#Rumpus: You’ve previously mentioned a master password, which you no longer use.
Employee: I’m not sure when exactly it was deprecated, but we did have a master password at one point where you could type in any user’s user ID, and then the password. I’m not going to give you the exact password, but with upper and lower case, symbols, numbers, all of the above, it spelled out ‘Chuck Norris,’ more or less. It was pretty fantastic.
Rumpus: This was accessible by any Facebook employee?
Employee: Technically, yes. But it was pretty much limited to the original engineers, who were basically the only people who knew about it. It wasn’t as if random people in Human Resources were using this password to log into profiles. It was made and designed for engineering reasons. But it was there, and any employee could find it if they knew where to look."
Rumpus: Do you think Facebook employees ever abused the privilege of having universal access?
Employee: I know it has happened in the past, because at least two people have been fired for it that I know of."
Rumpus: Would you suppose that Facebook employees might read people’s messages?
Employee: See, the thing is — and I don’t know how much you know about it — it’s all stored in a database on the backend. Literally everything. Your messages are stored in a database, whether deleted or not. So we can just query the database, and easily look at it without every logging into your account. That’s what most people don’t understand.
Rumpus: So the master password is basically irrelevant.
Employee: Yeah.
Rumpus: It’s just for style.
Employee: Right. But it’s no longer in use. Like I alluded to, we’ve cracked down on this lately, but it has been replaced by a pretty cool tool. If I visited your profile, for example, on our closed network, there’s a ‘switch login’ button. I literally just click it, explain why I’m logging in as you, click ‘OK,’ and I’m you. You can do it as long as you have an explanation, because you’d better be able to back it up. For example, if you’re investigating a compromised account, you have to actually be able to log into that account.
Rumpus: So in what other ways do you track behavior, that isn’t necessarily obvious to users?
Employee: We track everything. Every photo you view, every person you’re tagged with, every wall-post you make, and so forth.
Rumpus: So where do these geeks come from?
Employee: I would say at least 70% of Facebook engineers are from Harvard and Stanford
