Meta Tech Podcast – Détails, épisodes et analyse

Bento is Meta’s internal distribution of Jupyter Notebooks, an open-source web-based computing platform. Host Pascal is joined by Steve who worked with his team on building many features on top of Jupyter, including scheduled notebooks, sharing with colleagues and running notebooks without a remote server component by leveraging Webassembly in the browser.

Got feedback? Send it to us on Threads (https://threads.net/@metatechpod), Twitter (https://twitter.com/metatechpod), Instagram (https://instagram.com/metatechpod) and don’t forget to follow our host @passy (https://twitter.com/passy, https://mastodon.social/@passy, and https://threads.net/@passy_). Fancy working with us? Check out https://www.metacareers.com/.

Links

• Scheduling Jupyter Notebooks at Meta: https://engineering.fb.com/2023/08/29/security/scheduling-jupyter-notebooks-meta/

• Serverless Jupyter Notebooks at Meta: https://engineering.fb.com/2024/06/10/data-infrastructure/serverless-jupyter-notebooks-bento-meta/

• Jupyter Notebooks: https://jupyter.org/ 

Timestamps

• Intro 0:06

• Who is Steve? 1:49

• What are Jupyter and Bento? 2:48

• Who is Bento for? 3:40

• Internal-only Bento features 4:42

• Scheduled notebooks 11:39

• Integrating with existing batch jobs 17:10

• The case for serverless notebooks 20:59

• Enter wasm 24:29

• Upgrade paths from serverless to server 26:29

• Bringing more Python libraries to the browser 30:21

• Adding magick(s) 31:52

• DataFrame magic and AI 36:41

• What's next? 38:29

• Outro 43:17

We don’t know when but at some point in the future we will face what researchers call a "Quantum Apocalypse". This is when quantum computers will be able to break many of our existing encryption algorithms. To keep Meta’a users safe even from attacks that don’t even exist today, Sheran and Rafael are working on post-quantum-ready encryption. Tune in to learn about the various challenges and trade offs that this work brings with it.  

Got feedback? Send it to us on Threads (https://threads.net/@metatechpod), Twitter (https://twitter.com/metatechpod), Instagram (https://instagram.com/metatechpod) and don’t forget to follow our host @passy (https://twitter.com/passy, https://mastodon.social/@passy, and https://threads.net/@passy_). Fancy working with us? Check out https://www.metacareers.com/.

Links

• Post-quantum readiness for TLS at Meta: https://engineering.fb.com/2024/05/22/security/post-quantum-readiness-tls-pqr-meta/ 

• Fizz TLS implementation: https://github.com/facebookincubator/fizz 

• liboqs: https://github.com/open-quantum-safe/liboqs 

• NIST Post-Quantum Cryptography Submissions: https://csrc.nist.gov/Projects/post-quantum-cryptography/post-quantum-cryptography-standardization/round-3-submissions 

Timestamps

• Intro 0:06

• Meta Open Source 101 1:10

• Intros 1:49

• Sheran Intro 2:31

• Rafael Intro 3:37

• Then Quantum Apocalypse 5:24

• Why symmetric and asymmetric algos behave differently 8:10

• Why invest in tomorrow's problems? 9:21

• First deployment target 14:17

• Choosing an algorithm 18:06

• Choosing the right parameters 19:51

• Performance costs and wins 21:28

• Stack 23:33

• Challenges 25:26

• What's next for PQC? 30:38

• Working with NIST 32:59

• Outro 34:30

• Outtakes 35:43

Python at Meta is huge. Not only does it famously power Instagram's backend, but it underpins our configuration systems, much of our AI work and many services. Amethyst joins Pascal for this episode of the Meta Tech Podcast to talk about how the Python Foundation Team works to improve the developer experience of everyone working with Python at Meta and Fixit 2, the freshly open-sourced linter framework built on top of libcst.

Got feedback? Send it to us on Threads (https://threads.net/@metatechpod), Twitter (https://twitter.com/metatechpod), Instagram (https://instagram.com/metatechpod) and don’t forget to follow our host @passy (https://twitter.com/passy, https://mastodon.social/@passy, and https://threads.net/@passy_). Fancy working with us? Check out https://www.metacareers.com/.

Links

• Fixit 2 announcement post: https://engineering.fb.com/2023/08/07/developer-tools/fixit-2-linter-meta/

• Fixit: https://fixit.readthedocs.io

• µfmt: https://ufmt.omnilib.dev

• µsort: https://usort.readthedocs.io

• LibCST: https://libcst.readthedocs.io

• 5 Things You Didn’t Know About Buck2: https://engineering.fb.com/2023/10/23/developer-tools/5-things-you-didnt-know-about-buck2/

• Scheduling Jupyter Notebooks at Meta: https://engineering.fb.com/2023/08/29/security/scheduling-jupyter-notebooks-meta/

Timestamps

• Intro 0:06

• Intro Amethyst 1:57

• Production vs Software Engineering 3:41

• PE for language teams 5:40

• Python at Meta 6:58

• Python3 migration 10:15

• Projects on the Python Foundation Team 16:30

• libcst and codemods 21:55

• What Python looks like at Meta 25:53

• Meta's involvement in the Python community 30:30

• The importance of lints at Meta 35:13

• Why another linter? 39:11

• Favourite lint 46:26

• Outro 48:17

• Bloopers 48:54

Threads went from idea to 100M users in just about five months. This would not have been possible without building on top of Meta's existing systems and infrastructure. Join Pascal as he speaks with Joy, Cameron and Richard, three engineers from the Threads team who worked on backend, iOS and Android, respectively to learn about the challenges they faced along the way.

Got feedback? Send it to us on Threads (https://threads.net/@metatechpod), Twitter (https://twitter.com/metatechpod), Instagram (https://instagram.com/metatechpod) and don’t forget to follow our host @passy (https://twitter.com/passy, https://mastodon.social/@passy, and https://threads.net/@passy_). Fancy working with us? Check out https://www.metacareers.com/.

Links

• Threads: https://threads.net

• Threads: The inside story of Meta’s newest social app - https://engineering.fb.com/2023/09/07/culture/threads-inside-story-metas-newest-social-app/

• Litho: https://fblitho.com/

Timestamps

• Intro 0:00

• Introductions 0:56

• Intro: Cameron 1:42

• Intro: Joy 2:06

• Intro: Richard 2:30

• Early Days at Threads 3:03

• Specialisations 6:52

• Why built on top of IG? 7:18

• iOS and Android approaches 10:17

• UI Frameworks 12:00

• Code sharing on server 15:36

• What broke? 20:04

• How has the team changed? 23:02

• Favourite moments 25:30

• Outro 29:45

• Outtakes 31:03

For episode 55, Pascal speaks with Katherine and returning guest Dustin, two software engineers at Meta about how to ship code at Meta. Why do we have a monorepo? Why and how do we do pre-commit code review? What does our CI infrastructure look like? Get the answers to these questions and many more in this episode of the Meta Tech Podcast.

Got feedback? Send it to us on Threads (https://threads.net/@metatechpod), Twitter (https://twitter.com/metatechpod), Instagram (https://instagram.com/metatechpod) and don’t forget to follow our host @passy (https://twitter.com/passy, https://mastodon.social/@passy, and https://threads.net/@passy_). Fancy working with us? Check out https://www.metacareers.com/.

Links

• The evolution of Facebook’s iOS app architecture - Engineering At Meta: https://engineering.fb.com/2023/02/06/ios/facebook-ios-app-architecture/ 

• Episode 47: Source control at Meta - https://pca.st/episode/429e9f38-6537-43e3-b929-fbeeda326ed5

Timestamps

• Intro 0:06

• Intro Katherine 1:55

• Dustin's Origin Story 4:38

• Topic Intro 6:28

• Why Monorepo(s) 7:18

• What Makes Monorepos Hard? 12:15

• Why do we Have so Many Files? 17:31

• Who Owns Stuff? 25:29

• Life of a Diff 28:58

• Writing Bots Writing Code Writing Bots 34:16

• Finding Reviewers 38:46

• Why Are Things Not Constantly on Fire? 41:43

• Outro 47:47

• Outtakes 48:46

In April, WhatsApp announced the launch of a new cryptographic security feature to automatically verify a secured connection based on key transparency. Key transparency helps strengthen the guarantee that end-to-end encryption provides to private, personal messaging applications in a transparent manner available to all.

Rolling out a feature like this to WhatsApp's user base is not a small feat and requires some clever engineering to scale to the billions of users relying on WhatsApp to stay in touch with friends, family and business.

Pascal is joined by Sean and Kevin to discuss what Key Transparency means in practice and the various challenges they encountered as they scaled it up to billions of users.

Got feedback? Send it to us on Threads (https://threads.net/@metatechpod), Twitter (https://twitter.com/metatechpod), Instagram (https://instagram.com/metatechpod) and don’t forget to follow our host @passy (https://twitter.com/passy, https://mastodon.social/@passy, and https://threads.net/@passy_). Fancy working with us? Check out https://www.metacareers.com/.

Links

• Infer: https://fbinfer.com/

• Infer on GitHub: https://github.com/facebook/infer

• MTP Episode 18 about Infer: https://pca.st/5U9V

• Deploying key transparency at WhatsApp - Engineering at Meta: https://engineering.fb.com/2023/04/13/security/whatsapp-key-transparency/

• GitHub - facebook/akd: An implementation of an auditable key directory: https://github.com/facebook/akd/ 

• Parakeet: Practical Key Transparency for End-to-End Encrypted Messaging: https://www.ndss-symposium.org/ndss-paper/parakeet-practical-key-transparency-for-end-to-end-encrypted-messaging/ 

• SEEMless: Secure End-to-End Encrypted Messaging with less trust: https://eprint.iacr.org/2018/607

• Coniks: Bringing Key Transparency to End Users: https://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/melara 

• IETF Working Group on Key Transparency: https://datatracker.ietf.org/wg/keytrans/about

Timestamps

• Intro 0:06

• News Update: Infer turns 10 1:34

• Interview Intro 4:27

• Intro Kevin 4:45

• Intro Sean 6:07

• WhatsApp's mission 6:47

• PETs 7:58

• E2E basics 8:59

• Key transparency 10:32

• Crypto community response 18:20

• End-user changes 19:57

• Technical challenges and zero-knowledge proofs 23:18

• AKD 28:27

• Internal deployment 32:02

• Outro 42:16

• Bloopers 43:05

Red Team X is a security team at Meta that is responsible for finding and exploiting vulnerabilities in third-party products that could impact Meta's own security. The team acts as a hybrid between a traditional red team, which focuses on probing their own organisation's systems and products for vulnerabilities, and an elite bug-hunting group.

The team was founded by Vlad I. in 2020 when the pandemic and the sudden shift to Work From Home challenged various previously-held assumptions about security.

In his discussion with Pascal, Vlad explains the roles of different security teams within Meta, how they go about prioritising the highest-impact targets to exploit and how they work with vendors to ensure not just Meta but the entire world benefits from the fixes produced.

Got feedback? Send it to us on Twitter (https://twitter.com/metatechpod), Instagram (https://instagram.com/metatechpod) and don’t forget to follow our host @passy (https://twitter.com/passy and https://mastodon.social/@passy). Fancy working with us? Check out https://www.metacareers.com/.

Links:

• The Diff episode about Velox: https://thediffpodcast.com/docs/episode-17

• Risky Business Podcast: https://risky.biz/

• RTX Blog: https://rtx.meta.security

• RTX Disclosures: https://rtx.meta.security/bugs

• RTX in WIRED: https://www.wired.com/story/facebook-red-team-x-vulnerabilities/

Timestamps:

• Intro 0:06

• Vlad Intro 1:55

• Red Teaming 2:43

• Staying up-to-date 6:34

• Different team colours 10:02

• Defence-in-depth 12:44

• Red Team X 15:57

• Hardware v Software 19:43

• Focus areas 21:29

• Prioritising requests 22:44

• Notable RTX Disclosures 26:05

• Vulnerability disclosure policy 28:52

• Getting into offensive security 38:48

• Outro 40:51

PyTorch is now one of the most popular machine learning frameworks out there but that was not a foregone conclusion when it was released in 2016. Our host Pascal is joined by Suraj, a developer advocate here at Meta, to dissect the history of PyTorch and look at the factors that contributed to its success. That includes understanding your target audience, maintaining backwards compatibility, fostering a helpful community and so much more.

 You don't need to be an expert in PyTorch to enjoy the discussion as Suraj explains all the basics.

Got feedback? Send it to us on Twitter (https://twitter.com/metatechpod), Instagram (https://instagram.com/metatechpod) and don’t forget to follow our host @passy (https://twitter.com/passy and https://mastodon.social/@passy). Fancy working with us? Check out https://www.metacareers.com/.

Links:

• Meta Open Source Blog: Creating Safe Spaces for Underrepresented Individuals in Open Source Communities - https://developers.facebook.com/blog/post/2023/05/31/creating-safe-spaces/ 

• PyTorch Developer Podcast - https://pytorch-dev-podcast.simplecast.com/

• PyTorch - https://pytorch.org/ 

• PyTorch on GitHub - https://github.com/pytorch/pytorch

• Announcing the PyTorch Foundation: A new era for the cutting-edge AI framework - https://ai.facebook.com/blog/pytorch-foundation/

Timestamps:

• • Intro 0:05

  • Suraj Intro 1:52

  • What is PyTorch? 4:39

  • History of PyTorch 5:33

  • Choosing a Target Audience 7:27

  • Python and Performance 11:20

  • Design Decisions 19:04

  • OSS Governance and Community 21:11

  • PyTorch 2.0 25:47

  • How to get started 28:32

  • Outro 30:14

  • Bloopers 32:16

For episode 51, Pascal speaks with Neil and Marie, two of the engineers behind Buck2, our open source, large scale build system. Thousands of developers at Meta are already using Buck2 and performing millions of builds per day that on average complete in half the time of Buck1 builds. Marie and Neil discuss the design choices that make Buck2 so much faster and the various challenges they faced in engineering and open sourcing the build system.

Got feedback? Send it to us on Twitter (https://twitter.com/metatechpod), Instagram (https://instagram.com/metatechpod) and don’t forget to follow our host @passy (https://twitter.com/passy and https://mastodon.social/@passy). Fancy working with us? Check out https://www.metacareers.com/.

Links

• Announcement blog post: https://engineering.fb.com/2023/04/06/open-source/buck2-open-source-large-scale-build-system/

• Buck2: https://buck2.build/

• Buck2 on GitHub: https://github.com/facebook/buck2

• Build Systems à la Carte - https://www.microsoft.com/en-us/research/uploads/prod/2018/03/build-systems.pdf 

• Lexical YouTube clip: https://www.youtube.com/watch?v=Vpv0BYhhlak

• Lexical for iOS: https://github.com/facebook/lexical-ios

Timestamps

• Intro 0:06

• Intro Marie 1:30

• Intro Neil 2:57

• Why a custom build tool? 4:21

• Rewriting Buck 6:49

• Buck2 vs Bazel 8:49

• Building language support 12:06

• Buck2 as a developer 13:15

• Upgrade from Buck1 to Buck2 15:05

• How is Buck2 faster? 16:31

• Rust and Profiling 18:44

• From Python to Starlark 25:54

• Open-Sourcing 28:18

• Outro 32:15

If you hear privacy and your first thought is laborious processes and access management, this interview may be just as mind-expanding for you as it was for our host Pascal. He is joined by Alex and Haozhi who talk about the Anonymous Credential Service (ACS), a highly available multitenant service that allows clients to authenticate in a de-identified manner. They discuss the cryptographic primitives powering the service and the various challenges they encountered scaling it to support Meta's products.

Got feedback? Send it to us on Twitter (https://twitter.com/metatechpod), Instagram (https://instagram.com/metatechpod) and don’t forget to follow our host @passy (https://twitter.com/passy and https://mastodon.social/@passy). Fancy working with us? Check out https://www.metacareers.com/.

Links

• How Meta enables de-identified authentication at scale - https://engineering.fb.com/2022/03/30/security/de-identified-authentication-at-scale/

• Open-sourcing Anonymous Credential Service - https://engineering.fb.com/2022/12/12/security/anonymous-credential-service-acs-open-source/

• ACS on GitHub - https://github.com/facebookresearch/acs

• ReactJS - The Documentary - https://www.youtube.com/watch?v=8pDqJVdNa44

Timestamps

• Intro 0:12

• Alex and Haozhi Intro 1:22

• Cryptography and Privacy 2:47

• Team Mission 3:35

• Data Minimisation 4:28

• PETs 5:13

• Why authenticate? 8:39

• ACS under the hood 10:06

• ACS Architecture 16:02

• Challenges 21:03

• ACS in Open Source 26:36

• Key-Derivation Functions 29:22

• How to get started 32:10

• Outro 33:47

• Bloopers 34:29