[spriggan3]

You can build what you think is the most robust and secure system in the world, someone somewhere will figure out how to break it. I don't think it's fair to insinuate that the people who wrote the code were "incompetent", especially given the size of Facebook's codebase. And given their audience they'll be more exposed to hackers than whatever thing you'r working on that isn't Facebook and doesn't have the same audience.

[Noseshine]

Exactly. When I write my code I am aware of a high number of things that could go wrong, and that I deliberately don't check. If it goes wrong I'll let it crash, or I make the deliberate decision too see if that condition ever actually happens in the real world. I'm not talking about security! It can be things like only checking if function parameters are what I expect them to be for some functions where I think it's important, or being aware that if some functions are called with other timings than I expect something could happen. The problem is I'm not writing the final app, I'm writing some sort of library (sort of), so I have no control over how it is going to be called in the end. I'll just add it to the documentation but I make few attempts at catching all or even a lot of such errors.

If I would blow up my code at least tenfold if I tried to take care of all the possible conditions - creating a lot more of them in the process. Writing code feels amazingly fragile to me, and yet it works well. Note that that code has had several reviews from other developers, so I'm not talking about really bad code.

After having delved deep into medical topics out of curiosity - hundreds of hours of anatomy, physiology, neuroscience, bio-chemistry, lots of statistics, I'm even less concerned. The ways things go wrong in a biological system are orders of magnitude more numerous, and the approach of nature is "fix it when it happens" (or start by creating a new instance).

I think the more complex our own human-made systems become we'll have to use more and more of the nature method. We are already doing it everywhere, electronics or software.

I see two competing forces:

a) The human attempt to make systems more "provable", for example by formalization/"mathematization",

b) Nature showing us that complex systems can only be done with a relaxed and laissez-faire attitude ("shit happens") after putting in a reasonable effort.

The balance shifts towards b) for systems in rapidly changing environments, and to a) for systems in static conditions.

So discussions about the subject should never be just about the system (piece of software) itself, it must include the environment it is to operate in.

[nickpsecurity]

I'm going to assume that on top of the complexity of programming itself. The reason is that I previously read that Facebook lets new hires work directly on the live site. They tend to just push code out there. They also do it in tools like PHP where it's harder to automate QA since no language-level annotations that make that easier. The combination of tooling that makes problems easy plus nothing stopping inexperienced people getting bad code out there means Facebook has higher-than-average risk of problems happening.

Good news is that their people are smart. Makes up for it a bit. Inexperience will still bite them, though.

[Blaine0002]

You'd be surprised. handling over a million dollars in visible, actual transactions daily makes you prime target for hackers looking to exploit these kind of race conditions.

Don't be ignorant.