This talk is about establishing trust among Facebook’s employees and systems.
I will introduce some of the problems that my team is working on:
- Identity – how do I know that you are who you say you are?
- Integrity – how do I know this is what I think it is?
- Key exfiltration – should this device be authorised?
While attack scenarios around these problems may be distinct, defending against them requires a layered security approach.