115 items tagged “facebook”
2020
A manager on Strategic Response mused to myself that most of the world outside the West was effectively the Wild West with myself as the part-time dictator – he meant the statement as a compliment, but it illustrated the immense pressures upon me.
“I Have Blood on My Hands”: A Whistleblower Says Facebook Ignored Global Political Manipulation (via) Sophie Zhang worked as the data scientist for the Facebook Site Integrity fake engagement team. She gave up her severance package in order to speak out internally about what she saw there, and someone leaked her memo to BuzzFeed News. It’s a hell of a story: she saw bots and coordinated manual accounts used to influence politics in countries all around the world, and found herself constantly making moderation decisions that had lasting political impact. “With no oversight whatsoever, I was left in a situation where I was trusted with immense influence in my spare time". This sounds like a nightmare—imagine taking on responsibility for protecting democracy in so many different places.
Pysa: An open source static analysis tool to detect and prevent security issues in Python code (via) Interesting new static analysis tool for auditing Python for security vulnerabilities—things like SQL injection and os.execute() calls. Built by Facebook and tested extensively on Instagram, a multi-million line Django application.
Announcing Daylight Map Distribution. Mike Migurski announces a new distribution of OpenStreetMap: a 42GB dump of the version of the data used by Facebook, carefully moderated to minimize the chance of incorrect or maliciously offensive edits. Lots of constructive conversation in the comments about the best way for Facebook to make their moderation decisions more available to the OSM community.
2019
What is a Self-XSS scam? Facebook link to this page from a console.log message that they display the browser devtools console, specifically warning that “If someone told you to copy-paste something here to enable a Facebook feature or hack someone’s account, it is a scam and will give them access to your Facebook account.”
In January, Facebook distributes a policy update stating that moderators should take into account recent romantic upheaval when evaluating posts that express hatred toward a gender. “I hate all men” has always violated the policy. But “I just broke up with my boyfriend, and I hate all men” no longer does.
2018
XARs: An efficient system for self-contained executables (via) Really interesting new open source project from Facebook: a XAR is a new way of packaging up a Python executable complete with its dependencies and resources such that it can be distributed and executed elsewhere as a single file. It’s kind of like a Docker container without Docker—it uses the SquashFS compressed read-only filesystem. I can’t wait to try this out with Datasette.
Migrating Messenger storage to optimize performance (via) Fascinating case-study of a truly gargantuan migration. Messenger has over a billion users, and Facebook successfully migrated its backend storage from HBase to their MyRocks database (a fork of MySQL with a storage engine built on their SSD-optimized RocksDB key/value library) without any user-visible downtime. They ended up using two migration paths: one for the 99.9% of regular accounts, and a separate path for extremely high volume accounts (businesses with very active chat bots or support systems).
Pyre: Fast Type Checking for Python (via) Facebook’s alternative to mypy. “Pyre is designed to be highly parallel, optimizing for near-instant responses so that you get immediate feedback, even in a large codebase”. Like their Hack type checker for PHP, Pyre is implemented in OCaml.
Upgrades to Facebook’s link security (via) Facebook have started scanning links shared on the site for HSTS headers, which are used to indicate that an HTTP page is also available over HTTPS and are intended to be cached by browsers such that future HTTP access is automatically retrieved over HTTPS instead. Facebook will now obey those headers itself and link directly to the HTTPS version. What a great idea: all sites with sophisticated link sharing (where links are fetched to retrieve extracts and images for example) should do this as well.
The whole story is basically that Facebook gets so much traffic that they started convincing publishers to post things on Facebook. For a long time, that was fine. People posted things on Facebook, then you would click those links and go to their websites. But then, gradually, Facebook started exerting more and more control of what was being seen, to the point that they, not our website, essentially became the main publishers of everyone’s content. Today, there’s no reason to go to a comedy website that has a video if that video is just right on Facebook. And that would be fine if Facebook compensated those companies for the ad revenue that was generated from those videos, but because Facebook does not pay publishers, there quickly became no money in making high-quality content for the internet.
2017
Whatever weird thing you imagine might happen, something weirder probably did happen. Reporters tried to keep up, but it was too strange. As Max Read put it in New York Magazine, Facebook is “like a four-dimensional object, we catch slices of it when it passes through the three-dimensional world we recognize.” No one can quite wrap their heads around what this thing has become, or all the things this thing has become.
How do I receive automatic updates from a Facebook group by email?
Facebook’s API does provide a feed of recent posts to a group: https://developers.facebook.com/docs/graph-api/reference/v2.8/group/feed
[... 85 words]2014
What is the best way one can expand his or her professional network?
Go to events—local meetups, conferences, tradeshows... there’s no better way of expanding your professional network than to attend events and build in-person relationships with people.
[... 46 words]Calendars: When posting a facebook event page for an event that is repeated on two dates, should you use one page or two? (The events are games that are identical and should not have overlapping players)
I would use separate pages. The most valuable part of a Facebook event page is being able to see who is going to that event (and hence which of your friends will be there). If there are two events on two separate days you want to be able to maintain two separate lists of attendees.
[... 97 words]2013
Does Facebook fly you to London when you apply for this office or are the interviews done remotely?
If they are anything like Google (which I expect they are) they will do the initial interviews remotely and then fly promising candidates to the London office (or even to California) for in-person interviews.
[... 58 words]Why doesn’t xkcd site have social media share options?
My guess: he probably thinks they are a bit tacky.
[... 45 words]Is there any way to generate thumbnails of web links like Facebook generates when we paste a link in status or comment?
There are a bunch of services that can do this. I’ve successfully used http://url2png.com/ for this in the past.
[... 48 words]2012
Did Mark Zuckerberg have any knowledge on building scalable social networks prior to starting work on Facebook?
I’m going to bet he didn’t have this knowledge, simply because back when he launched Facebook in 2004 almost NO ONE had this knowledge—there simply weren’t enough “web scale” products around for the patterns needed to run them to be widely discussed.
[... 143 words]Why does Facebook Comments Box only support two levels of hierarchy?
I’ve heard in the past that regular (i.e. non-geek) users often have enormous trouble understanding hierarchical comments—they don’t understand tree based file systems either.
[... 65 words]If you missed out on joining to work at Google and Facebook, what should you do?
Remind yourself that there will always be more opportunities, and obsessing over what might have been is a huge waste of your time.
[... 45 words]Does Facebook’s iPhone app use a proprietary web rendering engine instead of UIWebView?
I did my first bit of iPhone development recently (building the first version of the Lanyrd iPhone app) and there was one thing that came as a huge surprise: the principle reason that people think native apps are “snappier” or “more responsive” than native ones has nothing to do with the rendering performance of a webview vs a native view (especially on the iPhone 4S which is extremely fast).
[... 274 words]2011
Why Facebook open-sourced its datacenters. Jon Stokes speculates that Facebook plan to use open source hardware to compete with Google at datacenter efficiency . This isn’t a new pattern. Years ago when I worked at Yahoo! I was furiously jealous of the secret sauce technologies that allowed Google to build big applications faster than anyone else, such as BigTable and map/reduce. Today, the open source world has created better, free alternatives—sponsored in part by Facebook, Yahoo! and other Google competitors.
The Inside Story of How Facebook Responded to Tunisian Hacks (via) “By January 5, it was clear that an entire country’s worth of passwords were in the process of being stolen right in the midst of the greatest political upheaval in two decades.”—which is why you shouldn’t serve your login form over HTTP even though it POSTs over HTTPS.
What are some good social media events that will take place in 2011 in Middle East and North Africa region?
User StartupDigestME on Lanyrd follows entrepreneurship events in the region which may also cover social media topics: http://lanyrd.com/people/startup...
[... 45 words]2010
Are there any well-known websites that use Facebook connect or Twitter OAuth as the only sign-in solution without its own sign-in password?
Our site http://lanyrd.com/ only accepts Twitter OAuth logins (at least for the moment).
[... 42 words]Why doesn’t Facebook use nicer URLs?
Just noticed this link: http://www.facebook.com/notes/fa...—so it looks like things are beginning to improve.
[... 28 words]Facebook’s Instant Personalization: An Analysis of Fundamental Privacy Flaws (via) Oh FFS. “Instant Personalization” means you visit one of Facebook’s “partner websites” and Facebook instantly tells them your full identity and gives them access to full Facebook connect functionality—without you performing any action other than visiting the site. This will not end well.
“Likejacking” Takes Off on Facebook. The Facebook Like button is vulnerable to Clickjacking, and is being widely exploited. Since Likes show up in your Facebook stream, it’s an easy attack to make viral. The button is implemented on third party sites as an iframe, which would seem to me to be exploitable by design (just make the iframe transparent in the parent document and trick the user in to clicking in the right place). I can’t think of any way they could support the embedded Like button without being vulnerable to clickjacking, since clickjacking prevention relies on not allowing your UI elements to be embedded in a hostile site while the Like button’s functionality depends on exactly that.
The Evolution of Privacy on Facebook. Brilliant infographic showing exactly how the visibility of different aspects of your Facebook profile has changed in increments since 2005. Also a nice example of Processing.js in action.