undefined | Better HN

0 pointsresonious4y ago0 comments

I remember Facebook used to let any dev access the whole production DB as an effort to "remove red tape" and allow quick solutions to problems. That lack of red tape resulted in multiple stories of employees using that privilege to stalk people in real life.

0 comments

1 comments · 1 top-level

evgen4y ago

This is why most of the FB security infrastructure is actually inward-facing. The actual infra is so complex that it would take an outsider quite a while to figure out how to get the data they might want. For an insider is it much easier to get improper access to data that you want or that someone might pay you for (real name or ip addr of a dissident, who your ex-girlfriend is now sleeping with, advising ad scammers on how to avoid detection, celebrity chats and private pics, etc.) The initial problems back in the day were the employee stalkers, but as the platform became more important the threat model changed to nation states compromising insiders. The red tape is not completely back, but as of five or so years ago there was a lot more monitoring of data access patterns and zero-trust gates on certain bits of data. OTOH, it meant that privacy and actual app security ended up falling into shit (a devsecops model where the head of privacy and security was someone completely unqualified for the role but ready to do whatever Zuck et al asked) but you win some and you lose some...

j / k navigate · click thread line to collapse