|
|
|
|
|
|
by sep_field
1933 days ago
|
|
|
Speaking as an ex-Facebook engineer it would be incredibly easy to get nefarious people employed there in an engineering role. Once inside, they have access to -all- user data; there is no actual access control (there are some basic access checks built into the Facebook application to keep you from accessing "private" data fields by accident, but all you have to do is edit that code and remove the access check and recompile Facebook on your laptop and you can access anything in the production database -- including peoples private Messenger chats). Facebook warn you when you are hired not to actually do this, because they have auditing systems to watch for it and you will be fired (supposedly) but for people employed by some other agency specifically for the purpose of getting high-value private data out of Facebook, being fired by Facebook for doing so is part of the expected outcome and no big deal. A well funded agency could easily keep getting people hired at Facebook to get whatever data they want, as often as they want. Facebook is constantly trying to keep their hiring pipelines full and despite the image Facebook likes to portray, it isn't "only the best talent" that gets a job there. There are some very smart, capable people at Facebook, but there are a ton of very mediocre engineers that lucked out in the hiring process, as well. It's really just a numbers game to get in. I'm sure much the same is true at Google/Twitter/etc. |
|
|