The Social Network
Facebook is every crypto-anarchist’s worst nightmare, and so it seems fitting to take a technical look at The Social Network and how students’ privacy was breached long before the rest of the globe followed suit.
Jesse Eisenberg plays Mark Zuckerberg, the Heisenberg of social media. The character is not presented as a hacker, but in a pivotal scene he “hacks” several Harvard websites and so I’ll mostly be reviewing that. I’ll also be referring to him exclusively by, what I assume, is his hacker handle: Zuck.
The background to the “hack” is that Zuck needs as many girls’ student photos as possible, in order to make a website which lets you rate how hot they are. You know, that sweet sweet intersection of misogyny and intellectual property theft.
Harvard’s campus dormitories are split into houses, each of which has its own website. Each website also has a “face book” on it, which is a directory of every student’s name and picture (so students can get to know each other). Zuck’s “hack” is really nothing more than scraping all the photos from the face books. He also gives a blow-by-blow account on his Livejournal, which apparently happened in real life, and the posts shown in the film are all real.
Zuck has two computers, a l33t h4x0r computer and this Sony Vaio (the laptop of choice for James Bond, and whoever else Sony gave money to). The laptop is running Linux, and the interface appears to be KDE 3, which fits for the time period. I won’t go into any more detail, as he doesn’t actually “hack” with the laptop, instead reserving it exclusively for emo poems.
I’m using “hack” in quotation marks because whether or not this even counts as hacking is contentious. In the hacking community, the term is reserved for breaking into servers via various nefarious means. What Zuck is doing is automating the task of downloading photos from sites he has legitimate access to. Legally, this still counts as unauthorized computer access, but it’s a bit like calling someone a bank robber for pocketing one of the pens.
The film makes a big deal of the fact he’s letting people rank women. This immediately struck me as odd, and I confirmed in real life it was both men and women. The reason it’s an odd detail is I know exactly how hard it would have been to automatically work out which photos were men vs women. Let’s say it guessed the gender using just their name. I have some code that’s pretty good at that, and it’s over 2000 lines long, complete with a weighted map of gender likelihood for several hundred common names. On the other hand, let’s say it guessed using just the pictures. Well, in 2003 that would be the sort of task that’d take a research team and five years.
Just before the “hacking”, Zuck explains the website he wants to build to rank women is similar to HotorNot.com, which was popular at the time. Coincidentally, I know some people who hacked (in the real sense) HotorNot as a joke back around the same time when it was run by two people (both of whom were lovely about it).
So to recap: Zuck’s drunk in front of two computers, he’s blogging on one, and about to download binders full of women on the other. He just needs to whip out a mechanical keyboard and then we’re cooking.
There are 12 Harvard Houses (11 Libel Lawsuits, 10 Wanky Winklevosses etc), but to spare the audience only seven are depicted. It’s the same job for each one: find and download everyone’s photos. This is a far cry from 2018, where everyone just gives him their photos off the bat and he pinky promises not to do anything weird with them. First up is Kirkland, Zuck’s own college house.
He starts by just searching for someone in the directory and then checking the url for the corresponding picture. Websites can be thought of as just files on someone else’s computer (this is less true these days, but is mostly true here). Zuck’s tracked down one file and noticed it’s in a folder called photos. By going to it that folder in his browser, all the files are listed. Rocket science.
But downloading each one manually is for losers, so he uses a command line program called wget to automate the job. Wget is a real tool and really is used to do this sort of thing; so full marks here.
Next up is Elliot House, which uses a similar idea. He does an empty search in the directory, which brings up everyone’s picture on the same page. Then he just has his browser download that page including all the images.
Now we’re on to Lowell House, which has a username and password. It’s semi-implied he does actually hack into this one but unfortunately, it’s shown off screen. Booo.
Adams House is the same setup as Elliot House, only it annoyingly only shows 20 people on each page, rather than one big page with everyone. So Zuck whips up a quick script to fetch them all (the script isn’t shown until later).
Quincy House doesn’t have a face book so can’t be hacked. And Dunster House seems to have set things up securely, so Zuck…gives up for now. You’d think this would lose points, but actually it gains them. Hacking is all about taking the low hanging fruit first and doubling back to the difficult stuff later. Why bother finding a flaw in a fortified website login, before you’ve double-checked if the admin password is qwerty?
Lastly, we get to Leverett House. And here they finally deliver what we’ve been waiting for: the script he’s been using.
First thing to note is he’s using the emacs text editor. This is a big deal to nerds. In all the land there are but two text editors the nerds respect: vi and emacs. The hardcore hackers are split into camps, depending which they use. They both date back to the 70s, and both camps are fiercely competitive to the extent it’s dubbed a “holy war” and has a dedicated wikipedia entry.
The code is written in a scripting language called Perl, and it’s real code which would work in real life, so it gets top marks. However, as a script, it’s got some style issues. In universities, computer scientists look down on physicists. That’s because physicists are also taught how to program, but not to the same degree and so their code is always considered amateurish and horrible. They have a reputation for merely bashing things together, with not much understanding, until it sort of works — which makes perfect sense if you’ve ever seen string theory.
The same applies with hacking. Hackers often throw together tools quickly, and with no regard to style and elegance, which is looked down upon by the Old Masters who use vi and have long grey beards.
For some esoteric hacker history, around 2006 there was a hacker zine called Perl Underground, which solely existed to critique the Perl code used in various hacker scripts. That’s right, hackers who would methodically go through hacking tools available on the web, and critique other hackers’ code like some sort of Grammar Nazi Dexter. Suffice to say, those guys would not have looked kindly on Zuck’s mess. Although, to be fair, spending your day snarkily criticising other hackers’ code is the sort of behaviour that causes even people who live in basements to think you should get out more.
So the script is crappy, but it’s also realistic. Zuck clearly wasn’t a master programmer at that age (he’s not now), and he wrote this quickly while drunk; so you wouldn’t expect it to be high quality. It’s enough that it works.
The film’s also cheated on how to work out if a picture is of a man or woman. Zuck’s script only works if every House’s face book just happens to have their photos split into “male” and “female” folders. This makes no sense, and there’s absolutely no way this happened in real life. It’s clear this was done solely to accomodate Aaron Sorkin’s flagrant abuse of artistic license.
To finish up, let’s quickly take a look at something not, strictly speaking, hacking. Immediately after Zuck finishes “hacking”, Eduardo comes in and Zuck asks him for his special “algorithm”, which he wants to use to make the hotness rating system. Eduardo writes his “algorithm” on a window (although it’s clearly a formula, not an algorithm).
Anyone who knows much about Chess scoring will recognise this as the Elo rating system, which is primarily used to calculate chess grades. Despite not being an algorithm, it’s actually a really good choice for HotOrNot style rating and is almost certainly what was used in real life.
Overall, the depiction in The Social Network is superb. All the tooling is real, and it’s clear they’ve put together a real setup with real code, which adds a level of authenticity that you almost never see.
Grade: A
