Simon Willison’s Weblog

Items tagged facebook in Aug

Filters: Month: Aug × facebook ×


Pysa: An open source static analysis tool to detect and prevent security issues in Python code (via) Interesting new static analysis tool for auditing Python for security vulnerabilities—things like SQL injection and os.execute() calls. Built by Facebook and tested extensively on Instagram, a multi-million line Django application. # 7th August 2020, 8:50 pm

Facebook Hacked By 4chan, Accounts Compromised. It wasn’t Facebook that got hacked: 4chan members got hold of a list of usernames and passwords from an insecure Christian dating site and started using them to raise complete hell. Yet another demonstration that storing your user’s passwords in the clear is extremely irresponsible, and also a handy reminder that regular users who “don’t have anything worth securing” actually have a great deal to lose if their password gets out. # 23rd August 2009, 10:02 am

When we get the tools to do distributed Twitter, etc., we get the tools to communicate in stanzas richer than those allowed by our decades-old email clients. Never mind Apple being anti-competitive, social networks are the peak of monopolistic behaviour today.

Blaine Cook # 13th August 2009, 1:06 pm

Facebook engineering notes on Scaling Out. Jason Sobel explains a couple of tricks Facebook use to deal with consistency between their California and Virginia data centres. The first is to hijack the MySQL replication stream to include information about memcached records to invalidate; the second is to use Layer 7 load balancers which inspect a “last modification time” cookie and send users to the masters in California if they have updated their profile in the past 20 seconds. # 20th August 2008, 11:51 pm

Facebook Security Advice: Never Ever Enter Your Passwords On Another Site, Unless We Ask You To. Nice to see TechCrunch highlighting the hypocrisy of Facebook advising their users to never enter their Facebook credentials on another site, then asking them for their webmail provider password so they can scrape their address book. # 9th August 2008, 10:18 am

simple-thrift-queue (via) Phillip Pearson’s surprisingly concise in-memory message queue written in Python using Facebook’s Thrift library (which is similar to Protocol Buffers, but was open sourced much earlier on). Handles 4,000 requests per second on a laptop. # 4th August 2008, 12:27 pm