To say that Facebook uses PHP and MySQL is to leave out the truth, honestly. They are a part of the stack, yes, but they aren't what makes the application scale to billions of requests. It would be like saying the local coffee shops website using Wordpress with a MySQL backend is using the same tech as Facebook. It's laughable.
To say that PHP/MySQL is just a "part of Facebook's stack" is laughable.
They are the core components of Facebook. Normal people understand that the characteristics of Facebook's architecture is unique to just Facebook. They can get away with sharding/colocating data that nobody else can. The rest of us have a tonne of integrated data that requires complex joins (whether at the application or database layer).
They are edge components of Facebook. Just from a brief interaction with FB recruiters, I learned they use a lot of Vertica in their back-office. Please don't propose that they are using MySQL for their main business when it's only powering app nodes which are just POPs fed by their real (internal) services. Approximately speaking.
Look at sites with salary stats like indeed.com and payscale.com
If I were you I would ask for a rise. My company also does Windows drivers and these skills are scarce. Obviously there is more work on Node.js than developing Windows drivers but the scarcity factor gives you an advantage.
Unfortunately they did. You can see the request for review here, and the actual review here. I know the guy who actually did it (Righetti), he sent an email to the department a few days ago. The quality of that review was absolutely terrible.
I know the professor who did the review. He sent a mail explaining what actually happened, as opposed to what is shown by the mayor's website. The actual report will not be finished until August, so whatever you are seeing is not the complete report. What you are seeing is a preliminary result concerning a specific part of the system.
Unfortunately, even after the actual report si finished, the university will not have permission to make it public. So we may never see the real results.
The report is signed by him, so it's safe to say that report is an accurate recollection of what happened according to him.
Having a report on the security of a system be issued months _after_ it is used is completely stupid. This is not simply his fault, it's the entire arrangement which is stupid.
The report shows that Righetti had access to the source code. Unless you are trying to say that he did not have access to the files in which _actual_ security vulnerabilities were found, or that the source code he was given was _different_ from the source code which was leaked, which contained egregious vulnerabilities.
Keep in mind he pockets hundreds of thousands of dollars in this arrangement. That's the part that adds insult to injury. Further, he does not teach information security or anything similar at university (he teaches networking), when there _are_ people teaching such things at UBA (FCEyN), who would have been better suited for the task.