“Marauder’s Map” Extension-Maker Fired From Facebook Internship

It's a good idea not to piss off your future employer before you start your new job. One Facebook intern learned this the hard way. Harvard student Aran Khanna created a Chrome extension that revealed the privacy implications of Facebook Messenger in May, shortly before he was set to start an internship with the company. Dubbed the "Marauder's Map" for its uncanny likeness to the magical, mischief-enabling map in the Harry Potter series, the extension used data from Facebook Messenger to pull a user's friends' locations and plot them on a map. Not only could you see that someone was chatting from a dorm room late at night, for example — you could see exactly which dorm that person was in, and the approximate location of the room itself.

Khanna wrote in his original blog post that by studying the map, you could eventually learn someone's weekly routine. Totally creepy. He says he created the plug-in not to be malicious, but to reveal to and remind the public how their data can be used and shared. Facebook quickly caught wind of the extension and asked Khanna to disable it, which he did. Around the same time, Facebook disabled location-sharing from desktops and also updated its Messenger app, giving users greater control over their location sharing. (Facebook spokesman Matt Steinfield told Boston.com that the company had been working on a fix for this for months.) Mere hours before Khanna was set to head west for his internship, Facebook notified him that the offer had been rescinded: He had violated Facebook's user terms in scraping data for the plug-in and leaving the code up. Thus, he didn't meet the company's ethical standards. Khanna ended up getting an internship with another Bay Area start-up; after all, one company's ethical violation is another company's successful hack. In all honesty, Facebook does have a point. There's a difference between revealing a flaw in a company's product — even publicly — and making it possible for others to take advantage of that flaw. By making the code available to others, Khanna could have put Facebook Messenger users in unsafe, stalker-type situations. Situations even less safe than, say, sneaking past Professor Snape into the prefects' bathroom in an attempt to practice for the Triwizard Tournament.