6 posts in this topic

Posted

Hacker Exposes Big Facebook Security Flaw -- By Posting On Mark Zuckerberg's Private Wall

 

A Palestinian hacker took matters into his own hands late last week when he discovered a Facebook bug and was rebuffed by the company's official engineers.

 

Khalil Shreateh, a computer programmer in the West Bank, discovered a flaw that allowed him to post on anyone's wall on the site, even if that user had strict privacy settings. Shreateh initially submitted his find to Facebook's "white-hat" program, a system that lets benevolent computer hackers tell Facebook about security flaws. Facebook pays a minimum of $500 for each bug, as long as the hacker doesn't disclose the loophole before the company has time to address it.

 

But when the engineering team didn't seem to think the problem was real, Shreateh decided to prove that the bug he found did indeed exist. So, he simply posted on the private wall of Facebook CEO Mark Zuckerberg.

 

As he tells it on his blog, Shreateh, who has limited proficiency in English, submitted details of the bug twice. He writes that he was told "I am sorry this is not a bug" by a Facebook engineer after the second notification.

 

That's when, for better or worse, Shreateh exploited the loophole to post a video on the Timeline of Sarah Goodin, one of Zuckerberg's college friends, and on Zuckerberg's page itself.

 

 

More & Video

Share this post


Link to post
Share on other sites

Posted

Good for him. He has now proved his point. End of argument.

Share this post


Link to post
Share on other sites

Posted

lol, this "hacker" just made my local news and apparently is being offered numerous jobs from security companies - although not a huge surprise.

Share this post


Link to post
Share on other sites

Posted

lol, this "hacker" just made my local news and apparently is being offered numerous jobs from security companies - although not a huge surprise.

and here I am trying to edit my resume... 

Share this post


Link to post
Share on other sites

Posted

exactly. Zuckerberg did make disparaging comments about facebook users, calling them an unsavory name.

 

Serves Zuckerberg right. a rich A-hole, but an A-hole none the less.

 

Got rid of my facebook about a while ago. :)

Share this post


Link to post
Share on other sites

Posted

The worst part of this is that he offered the exploit to the white hat rewards scheme that guarantees a minimum reward of $500 and they turned him down twice.

He used the exploit to show it was an exploit, and they are now refusing to pay him under the white hat exploit agreement on the basis that he breached terms of use in using it..

 

Hell, even if you want to suggest he should get the minimum reward for it, at least send him the reward :\

2 people like this

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0

  • Recently Browsing   0 members

    No registered users viewing this page.