On Friday, we found out that Facebook had been hacked.  But not just any hack.  This stunning security breach put 50 million Facebook users’ accounts at risk.  In the words of Facebook executives, the attack was “sophisticated” and its reach was “broad”.  What does that mean?  Well, it was a great hack.  Great, if you’re the hacker, and not so great if you’re Facebook or one of the affected users.  What we don’t know is who was behind the breach or what they intended to do with the account data.  What’s come to light, however, is this idea that Facebook may never actually be secure.  CEO Mark Zuckerberg has indicated that they need to continue developing new tools to make sure that this doesn’t happen again.

But is that even a possibility?  Maybe not.  He’s on the right path with his sentiment – Facebook does need to prevent these kinds of breaches before they even happen.  But it’s not necessarily something that Facebook can proactively do.  I mean, how can you stomp out every potentially disastrous vulnerability before that it’s even discovered?

Let’s think about this for a few moments.  Facebook is not what it used to be.  There was once a time when Mark Zuckerberg could manage the platform from his dorm room.  For a couple of reasons.  To start, there weren’t billions of users.  But also, users weren’t being asked to provide all kinds of ridiculous information – like their location, or their contact information.  When I say “provide” I mean information that most users don’t even know that they’re giving to Facebook in the first place.

Further, it’s been reported that, as of five years ago, Facebook was made up of 62 million lines of code.  A codebase with that kind of complexity requires plenty of people to keep it in good working order. And that’s as of five years ago.  It’s become incredibly more sophisticated since then.  More moving parts means more things that could potentially go awry, but the service’s growing complexity means it’s highly unlikely the company will ever be able to completely secure its products.

Getting back to my original question – is it possible for Facebook to prevent any future hacks or disasters?  Again the answer is no.  It might be tempting to blame the fact that Facebook is without a Chief Security Officer right now.  Sure, that probably didn’t help, but that’s not going to stop another attack in the future. Facebook said earlier this year that it has begun to embed security engineers and analysts into product engineering groups to help address new threats.  But will that stop the attacks?  Again, no.  It might slow the bleed.  It might help things in general, but stop them completely?  I don’t think so.

When it comes to anything in life, can we say with 100% certainty that something will never happen again?  When it comes to personal choice, I think that it’s easier to make that statement.  But when things are out of our control, no matter how hard we try, can we stop anything from happening?  The answer is no, and to think otherwise is naive.  Yes, this will improve security at Facebook, but it certainly won’t prevent all attacks from ever happening again. And if Zuckerberg thinks so – he’s dreaming.

One thought on “Can Facebook Protect Themselves Against Future Hacks?”

Comments are closed.