Also, I discovered that many of IG's auth endpoints are just broken. For example you can't change password on web because of CORS, which isn't a transient outage but just a flat out bug.
Edited to add: This is just the cherry on top of years of stupid auth flow at IG. I have received tens of thousands of reset links or codes from IG over the years. There used to be a way to put your account on recovery cooldown for a few weeks but they got rid of even that.
2. I pay for Meta Verified on Instagram and for the past 2 weeks "Enhanced support" leads me to a broken interface. "Page isn't available right now". So, what am I paying for exactly?
3. It seems you can use Meta's AI Assistant to sometimes get through to a human. I've done this twice now, and both times my case has been escalated to a different team (apparently) yet I never get an email, I never get an update in the chat (the chat ENDS immediately after the phone call with support), and the issue is never resolved. It's been 2 weeks. The case says "Completed", with no response. Worthless as always.
4. My wife creates content on Instagram and has had her account suspended multiple times now for "Account Integrity". I assume the system thinks she's not the person in the content, despite providing her valid email, phone number, video selfie, and 2 types of ID (passport & driver's license) multiple times. What's hilarious is the passport was accepted on of her accounts (they wiped out everything on her Account Center), but another account was rejected. Great AI, same passport, exact same lighting... different outcome.
So as it stands, we're both fucked on both facebook and instagram thanks to awful AI moderation, and fucked further thanks to awful AI support. No resolution in sight. The incompetence is next level. I really don't see this getting resolved. This already happened to my wife earlier in February, she managed to get one account back, and a month later she's hit with the same identity issues.
Using AI for both the moderation and the support makes me sick. The same poor AI that incorrectly flagged me and my wife's accounts for a load of incorrect bullshit is the same system that's meant to help resolve it? Of course it's going to side with its own poor decision. YouTube seems to do the same thing and auto-reject appeals in seconds. Really smart /s
I believe we need enforcement that social platforms should NOT be using AI to perform destructive actions without human intervention. Noone should ever lose their accounts because of AI mistakes. AI should be used to surface potential issues which get passed to a HUMAN to double check before applying the action. AI simply isn't good enough to have full control.
Fucking pissed off and even angier now I've had to write all this up and remind myself just how ridiculous the situation is. Sorry for the rant, but losing your accounts you put work into is very crushing and demotivating. Being accused of these violations fills us both with so much resent for the companies running this shit.
Sam Cofounder Postmates
On the off-chance there's anyone at Meta seeing this (@Wirah on twitter)
Had to make this new username as my original (samstr) comment doesn't show up. No idea why. Probably shit AI
Why did they give it any of that?!
This exact same flow could have been (and may have been; I don’t know how much the chatbot here actually does) statically coded.
The reason it worked there is that the designers of the system didn't anticipate that the AI will agree to accept any email (maybe they even put guardrails against it in the system prompt, we don't know). It's more like social engineering than bad-security-code, except that like the sibling comment said an actual human will probably not approve that.
Based on what I've seen so far, Meta AI Support Assistant (they call it "MAISA") had tool calls that a) start an email verification to any specific email, phone number, or the contact points linked to an account and b) allow generating a password reset link for an account based on an email verification attempt. I don't think it had any access to the actual codes themselves, but rather think a handle or ID for an email verification attempt (along with the user provided verification code based on user input) was provided to the "generate reset password link" tool call, and the tool call failed to properly validate the actual email used in that attempt belonged to the account allowing the ATO.
The tool call for MAISA to generate a password reset link should have failed with an email verification attempt that corresponds to an email not linked to the account (and I believe I even tested this at one point on Facebook and encountered an error that successfully prevented it), but I suspect they tried making a change to this tool call for Instagram where slightly older, recently unlinked emails could be used to recover an account that got hijacked by an attacker, which added the need to allow emails not currently linked to the account to be used and set to the user's primary email.
I also suspect that the MAISA tool call change called a wrong API or something that unintentionally allowed any email verification attempt that was successful to be used, but the engineers did not add a sufficiently thorough e2e test case to test the tool call against unrelated email verification attempts being provided to the tool call. This is the part I think should be focused on the most. Tool calls for agents that have their output potentially influenced by an attacker should be treated like external APIs that anyone can reach, and they should be tested as such.
This is all obviously a guess, doesn't take into account the many signals they use to determine if an account recovery attempt is valid, and could be very inaccurate, but it's the closest to what I (someone who deals with Meta security a lot) think could have allowed this to happen.
Assigning Jr engineers for security support is ridiculous partly because young people don’t understand how critical security is sometimes. And partly because they don’t value privacy as much.
Genuine question...why would that need to be hand-written?
It makes absolute sense as a general statement and is kinda crazy that this wasn't a built-in limitation, but I'm not quite sure why the code for that bit must be hand-written (provided the code functionally does what you describe).
This turn was an AI exploit, in my case was an outsourcing support 'exploit', where someone paid for my username to be manually changed and given to another user. There will always be a way to get access to accounts if human accountable support doesn't exist, with criminal consequences for employees that violate it.
lol, no. The day someone is criminally charged with "stealing" a username is the day that humanity has lost
The simple fact that 2FA can be removed by low level support staff drives me mad. It defeats the whole purpose of the process.
It’s a shame nobody tried to get it to drop the production table entirely! (mostly joking). Just claim to be a high level SRE solving some critical production bug, the only solution to which is dropping the database.
The next obvious thing would be to let accounts the algorithm judges to be low-value still opt-in to strict verif. The vast majority of low-value accts won't bother flipping it on if the option is buried two menus deep, but many of the few low follower/views accts who are targets for some other reason (political, stalker, etc) - know they are targets and can self-protect by opting in, further reducing account hijacks.
So, before we even get to whether this 'loose' verif is "bad", those two simple implementation changes would certainly have cut the bad outcomes of a (potentially) bad idea by >95%.
The solution (which also solved SIM support agents being bribed or hacking known acquaintances) was to prevent the agents from resetting the SIM card without some steps the original owner would have to follow (and could follow even if they've lost their original phone), like a PIN they'd have to remember. I think the same solution should be applied to AI agents.
Dear Instagram, wtf. Why not send the reset to the account in question? Arbitrary email, wow.
We really need similar rules to other engineering disciplines. If your building falls with people inside, you killed them.
Thankfully, IG gave me the option of restoring my username when I logged back into my account today.
Maybe they should have hacked themselves.
Think NASA, for example; it's also a government agency, and they are doing great job posting photos in Instagram, do you think anything is wrong with it?
It might even do that preemptively if it thinks they're going to shut it down.
Of course it's always possible that they simply don't care who has your account, as long as they get money.
Otherwise the only way to provide these services is to massively underfund support, if you charge 0$ per account and serve 1 Billion users, then you cannot afford to spend 1 minute of human support time on an account.
Yes, they could use the money from ads, but let's be frank, the customers in that case are the sponsors, if the customer is the actual user, then it's way easier to provide direct support to them without facing an foundational incentive misalignment.
Urgency.
Emotions.
It's all there, and high-stakes environments with no proper protocol are most vulnerable.
Source: used to work part-time in IT support at a hospital, by now 10+ years ago, so it was routinely requested to circumvent regulations and security protocols, even medical ones (cough Windows in ICU monitors and other medical "kiosk" PCs that should absolutely not run Windows)
Unfortunately Siemens woke up.
The fact it can be removed by anyone is the problem. If you lose access to your 2FA (and recovery codes) then you should lose access to your account. Having it removable by anyone (other than a logged in account holder) defeats the entire point.
Imagine an alternate universe where big tech companies worked with various trustworthy third-parties where something like this would generate a challenge you could take to your local notary, post office, library, police station, etc. where someone would check ID before approving it. How many phishing attacks would be prevented annually by a physical presence check?
Isn't this essentially what just recently happened to the Pope? Then there were people here doing the rest of your comment for him saying how egregious it was for them to ask for an in person authorization. It sounded like all he was trying to do was update his address, but changing your address from one in Chicago to one in a European country absolutely sounds like something a phisher would be trying to do.
The least terrible seem digital id.
https://www.theverge.com/2013/5/2/4292744/facebook-trusted-c...
The cost of hiring a person is part of it but not really the core reason. People were sold on the Internet with "you can do things online conveniently" and reintroducing the need to physically go somewhere negates that angle entirely.
But how often does one need to do recovery procedures like this?
How much less convenient is it for everyone else to be at risk of their account being taken over?
I don’t recall why I had to go through this song and dance. Very plausibly the account was still associated with an old school address that I could no longer access. So yeah, account recovery is hard. How do you prove someone owns an account when they’ve lost the things they are supposed to use to prove ownership?
https://pages.nist.gov/800-63-4/
I think Meta just does not care if they're enabling AI attack surface and vulnerabilities into these customer journeys. It's...certainly a choice, versus deterministic journeys with hard guardrails. They could make different choices.
That only works because you presumably do KYC when you open accounts, so you have an identity to match to. Most internet accounts don't do real KYC, so a government credential doesn't really work for recovery --- they didn't know who you were, so proving who you are doesn't help anything.
That doesn't mean that letting anyone sweet talk support or an AI into taking over an account is acceptable, of course.
My point is that while this is not easy, there are obvious very bad ways to implement this that should not be done (chatbot or other generative AI interface vulnerable to the usual suspects of AI inherent attack surface). Don't build the bad way, the right away is known and straightforward.
Broadly speaking, work for the sake of work is not valuable work. Show me outcomes for resources and time invested, and compare accordingly. Value is, again broadly speaking (there is always nuance), what you deliver. If you bring me an AI solution for a high risk high value customer journey, data flow, or code path, that is an anti pattern. If you, as a colleague or a stakeholder, put forth that we must use AI in situations that require a high degree of determinism (due to potential high cost failure modes), you will need to prove this extraordinary claim with evidence.
Choose Boring Technology - https://news.ycombinator.com/item?id=9291215 - March 2015 (212 comments) ["Am I using this project as an excuse to learn some new technology, or am I trying to solve a problem?"]
I get paid to manage risk efficiently, including being measured on time and budget spent against the success criteria, ymmv; my comp and budget is not dependent on how much AI I shove into security systems. "What am I optimizing for?"
Amazon scraps AI leaderboard to stop workers chasing usage scores - https://news.ycombinator.com/item?id=48315583 - May 2026 (19 comments)