"Move Fast, Break Trust?"

This week’s blog post is written by fellow PhD Candidate Nicholas Gorski, who came across yet another bug in Facebook’s privacy during the latest rollout. The post germinates from a discussion about how the motto “Move Fast, Break Stuff” sounds fun for an engineer, but is this attitude apt when it comes to your relationships with your friends and family? As an explicit clarification to the engineers at Facebook: This post is intended to incite thought about attitudes towards privacy models, and not make any claims about coding abilities or the inevitability of bugs. —arnab


Mark Zuckerberg’s motto for Facebook, now used as company differentiator in engineering recruiting pitches, is “move fast, break stuff.” As previously reported, Facebook certainly broke things in changes pushed out Tuesday evening: By previewing the effects of your privacy settings, you were briefly able to see your profile as if you were logged in to a friend’s account, which enabled you to view your friends’ live chats as they were taking place, as well as look at pending friend requests.

Tuesday’s changes apparently also broke another privacy setting, though. By now, everyone is aware that Facebook exposes privacy settings for personal information in your profile. This includes items such as your Bio, description, Interested In and Looking For, and Religious and Political Views. However, Tuesday’s changes appear to expose this information to everyone in your network regardless of your privacy settings and even whether or not they are your friend.

[click the pictures to enlarge]
Screen shot 2010-05-06 at 2.27.40 PM

Screen shot 2010-05-06 at 2.27.49 PM

Try it out for yourself. First, set the privacy settings for some of your personal information to exclude certain friends of yours that are in your network, and then preview your profile as them. If the privacy breach hasn’t been fixed yet, your friend will still be able to see your personal information even though they shouldn’t be able to according to your privacy settings. As we mentioned, this extends beyond your friends: anyone in your network may be able to view your personal information (it may even extend beyond your network).

Screen shot 2010-05-06 at 2.27.55 PM

Screen shot 2010-05-06 at 2.28.02 PM

(Note: the privacy leak may have since been fixed… although an awful lot of people now have public quotations on their profiles.)

Unfortunately, it’s unlikely that this bug is going to get the attention that it deserves. Facebook is exposing a privacy policy to its users, but is broken such that it ignores this policy. Upon rolling out Buzz, Google was lambasted in the press for defaulting to a public privacy policy for your contacts – if you opted in to creating a public profile. In this case, Facebook let you set an explicit privacy policy, but then exposed that information anyway.

How could this seemingly minor privacy leak hurt anyone, you might ask? The canonical example of the danger of Buzz’s public contacts was the case of the female blogger with an abusive ex-husband. No harm actually befell this security-conscious blogger, but it certainly could have. In the case of Facebook’s privacy breach, the information that was made public was only profile information relating to your biography, religion and romantic preferences. Given the masses of Facebook users, how many people’s sexual preferences could have been inadvertently outed? How many people could have had potentially embarrassing biography information exposed to their parents, people in their network, or potential employers? The privacy safeguards are there for a reason, after all.

One might be inclined to write it off as a mistake, potentially a bug in a PHP script written by a junior software engineer — something hard to believe, given the reported talent of their employees. But Facebook’s motto, and their current agenda, makes it clear that the privacy leaks that have come to light this week are more than that. They are a product of corporate indifference to privacy; indeed, Facebook’s corporate strategy for monetizing their site depends on making as much of your information public as they can. The EFF has repeatedly sounded alarms about the erosion of privacy on Facebook, but is it too late?

Much of the information that was once personal and guarded by privacy settings has now migrated to the public portion of the site, and has been standardized in order to facilitate companies using your personal information to tie in to their marketing and advertising campaigns. The books that you like, the music that you listen to, your favorite movies: all of these are valuable data that companies will pay Facebook for, in aggregate. It will allow them to target you more specifically. When you expose this information publicly, though, are you really aware of how it will be used – not just today, but tomorrow? Information will persist forever in Facebook’s databases, long after you delete it from your profile.

In the meantime, Facebook’s corporate attitude of playing fast and loose with your profile information makes it likely that future privacy leaks will occur — that is, if any of your profile information remains private for much longer.

Tapbots goes fulltime

The Tapbots duo are quitting their day jobs to work fulltime on their iPhone app company:

Longer term we aren’t looking to get any VC funding, grow to 100s of employees or get bought out by some big corporation. We may get help with support, testing and/or marketing, but development and design is going to just be us two for the foreseeable future. We think that’s the best way to keep the quality of our applications at the level that everyone expects. Our goal is to produce about 4 applications a year. We aren’t going to shovel out crap-ware to cash-in on our names. We aren’t going to write the next Office or Filemaker. We are going to write simple but incredibly polished applications that are created specifically for the iPhone/Touch devices. Two guys, lot’s of passion and a lot of hard work, that’s the Tapbots way.

Two guys, two popular iphone apps (“Weightbot sold 100k copies in its first 100 days, Convertbot is selling at about twice that rate.”), one mission to make quality apps. Good luck, guys!


Recursive Food

From Everything2:

A CS professor once explained recursion as follows

A child couldn’t sleep, so her mother told her a story about a little frog,
who couldn’t sleep, so the frog’s mother told her a story about a little bear,
who couldn’t sleep, so the bear’s mother told her a story about a little weasel…
who fell asleep.
…and the little bear fell asleep;
…and the little frog fell asleep;
…and the child fell asleep.

It goes on to explain fractals as:

A mathematical figure that is self-similar; that is, as you zoom into it, you will see the same pattern repeated over and over again.

I should point out to all my non-geeky readers that recursions and fractals are an important part of computer science culture. We used to sign up for programming competitions in high school / undergrad as Recursive Nightmare(where a guy has a dream in a dream in a dream in a dream… stack overflow, head explodes!), and I’ve seen text books where the index contains jokes like “Recursion……. see recursion”.

Obviously, such intriguing contexts have to be applied outside computer science, and what better place to try this out than the wonderful world of food? Here’s presenting the wild world of recursive food!

We first start with an extreme version of the Terducken. The Terducken is an extreme Thanksgiving dish, “consisting of a partially de-boned turkey stuffed with a de-boned duck, which itself is stuffed with a small de-boned chicken”. Anne Petch, of Heal Farm in Kings Nympton, UK took this a few steps further, making a mind-boggling twelve bird variant of this; “turkey on the outside, goose, chicken, pheasant, three ducks, poussin, guinea fowl, partridge, pigeon squab and quail.”

The next bite of awesomeness comes from the awesome folks at Evil Mad Scientist, who created Fractal cookies:

Our final bit of awesomeness is… The Fractal Pizza!:

The fractal pizza is made by first making a bunch of small, itty bitty sized pizzas. These are then used as the topping for a larger set of pizzas. These pizzas are then used as the topping for the final big pizza, the recursive monster pictured above.

So, what fractal food can you think up?

| |

appu ghar is closing down

India’s first amusement park, Appu Ghar is closing down. This is sad. I admit that many of the rides there were either broken or dated the last time I visited it, but it’s still a big part of my memories, just like every other Delhiite. The land will apparently be used to extend the Supreme Court and Metro Rail facilities. I don’t care for the court, but if the metro folks could just implement a loop) in their train tracks through the place, I would be very happy.


how many computers does google have?

One of the first things I did outside of work at Google was to find out how many computers the company has. It’s a fairly secret number; it’s not quite a topic that people in the Googz like to talk about.

It took me a week to piece together the answer; and a few months to come to terms with my discovery. It’s hard to talk to people outside of the big G about the kind of stuff they pull off there, and I’m not talking about making ball pits out of director’s offices.

I can finally talk about this, now that this information is explicitly public, published in an article by MapReduce Gods Jeff Dean and Sanjay Ghemawat (bloggy synopsis here). In the paper, they talk of 11,081 machine years of computation used in Sept 2007 alone, for a subset of their MapReduce work. That’s 132972 machine months of CPU used in one month. Assuming all the computers were running at 100% capacity, without failure, without any break for the entire month, that’s almost a hundred and fifty thousand machines worth of computing used in September Oh Seven.

In other words, Google has about one hundred and fifty thousand computers that are reported here.

But does that account for ALL the computers at Google?

To find out, go ask a Google employee to violate his NDA today!

for your information, this may not be the right number. it should be obvious why. for example, they never said anything about not using hamsters. hamsters are 10x faster than computers, which would mean they could just have 10,000 hamsters and it would be fine.

phdcomics at umich

Jorge Cham giving talk! Jorge Cham signing books!

PhdComics creator Jorge Cham was at school today giving a talk on every grad student’s favorite topic, procrastination. Got my books signed, and did the usual fanboying that is expected of me getting my picture taken with him! Really enjoyed the talk — it was almost like standup, although I did feel it was a little too simplistic for the audience. I know it’s hard to put a lot of serious content into a light hearted lecture, but it would have been nice to hear about related things such as structured procrastination and other such topics that usually haunt the “advice” section of eminent faculty’s homepages.

Some interesting things from the talk:

* Average annual stipend of a grad student in the U.S.: $14055. Average annual salary of a McDonalds employee in California: $14040. Which means we can afford an extra $15 CD once a year. Whee.

* It is not important that Isaac Newton was sitting under an apple tree when he discovered gravity. The important point is why was Mr. Newton sitting under an apple tree, slacking off, instead of working hard at his desk?

* A person in the audience shared an anecdote about how he ran an experiment five minutes before coming to the talk, and found out that he’s invalidated his advisors theories, etc. Jorge hears that and says, in a fearful voice: RUN!!”.

Tag Soup

Here's a List of all the tags(categories, labels, whatever you call them) used at


To inaugurate the day, a chat transcript:

Arnab: did you know that a boy here was eaten up waist down?

Victim 23: sending one-liner messages

Arnab: here at iit...

Victim 23: what?????????

Arnab: by a panther

Victim 23: when?????????

Victim 23: oh no

Arnab: evening

Arnab: ya

Arnab: so we're all on high alert and stuff

Victim 23: thats horribleeee

Victim 23: okayy

Victim 23: who was this boy?

Arnab: AF Baba,,,, Btech 3rd year Civil

Arnab: you know anyone in iit?

Victim 23: okay

| |

Happy Independence Day

55 years ago, on this day, a country was reborn. Like the Phoenix, it rose again, from the ashes of 300 years of British rule, with a dream. A dream that hundreds of thousands of Freedom Fighters gave up their lives for. A dream to make India the Golden Bird that it once used to be.

It's been more than half a century now.

We have a population of over one Billion. Out of the 10 lakh lepers in the entire world, 5 lakh are Indians.

Every year, lakhs of innocent people are killed in acts of Communalism and Terrorism. So many reports of cast injustices and inhumanity dot the newspapers that you'd think it was a trend. Illiteracy, Backwardness. And to top it all, Bureaucracy and Corruption - parasites that have managed to infest and take control of the so called "leaders of our country".

| |