Meta Tech Podcast

In April, WhatsApp announced the launch of a new cryptographic security feature to automatically verify a secured connection based on key transparency. Key transparency helps strengthen the guarantee that end-to-end encryption provides to private, personal messaging applications in a transparent manner available to all. Rolling out a feature like this to WhatsApp's user base is not a small feat and requires some clever engineering to scale to the billions of users relying on WhatsApp to stay in touch with friends, family and business. Pascal is joined by Sean and Kevin to discuss what Key Transparency means in practice and the various challenges they encountered as they scaled it up to billions of users. Got feedback? Send it to us on Threads (https://threads.net/@metatechpod), Twitter (https://twitter.com/metatechpod), Instagram (https://instagram.com/metatechpod) and don’t forget to follow our host @passy (https://twitter.com/passy, https://mastodon.social/@passy, and https://threads.net/@passy_). Fancy working with us? Check out https://www.metacareers.com/. Links Infer: https://fbinfer.com/ Infer on GitHub: https://github.com/facebook/infer MTP Episode 18 about Infer: https://pca.st/5U9V Deploying key transparency at WhatsApp - Engineering at Meta: https://engineering.fb.com/2023/04/13/security/whatsapp-key-transparency/ GitHub - facebook/akd: An implementation of an auditable key directory: https://github.com/facebook/akd/  Parakeet: Practical Key Transparency for End-to-End Encrypted Messaging: https://www.ndss-symposium.org/ndss-paper/parakeet-practical-key-transparency-for-end-to-end-encrypted-messaging/  SEEMless: Secure End-to-End Encrypted Messaging with less trust: https://eprint.iacr.org/2018/607 Coniks: Bringing Key Transparency to End Users: https://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/melara  IETF Working Group on Key Transparency: https://datatracker.ietf.org/wg/keytrans/about   Timestamps Intro 0:06 News Update: Infer turns 10 1:34 Interview Intro 4:27 Intro Kevin 4:45 Intro Sean 6:07 WhatsApp's mission 6:47 PETs 7:58 E2E basics 8:59 Key transparency 10:32 Crypto community response 18:20 End-user changes 19:57 Technical challenges and zero-knowledge proofs 23:18 AKD 28:27 Internal deployment 32:02 Outro 42:16 Bloopers 43:05

Red Team X is a security team at Meta that is responsible for finding and exploiting vulnerabilities in third-party products that could impact Meta's own security. The team acts as a hybrid between a traditional red team, which focuses on probing their own organisation's systems and products for vulnerabilities, and an elite bug-hunting group. The team was founded by Vlad I. in 2020 when the pandemic and the sudden shift to Work From Home challenged various previously-held assumptions about security. In his discussion with Pascal, Vlad explains the roles of different security teams within Meta, how they go about prioritising the highest-impact targets to exploit and how they work with vendors to ensure not just Meta but the entire world benefits from the fixes produced. Got feedback? Send it to us on Twitter (https://twitter.com/metatechpod), Instagram (https://instagram.com/metatechpod) and don’t forget to follow our host @passy (https://twitter.com/passy and https://mastodon.social/@passy). Fancy working with us? Check out https://www.metacareers.com/.   Links: The Diff episode about Velox: https://thediffpodcast.com/docs/episode-17 Risky Business Podcast: https://risky.biz/ RTX Blog: https://rtx.meta.security RTX Disclosures: https://rtx.meta.security/bugs RTX in WIRED: https://www.wired.com/story/facebook-red-team-x-vulnerabilities/   Timestamps: Intro 0:06 Vlad Intro 1:55 Red Teaming 2:43 Staying up-to-date 6:34 Different team colours 10:02 Defence-in-depth 12:44 Red Team X 15:57 Hardware v Software 19:43 Focus areas 21:29 Prioritising requests 22:44 Notable RTX Disclosures 26:05 Vulnerability disclosure policy 28:52 Getting into offensive security 38:48 Outro 40:51  

PyTorch is now one of the most popular machine learning frameworks out there but that was not a foregone conclusion when it was released in 2016. Our host Pascal is joined by Suraj, a developer advocate here at Meta, to dissect the history of PyTorch and look at the factors that contributed to its success. That includes understanding your target audience, maintaining backwards compatibility, fostering a helpful community and so much more.  You don't need to be an expert in PyTorch to enjoy the discussion as Suraj explains all the basics. Got feedback? Send it to us on Twitter (https://twitter.com/metatechpod), Instagram (https://instagram.com/metatechpod) and don’t forget to follow our host @passy (https://twitter.com/passy and https://mastodon.social/@passy). Fancy working with us? Check out https://www.metacareers.com/.   Links: Meta Open Source Blog: Creating Safe Spaces for Underrepresented Individuals in Open Source Communities - https://developers.facebook.com/blog/post/2023/05/31/creating-safe-spaces/  PyTorch Developer Podcast - https://pytorch-dev-podcast.simplecast.com/ PyTorch - https://pytorch.org/  PyTorch on GitHub - https://github.com/pytorch/pytorch Announcing the PyTorch Foundation: A new era for the cutting-edge AI framework - https://ai.facebook.com/blog/pytorch-foundation/   Timestamps: Intro 0:05 Suraj Intro 1:52 What is PyTorch? 4:39 History of PyTorch 5:33 Choosing a Target Audience 7:27 Python and Performance 11:20 Design Decisions 19:04 OSS Governance and Community 21:11 PyTorch 2.0 25:47 How to get started 28:32 Outro 30:14 Bloopers 32:16

For episode 51, Pascal speaks with Neil and Marie, two of the engineers behind Buck2, our open source, large scale build system. Thousands of developers at Meta are already using Buck2 and performing millions of builds per day that on average complete in half the time of Buck1 builds. Marie and Neil discuss the design choices that make Buck2 so much faster and the various challenges they faced in engineering and open sourcing the build system. Got feedback? Send it to us on Twitter (https://twitter.com/metatechpod), Instagram (https://instagram.com/metatechpod) and don’t forget to follow our host @passy (https://twitter.com/passy and https://mastodon.social/@passy). Fancy working with us? Check out https://www.metacareers.com/. Links Announcement blog post: https://engineering.fb.com/2023/04/06/open-source/buck2-open-source-large-scale-build-system/ Buck2: https://buck2.build/ Buck2 on GitHub: https://github.com/facebook/buck2 Build Systems à la Carte - https://www.microsoft.com/en-us/research/uploads/prod/2018/03/build-systems.pdf  Lexical YouTube clip: https://www.youtube.com/watch?v=Vpv0BYhhlak Lexical for iOS: https://github.com/facebook/lexical-ios Timestamps Intro 0:06 Intro Marie 1:30 Intro Neil 2:57 Why a custom build tool? 4:21 Rewriting Buck 6:49 Buck2 vs Bazel 8:49 Building language support 12:06 Buck2 as a developer 13:15 Upgrade from Buck1 to Buck2 15:05 How is Buck2 faster? 16:31 Rust and Profiling 18:44 From Python to Starlark 25:54 Open-Sourcing 28:18 Outro 32:15  

If you hear privacy and your first thought is laborious processes and access management, this interview may be just as mind-expanding for you as it was for our host Pascal. He is joined by Alex and Haozhi who talk about the Anonymous Credential Service (ACS), a highly available multitenant service that allows clients to authenticate in a de-identified manner. They discuss the cryptographic primitives powering the service and the various challenges they encountered scaling it to support Meta's products. Got feedback? Send it to us on Twitter (https://twitter.com/metatechpod), Instagram (https://instagram.com/metatechpod) and don’t forget to follow our host @passy (https://twitter.com/passy and https://mastodon.social/@passy). Fancy working with us? Check out https://www.metacareers.com/. Links How Meta enables de-identified authentication at scale - https://engineering.fb.com/2022/03/30/security/de-identified-authentication-at-scale/ Open-sourcing Anonymous Credential Service - https://engineering.fb.com/2022/12/12/security/anonymous-credential-service-acs-open-source/ ACS on GitHub - https://github.com/facebookresearch/acs ReactJS - The Documentary - https://www.youtube.com/watch?v=8pDqJVdNa44 Timestamps Intro 0:12 Alex and Haozhi Intro 1:22 Cryptography and Privacy 2:47 Team Mission 3:35 Data Minimisation 4:28 PETs 5:13 Why authenticate? 8:39 ACS under the hood 10:06 ACS Architecture 16:02 Challenges 21:03 ACS in Open Source 26:36 Key-Derivation Functions 29:22 How to get started 32:10 Outro 33:47 Bloopers 34:29

Lisa works on the Dev Craft team at Instagram that embarked on a journey to bring Kotlin to the Instagram for Android code base a little over three years ago. Now, nearly half of the large codebase is migrated and over 80% of newly committed code is in Kotlin. Tune in to hear what the unique challenges of bringing a new language to an existing app are and what it means for build speed, IDE experiences and developer happiness. Got feedback? Send it to us on Twitter (https://twitter.com/metatechpod), Instagram (https://instagram.com/metatechpod) and don’t forget to follow our host @passy (https://twitter.com/passy and https://mastodon.social/@passy). Fancy working with us? Check out https://www.metacareers.com/. Links Meta Engineering Blog: How Meta brought AV1 to Reels - https://engineering.fb.com/2023/02/21/video-engineering/av1-codec-facebook-instagram-reels/  Source-only ABIs for Java - https://engineering.fb.com/2017/11/09/android/rethinking-android-app-compilation-with-buck/ Timestamps Intro 0:06 Intro Lisa 1:27 Dev Craft at Instagram 3:03 Building DevX Partnerships 3:56 The History of Kotlin at Instagram 6:22 Declarative UI 18:29 Build Speed Challenges 20:25 Source-Only ABIs 23:19 IDE Performance 26:19 Kotlin at IG in 2023 27:15 Outro 32:02 Bloopers 33:07

Ryan and his team found a quick way of reducing the compute resources spent on encoding videos for Instagram by 94%, but that was actually the easy part. Tune in to learn what the fix was and how you roll out changes that can affect the user experience of billions of users. Got feedback? Send it to us on Twitter (https://twitter.com/metatechpod), Instagram (https://instagram.com/metatechpod) and don’t forget to follow our host @passy (https://twitter.com/passy and https://mastodon.social/@passy). Fancy working with us? Check out https://www.metacareers.com/. Links: Reducing Instagram’s basic video compute time by 94 percent - Meta Engineering Blog: https://engineering.fb.com/2022/11/04/video-engineering/instagram-video-processing-encoding-reduction/  The Diff: https://thediffpodcast.com/ Unix Signals in Production - Dangers and Pitfalls: https://developers.facebook.com/blog/post/2022/09/27/signals-in-prod-dangers-and-pitfalls/ Introducing Velox: An open source unified execution engine - https://engineering.fb.com/2022/08/31/open-source/velox/ Timestamps: Intro 0:06 Intro Ryan 1:40 Transcoding Video at Instagram 2:52 Codecs and Tradeoffs 5:33 Client Support 7:13 Where did the compute go? 9:15 ABR 10:59 Progressive/Non-ABR Encodings 12:31 Saving Encoding Time 13:10 Testing the Changes 17:39 Results 26:43 Popularity Predictions 28:32 Outro 36:31

Confused by the syntax of git’s rebase command? Overwhelmed with branch management? Check out Meta’s new git-compatible source control management system Sapling. Durham and Michael, two of the architects behind the recent open-source release, join Pascal on the podcast to discuss their plans for the project, how it was possible to extract one small part of Meta’s large SCM codebase and what the differences between Sapling, git and Mercurial are. Got feedback? Send it to us on Twitter (https://twitter.com/metatechpod), Instagram (https://instagram.com/metatechpod) and don’t forget to follow our host @passy (https://twitter.com/passy and https://mastodon.social/@passy). Fancy working with us? Check out https://www.metacareers.com/. Links: Sapling: https://sapling-scm.com/ Review Stack: https://reviewstack.dev/ Timestamps: Intro 0:06 Durham and Michael Intro 1:18 What is Sapling? 2:56 git Compatibility 3:48 What's Available Today? 5:28 Sapling vs git 7:28 Branching Models 10:20 Stacks 13:09 Stacks and GitHub 17:28 Scaling Sapling 22:25 Extracting Sapling for Open Source 29:32 What's Next for Sapling 34:22 Outro 39:07 Bloopers 40:00

It’s the most wonderful time of the year: The time to talk about calling libraries that power most of our audio and video calls across Meta’s app. Alice, Ishan and Hani join Pascal to talk about how they replaced the different calling solutions with a library that’s extensible by the teams that choose to adopt it. But with great power comes great responsibility, so how does their team balance the desire for new features with the mandate to stay small, fast and reliable? Tune in for episode 46 to learn this and more! Got feedback? Send it to us on Twitter (https://twitter.com/metatechpod), Instagram (https://instagram.com/metatechpod) and don’t forget to follow our host @passy (https://twitter.com/passy and https://mastodon.social/passy). Fancy working with us? Check out https://www.metacareers.com/. Links: Rsys: A smaller, faster video calling library for our apps: https://engineering.fb.com/2020/12/21/video-engineering/rsys/ Flipper: https://fbflipper.com/ Horizon Workrooms: https://www.meta.com/de/en/work/workrooms/ Timestamps: Intro 0:06 Team Overview 1:34 RSYS History 4:42 Design Tradeoffs 6:10 Testing Infrastructure 8:09 Usage and Support Model 11:04 Core Architectural Components 12:58 Changing Engines Mid-Air 16:48 Measuring Quality 19:30 Building on top of RSYS 21:34 Collaboration Model 24:22 Feature Development 26:41 Experimentation 28:43 Metaverse Strategy 29:51 What's Next for RSYS 33:26 Outro 34:36 Bloopers 35:24

Back from a short hiatus, Pascal is joined by Jon to talk about the infrastructure that allows commit to sync between Meta's monorepo and GitHub. While ShipIt has been around for a while, allowing commits from the internal repository to sync out to GitHub, Diff Train is its younger brother to allow the inverse. This makes it possible for open-source-first projects like PyTorch to develop on GitHub and bring changes back into the monorepo without sacrificing security and reliability. Got feedback? Send it to us on Twitter (https://twitter.com/metatechpod), Instagram (https://instagram.com/metatechpod) and don’t forget to follow our host @passy (https://twitter.com/passy). Fancy working with us? Check out https://www.metacareers.com/. Links: https://github.com/facebook/pyre-check https://github.com/facebookincubator/cinder https://github.com/facebook/hhvm https://github.com/facebook/fbshipit Timestamps: Intro 0:06 Intro Jon 1:49 Open-sourcing an internal project 7:26 Open Source Team @ Meta 10:22 Third-party dependencies 12:07 ShipIt 13:48 Diff Train 29:01 Most excited about 41:07 The GIL 42:29 Outro 44:22