Facebook now
The only ‘never event’ at Facebook was the site being down. Allow “malicious actors” to create a psychographic profile of “most people on facebook”? Fine, just keep the site up while they do it…
As a result of that misstep, facebook will end up having to reissue the profile IDs of every user, and page, across their entire platform.
There is a database floating around, created due to Facebook’s failure, of “most people on facebook” containing all the information in their public profile, including the unique identifiers facebook gave them, and any other public information from their profile.
As the mobile search API has now been turned off, half the national security types will be wondering why they didn’t scrape it themselves; the other half will be concerned about the consequences of someone else having a copy. The utility of that database must be minimised by as much of it as possible being invalidated as fast as possible. This is within facebook’s ability to deliver.
Facebook previously believed that was an acceptable price to pay for using facebook – now everyone knows what the price is, the question is whether the bill will be paid by facebook with an engineering solution, or whether they’ll leave the burden on every single one of their users indefinitely.
For those wondering if this will kill facebook, not yet…
Somewhere in a twitter meeting room, a bunch of twitter execs are thinking “thank god it wasn’t us”, and mistakes like this are why national scale ID systems are known to be hard.