Instagram co-founder Mike Krieger has responded to the publication of a potential vulnerability on the app’s iOS version by noting that the company plans to finish upgrading to HTTPS for the entire service “soon.” Developer Stevie Graham went public with the vulnerability after Facebook failed to fix the issue. According to a Hacker News comment, Graham discovered the issue years ago and_was shocked_when he realized it hadn’t been fixed. The issue exposes_users of the iOS app to attacks via_man-in-the-middle because Instagram_sends some unencrypted data with the session cookie. A malicious actor could then use those cookies to spoof the account...

This story continues at The Next Web