For episode 55, Pascal speaks with Katherine and returning guest Dustin, two software engineers at Meta about how to ship code at Meta. Why do we have a monorepo? Why and how do we do pre-commit code review? What does our CI infrastructure look like? Get the answers to these questions and many more in this episode of the Meta Tech Podcast. Got feedback? Send it to us on Threads (https://threads.net/@metatechpod), Twitter (https://twitter.com/metatechpod), Instagram (https://instagram.com/metatechpod) and don’t forget to follow our host @passy (https://twitter.com/passy, https://mastodon.social/@passy, and https://threads.net/@passy_). Fancy working with us? Check out https://www.metacareers.com/. Links The evolution of Facebook’s iOS app architecture - Engineering At Meta: https://engineering.fb.com/2023/02/06/ios/facebook-ios-app-architecture/  Episode 47: Source control at Meta - https://pca.st/episode/429e9f38-6537-43e3-b929-fbeeda326ed5 Timestamps Intro 0:06 Intro Katherine 1:55 Dustin's Origin Story 4:38 Topic Intro 6:28 Why Monorepo(s) 7:18 What Makes Monorepos Hard? 12:15 Why do we Have so Many Files? 17:31 Who Owns Stuff? 25:29 Life of a Diff 28:58 Writing Bots Writing Code Writing Bots 34:16 Finding Reviewers 38:46 Why Are Things Not Constantly on Fire? 41:43 Outro 47:47 Outtakes 48:46

In April, WhatsApp announced the launch of a new cryptographic security feature to automatically verify a secured connection based on key transparency. Key transparency helps strengthen the guarantee that end-to-end encryption provides to private, personal messaging applications in a transparent manner available to all. Rolling out a feature like this to WhatsApp's user base is not a small feat and requires some clever engineering to scale to the billions of users relying on WhatsApp to stay in touch with friends, family and business. Pascal is joined by Sean and Kevin to discuss what Key Transparency means in practice and the various challenges they encountered as they scaled it up to billions of users. Got feedback? Send it to us on Threads (https://threads.net/@metatechpod), Twitter (https://twitter.com/metatechpod), Instagram (https://instagram.com/metatechpod) and don’t forget to follow our host @passy (https://twitter.com/passy, https://mastodon.social/@passy, and https://threads.net/@passy_). Fancy working with us? Check out https://www.metacareers.com/. Links Infer: https://fbinfer.com/ Infer on GitHub: https://github.com/facebook/infer MTP Episode 18 about Infer: https://pca.st/5U9V Deploying key transparency at WhatsApp - Engineering at Meta: https://engineering.fb.com/2023/04/13/security/whatsapp-key-transparency/ GitHub - facebook/akd: An implementation of an auditable key directory: https://github.com/facebook/akd/  Parakeet: Practical Key Transparency for End-to-End Encrypted Messaging: https://www.ndss-symposium.org/ndss-paper/parakeet-practical-key-transparency-for-end-to-end-encrypted-messaging/  SEEMless: Secure End-to-End Encrypted Messaging with less trust: https://eprint.iacr.org/2018/607 Coniks: Bringing Key Transparency to End Users: https://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/melara  IETF Working Group on Key Transparency: https://datatracker.ietf.org/wg/keytrans/about   Timestamps Intro 0:06 News Update: Infer turns 10 1:34 Interview Intro 4:27 Intro Kevin 4:45 Intro Sean 6:07 WhatsApp's mission 6:47 PETs 7:58 E2E basics 8:59 Key transparency 10:32 Crypto community response 18:20 End-user changes 19:57 Technical challenges and zero-knowledge proofs 23:18 AKD 28:27 Internal deployment 32:02 Outro 42:16 Bloopers 43:05

Red Team X is a security team at Meta that is responsible for finding and exploiting vulnerabilities in third-party products that could impact Meta's own security. The team acts as a hybrid between a traditional red team, which focuses on probing their own organisation's systems and products for vulnerabilities, and an elite bug-hunting group. The team was founded by Vlad I. in 2020 when the pandemic and the sudden shift to Work From Home challenged various previously-held assumptions about security. In his discussion with Pascal, Vlad explains the roles of different security teams within Meta, how they go about prioritising the highest-impact targets to exploit and how they work with vendors to ensure not just Meta but the entire world benefits from the fixes produced. Got feedback? Send it to us on Twitter (https://twitter.com/metatechpod), Instagram (https://instagram.com/metatechpod) and don’t forget to follow our host @passy (https://twitter.com/passy and https://mastodon.social/@passy). Fancy working with us? Check out https://www.metacareers.com/.   Links: The Diff episode about Velox: https://thediffpodcast.com/docs/episode-17 Risky Business Podcast: https://risky.biz/ RTX Blog: https://rtx.meta.security RTX Disclosures: https://rtx.meta.security/bugs RTX in WIRED: https://www.wired.com/story/facebook-red-team-x-vulnerabilities/   Timestamps: Intro 0:06 Vlad Intro 1:55 Red Teaming 2:43 Staying up-to-date 6:34 Different team colours 10:02 Defence-in-depth 12:44 Red Team X 15:57 Hardware v Software 19:43 Focus areas 21:29 Prioritising requests 22:44 Notable RTX Disclosures 26:05 Vulnerability disclosure policy 28:52 Getting into offensive security 38:48 Outro 40:51  

PyTorch is now one of the most popular machine learning frameworks out there but that was not a foregone conclusion when it was released in 2016. Our host Pascal is joined by Suraj, a developer advocate here at Meta, to dissect the history of PyTorch and look at the factors that contributed to its success. That includes understanding your target audience, maintaining backwards compatibility, fostering a helpful community and so much more.  You don't need to be an expert in PyTorch to enjoy the discussion as Suraj explains all the basics. Got feedback? Send it to us on Twitter (https://twitter.com/metatechpod), Instagram (https://instagram.com/metatechpod) and don’t forget to follow our host @passy (https://twitter.com/passy and https://mastodon.social/@passy). Fancy working with us? Check out https://www.metacareers.com/.   Links: Meta Open Source Blog: Creating Safe Spaces for Underrepresented Individuals in Open Source Communities - https://developers.facebook.com/blog/post/2023/05/31/creating-safe-spaces/  PyTorch Developer Podcast - https://pytorch-dev-podcast.simplecast.com/ PyTorch - https://pytorch.org/  PyTorch on GitHub - https://github.com/pytorch/pytorch Announcing the PyTorch Foundation: A new era for the cutting-edge AI framework - https://ai.facebook.com/blog/pytorch-foundation/   Timestamps: Intro 0:05 Suraj Intro 1:52 What is PyTorch? 4:39 History of PyTorch 5:33 Choosing a Target Audience 7:27 Python and Performance 11:20 Design Decisions 19:04 OSS Governance and Community 21:11 PyTorch 2.0 25:47 How to get started 28:32 Outro 30:14 Bloopers 32:16

For episode 51, Pascal speaks with Neil and Marie, two of the engineers behind Buck2, our open source, large scale build system. Thousands of developers at Meta are already using Buck2 and performing millions of builds per day that on average complete in half the time of Buck1 builds. Marie and Neil discuss the design choices that make Buck2 so much faster and the various challenges they faced in engineering and open sourcing the build system. Got feedback? Send it to us on Twitter (https://twitter.com/metatechpod), Instagram (https://instagram.com/metatechpod) and don’t forget to follow our host @passy (https://twitter.com/passy and https://mastodon.social/@passy). Fancy working with us? Check out https://www.metacareers.com/. Links Announcement blog post: https://engineering.fb.com/2023/04/06/open-source/buck2-open-source-large-scale-build-system/ Buck2: https://buck2.build/ Buck2 on GitHub: https://github.com/facebook/buck2 Build Systems à la Carte - https://www.microsoft.com/en-us/research/uploads/prod/2018/03/build-systems.pdf  Lexical YouTube clip: https://www.youtube.com/watch?v=Vpv0BYhhlak Lexical for iOS: https://github.com/facebook/lexical-ios Timestamps Intro 0:06 Intro Marie 1:30 Intro Neil 2:57 Why a custom build tool? 4:21 Rewriting Buck 6:49 Buck2 vs Bazel 8:49 Building language support 12:06 Buck2 as a developer 13:15 Upgrade from Buck1 to Buck2 15:05 How is Buck2 faster? 16:31 Rust and Profiling 18:44 From Python to Starlark 25:54 Open-Sourcing 28:18 Outro 32:15