Have tested this myself with known bad links (ie malware, spam and piracy websites). None were blocked.
Steve Weis was involved in its development (previously PrivateCore, Google Security Engineer where he developed 2FA and the keyczar library) and jumped on the defense after it was initially announced. Earlier versions were reviewed externally by some pretty well-known cryptographers.
That being said, meta-data around use of E2E encryption in Messenger is still an issue since it's not enabled by default.
Yep. Same with the Apple crash character bug from a few weeks ago. Also when linking .EXE's and .SCR's, I didn't see any hits on the server. Facebook blocks direct linking to executable files, and usually does a HEAD request against the web server - in this case I didn't see anything when sending via Secret.
Steve Weis was involved in its development (previously PrivateCore, Google Security Engineer where he developed 2FA and the keyczar library) and jumped on the defense after it was initially announced. Earlier versions were reviewed externally by some pretty well-known cryptographers.
That being said, meta-data around use of E2E encryption in Messenger is still an issue since it's not enabled by default.