Facebook's security boss is offski. Not to worry, it has 'embedded security' in all divisions

Alex Stamos's replacement not yet announced

Facebook chief security officer Alex Stamos is leaving the social network to work on information warfare at Stanford University. The social network has not named any replacement.

Admiral Mike Rogers of the NSA

Why does the NSA's boss care so much about backdoors when he can just steal all our encryption keys?


The social network left a three-month gap between the departure of previous security boss Joe Sullivan to Uber and Stamos's arrival at Facebook back in 2015. It appears to be leaving its options open while pushing ahead with a plan to push security responsibilities further down the food chain, at a least for now.

Asked by El Reg to comment on reports that Facebook would be retiring Stamos's role after his departure in favour of embedding security in all its divisions, the social network offered the following statement.

We are investing heavily in security to address new types of threats for the people who use our services. Earlier this year we embedded our security engineers, analysts, investigators, and other specialists in the heart of our product and engineering teams.

Stamos joined Facebook in 2015 after serving as a CSO at Yahoo and earlier co-founding iSEC Partners. While at Facebook, Stamos co-authored a paper on the abuse of social media to attack elections.

"I am very excited to say that I have accepted a teaching and research role at Stanford starting in September," Stamos said in a Twitter update. "My last day at Facebook will be Aug 17."

"Silicon Valley faces many challenges, and I am encouraged that there are so many dedicated, thoughtful and skilled people continuing to tackle these challenges at Facebook. I will miss everyone but I look forward to collaborating with them in the future," he added.

Stamos said he had planned to leave earlier this year, shortly after he reportedly clashed with his superiors in arguing the social network needed to be more forthcoming about Russian election interference and disinformation campaigns. Now we know he's moving on to become a full-time academic, specialising in information security policy, the role of security and technology in society and related areas.

A longer statement on Stamos's departure from the social network can be found on Facebook itself here.

Facebook has had its world turned upside down by the Cambridge Analytics scandal. Stamos initially responded to the still raging controversy by emphatically repeating the early company line that CA's acquisition of information on 50 million people through an academic researcher wasn't a data breach, before changing tack.

Whilst at Yahoo! Stamos publicly challenged NSA boss Mike Rogers to debate over the need for encryption back doors. He championed end-to-end encryption both at Yahoo! and at Facebook. The technology was rolled out to WhatsApp users during his tenure.

Earlier this week, Facebook said that it had identified and blocked accounts spewing political propaganda in what is thought to be a Russian-orchestrated political influence campaign ahead of the November midterm elections. We can expect more of the same over the weeks ahead so to lose an expert in security and disinformation from its roster is, at minimum, inopportune for Facebook.

Sheryl Sandberg, Facebook chief operating officer, offered praise for Stamos in a canned statement: “Alex has played an important role in how we approach security challenges and helped us build relationships with partners so we can better address the threats we face. We know he will be an enormous asset to the team at Stanford and we look forward to collaborating with him in his new role.” ®

Similar topics

Narrower topics

Other stories you might like

  • Meta agrees to tweak ad system after US govt brands it discriminatory
    And pay the tiniest of fines, too

    Facebook parent Meta has settled a complaint brought by the US government, which alleged the internet giant's machine-learning algorithms broke the law by blocking certain users from seeing online real-estate adverts based on their nationality, race, religion, sex, and marital status.

    Specifically, Meta violated America's Fair Housing Act, which protects people looking to buy or rent properties from discrimination, it was claimed; it is illegal for homeowners to refuse to sell or rent their houses or advertise homes to specific demographics, and to evict tenants based on their demographics.

    This week, prosecutors sued Meta in New York City, alleging the mega-corp's algorithms discriminated against users on Facebook by unfairly targeting people with housing ads based on their "race, color, religion, sex, disability, familial status, and national origin."

    Continue reading
  • Metaverse progress update: Some VR headset prototypes nowhere near shipping
    But when it does work, bet you'll fall over yourselves to blow ten large on designer clobber for your avy

    Facebook owner Meta's pivot to the metaverse is drawing significant amounts of resources: not just billions in case, but time. The tech giant has demonstrated some prototype virtual-reality headsets that aren't close to shipping and highlight some of the challenges that must be overcome.

    The metaverse is CEO Mark Zuckerberg's grand idea of connected virtual worlds in which people can interact, play, shop, and work. For instance, inhabitants will be able to create avatars to represent themselves, wearing clothes bought using actual money – with designer gear going for five figures.

    Apropos of nothing, Meta COO Sheryl Sandberg is leaving the biz.

    Continue reading
  • Facebook phishing campaign nets millions in IDs and cash
    Hundreds of millions of stolen credentials and a cool $59 million

    An ongoing phishing campaign targeting Facebook users may have already netted hundreds of millions of credentials and a claimed $59 million, and it's only getting bigger.

    Identified by security researchers at phishing prevention company Pixm in late 2021, the campaign has only been running since the final quarter of last year, but has already proven incredibly successful. Just one landing page - out of around 400 Pixm found - got 2.7 million visitors in 2021, and has already tricked 8.5 million viewers into visiting it in 2022. 

    The flow of this phishing campaign isn't unique: Like many others targeting users on social media, the attack comes as a link sent via DM from a compromised account. That link performs a series of redirects, often through malvertising pages to rack up views and clicks, ultimately landing on a fake Facebook login page. That page, in turn, takes the victim to advert landing pages that generate additional revenue for the campaign's organizers. 

    Continue reading

Biting the hand that feeds IT © 1998–2022