S. officials speaking with the Journal, is to reduce unnecessary casualties and hopefully only kill the person who was targeted in the first place.

Saying “Ginsu” in that story reveals something about the age of those involved. I’d expect “vita-mix” if this were a younger research team.

Anyway, saying the CIA has an “Onion” news site is not really a good way to describe what is happening. It doesn’t disambiguate from or give some kind of shout out to “The Onion” news site, which we all know and love for its past reporting on the CIA.

Thankfully Wired posted a more clear (albeit yelling) headline with “CIA SETS UP SHOP ON TOR”

…people around the world can browse the agency’s website anonymously…the US government can benefit from using the anonymity service…

Ohhhh, it’s a Torrent option for connecting to CIA information. And that begs the question why not use a headline like “CIA Offers Reader Privacy with New Information Service”?

Privacy is the real story here, and probably should go right in the headline. Not mine, though, as I’m trying to draw attention to The Onion.