Share this page!

Stephen Diehl Profile picture
Twitter logo
15 Jul, 7 tweets, 2 min read
I don't think it's widespread public knowledge how social media companies try and fail to protect against employees prying on users. But it's a lot more widespread than the public knows and it here's how it happens... 🧵
So basically social media companies have giant databases that store user accounts, messages, profiles and these are separate tables in the databases. Associated with each user is something called a primary key or unique user identifier.
Access to the databases for rank and file employees usually has some "safety pre-processor" where all queries (written in a language called SQL) are sent to it are scanned to determine if they are looking up a specific individual or doing bulk queries.
A bulk query would be like "all users in Argentina above the age of 30" to target ads for. A individual query would be "find all messages by Elizabeth with userid 1275068417".

The former are allowed, doing the later will get you fired.
However scanning SQL queries for malicious intent is a really hard problem, and clever developers can craft queries equivalent to something like:

"find all messages by Elizabeth with userid (76 << 21 << 3) + 1"

Using bitwise and math expressions in SQL to obscure the userid.
Or you can craft bulk queries that are so specific that they could only refer to one person in the database.

"find all messages by women born on September 7, 1955 who live on Northfield Blvd in Denver and are single"
It's an important to know about because we should not assume these companies are self-policing themselves or being transparent about employee abuse. There's a incentive for them to lie and cover it up when it happens, and users should have a right to know if and when it happens.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Stephen Diehl

Stephen Diehl Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @smdiehl

Stephen Diehl Profile picture
16 Jul
I've been hammering on this point for quite some time, but it's worth repeating in the simplest English possible that you could explain to a twelve year old.

Cryptocurrencies aren't currencies. They're investments, and pretty bad ones at that.
They may have started out with that idea to be magical internet money, but that idea failed.

Now most people they treat it like an investment. People want to get more dollars than they put in.
Unlike investing in shares in a real company which does something in the world, buying a crypto token doesn't do anything.

It's like a casino chip.
Read 10 tweets
Stephen Diehl Profile picture
15 Jul
Thinking a lot about the Jackson Palmer thread on my commute home. It's is a scathing and brilliantly written synopsis of one man's soul searching and conclusion of thinking through the consequences of actions.

Takes a lot of courage to do that in public.
There are probably tens of thousands of other people in exactly the same situation, they found themselves in too deep in what is very much a echo bubble that reinforces the normality of these scams and they just don't have anyone yet in their lives to convince them otherwise.
It takes a fair bit of research at the intersection of some very disparate fields to understand the core of why crypto is so harmful to society.

It's important to give people time and space to reach those conclusions. It's very much like cult or MLM deprogramming in some sense.
Read 6 tweets
Stephen Diehl Profile picture
11 Jul
If you're curious about the mechanism by which crypto exchanges act like Ponzi schemes, it's quite simple:

They take your real money and give you money on paper. You trade their paper money and put it in negative-sum lotteries run by their mates.

You think you're winning but..
... when you go to cash out your paper wins, your account is frozen, the wins evaporate, or you can never withdraw any real money.

In reality these exchanges have a massive liquidity problem where they comingle a very small pool of real money they have to prop up the illusion.
None of these token products the exchanges offer actually generate any real income because they're non-econmic, they just shift money around. The only way they continue to exist is they pay out early investors from later ones by recruiting more greater fools into the scheme.
Read 5 tweets
Stephen Diehl Profile picture
8 Jul
If I were to recommend four books to help deprogram friends and family who get sucked into crypto vortex it would be the following:
1. Attack of the 50 Foot Blockchain by David Gerard (@davidgerard) - A now classic book that humorously explains the history of and deconstructs the crypto phenomenon to show how stupid these ideas really are at their core.
2. Lying for Money by Dan Davies - A detailed dive into the various types of financial crime, their mechanisms, and what gives rise the motivations of criminals.
Read 5 tweets
Stephen Diehl Profile picture
3 Jul
People say I don't criticise regulated businesses enough, so let me talk about Robinhood is planning an IPO soon and which I think is an absolute menace to society.
This app is rewiring an entire generation's investing habits to engage in out-right gambling by pushing users into crazy risky products that 20 somethings have no rational business buying.
Encouraging intraday trading by pushing constant notifications at them about short-term price movements is a cash cow for them because they profit per transaction, but not in the interest of their users.

Frequency of trades is almost always inversely correlated with returns.
Read 7 tweets
Stephen Diehl Profile picture
1 Jul
Ok, trying out this Copilot beta now and it's doing some reasonably impressive things ... more thoughts forthcoming.
First impressions, it's quite clever for boilerplate and like CS 101 kind of exam question-like problems. Probably not that surprising considering it's cribbing from Stackoverflow.

Anything beyond that seems to produce hilariously wrong answers.
Some experiments on variants of FizzBuzz or simple arithmetic expressions on nth prime numbers seem to confuse it quite a bit.
Read 4 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get emails when @smdiehl has new unrolls!

Check out other threads from @smdiehl!

Read all threads by @smdiehl

:(