Oh it works both ways. It's the opposite of the Apache 2 grant for example (which is
extremely liberal, and I like it) but that's also
exactly what you'd expect from many large companies.
There's a reason that BSD/MIT is preferred by companies vs Apache 2 (which has been adopted, yes, but much less). It's because - just like here - it preserves all their patent rights.
So yes, you now have less protection but FB has just the same if not more.
Don't get me wrong: the patents grant wasn't a great solution but it solved specific problems and concerns on both sides that BSD by itself doesn't even try to address and alternatives (like Apache 2) only address half of.
