Aran Khanna, a rising senior studying computer science at Harvard, decided to get an early start on his summer internship at Facebook.
He never thought he'd be punished for it, though. The "crime?" Publishing an academic journal article on a flaw in Facebook Messenger application. Khanna noticed that whenever someone sent a message through the app, their exact location was sent along with the message, regardless of whether or not they were friends with the person they were messaging. To highlight this flaw and see how the public (and Facebook) would react, Khanna made a Chrome extension called the "Marauder's Map," which allowed people to see the exact location of the people messaging them, give or take three feet. The extension was downloaded over 85,000 times, and after Khanna spoke about it in a blog post on Medium, it was written about by over 170 global news publications. Then Facebook got involved. According to Khanna:
The afternoon of the 27th, one day after the Medium blog post's publication, Facebook contacted me. My future manager phoned and asked me not to speak to any press; however, I was told that I could keep my blog post up. [...]
By midday of the 28th, the global communications lead for privacy and public policy at Facebook requested by email that I disable the extension. I complied within the hour [...]
On the morning of the 29th, three days after my initial posts, media reported that my Chrome extension was turned off and no longer viable. Additionally, Facebook had tweaked its code to remove location data from browsers. [...]
On the afternoon of the 29th, three days after my initial posts, Facebook phoned me to inform me that it was rescinding the offer of a summer internship, citing as a reason that the extension violated the Facebook user agreement by "scraping" the site. [...]
On June 4, nine days after my original posts, Facebook officially announced a Messenger update with a new feature requiring users to opt into sharing their location during chats. Sharing would no longer be the default. [...]
Khanna wanted to test Facebook's "reputation for encouraging outside-the-box 'hacking,'" and Facebook failed the test miserably. It appears they only want people thinking outside the box when it doesn't cause any trouble. Or at least, only thinking outside the box from within the safety of the box of Facebook's campus. So what if Khanna violated the terms of the user agreement? He did so to make their product better, and they've already benefited from his discovery of this flaw, but punishing him for doing it. Silicon Valley likes to pretend that it's forward thinking and unconventional, but this just highlights one of the many ways that as a whole, it's actually pretty conservative. Companies like Facebook like to mythologize their rag-tag, dorm room beginnings, but now that they're big corporations, they use this veneer to hide their more sinister, big corporation tendencies. That's why we all need to delete our Facebooks and communicate solely through Neopets. Take that, NSA!