Is it the right time to dump Facebook? I feel like it’s completely useless platform. https://www.nbcnews.com/tech/tech-news/facebook-left-hundreds-millions-user-passwords-unencrypted-n985876 TC 200k, 3YOE
Have you heard of md5 hashing techniques?
At FB, perf is all about “impact”. Security is not exactly an impact compared to LOC, Diff count, Workplace posts/comments etc. so why waste time invoking an extra API for unnecessary hashing! Save the hashing and save infra cycles. Reference: ex-FB SWE. I was surprised when once I figured out that I could access API to download all users images (not any target user) for some side ML works. Security is joke at FB, compared to what I see at G.
The right time to dump Facebook was about a year ago.
Yup
Funny to see so many people with absolutely no insight into what happened here draw conclusions about a reporting that's not just misleading, but very innacurate. This has nothing to do with not wanting to hash things or other stupid assumptions some of the posters here made. These were surfaced on offline stores when very nested objects where being logged and not properly sanitized. This would also only happen in extremely isolated cases, so it's not like anyone could feasibly search for these. With that said, we found these fixed them and built infra to prevent this from ever happening again. We came clean with user notifications. I guarantee that in any sufficiently complex company, similar issues happen, however I doubt every company comes clean or even knows that they are storing this data.
Noone cares what you feel. If you have the balls build a better social media for the world
And this..... https://www.diyphotography.net/a-major-instagram-security-bug-leaked-users-passwords-as-plain-text/
Holy moly. Their engineers need to learn how to hash passwords.
And they happily add a feature to shop on IG