▲ diimdeep 3 days ago | parent [-]

Here is 115 pages: https://storage.courtlistener.com/recap/gov.uscourts.cand.45...

from here: https://www.courtlistener.com/docket/71293063/baig-v-meta-pl...

    This further surprised Mr. Baig, as WhatsApp, which is known for its strong security brand externally, had such a small security team of just 6 engineers, and they were all only working on this tiny aspect of application security. All the other teams in WhatsApp were well staffed. The engineering team had about 1200 engineers. In addition, there were about 100 product managers, about 100 product designers, nearly 200 data scientists, etc. WhatsApp overall had about 3000 employees.

    “Are we going to be in the same situation as Mudge at Twitter?”

WhatsApp is way beyond just texting and calling, it is basically global infrastructure now, used daily by governments, NGOs, and billions. This is not a startup screw-up, it's a public utility gone seriously messed up. Heads need to roll. Stop playing god. Secure the platform or step aside.

	▲	tabbytown 2 days ago \| parent [-]
		> had such a small security team of just 6 engineers ≥ Company refused to allocate more than around 10 engineers to the Security team at any point If true, this tells the story here with security culture at WhatsApp. Assuming a backlog of known weaknesses (as any established code base will have), and the velocity that 100 PMs and 1200 SWEs implies, how would you do anything as a security team besides stick your fingers in the figurative holes in the dike? The ensuing conflict between Baig and his superiors about not fixing stuff is surely going to result in an assessment of "poor performance" but is likely just Baig giving a f** about user data.