Unemployed Palestinian Man Hacks Mark Zuckerberg’s Facebook Account To Report Bug


dfd

An unemployed Palestinian developer named Khalil Shreateh tried several times to report a bug to Facebook’s security team. When no one got back to him, he took the (dubiously) logical next step: exploited the bug to leave a public comment on Facebook CEO Mark Zuckerberg’s wall.

“First sorry for breaking your privacy and post to your wall,” an apparent screenshot of the hack reads. “I has [sic] no other choice to make after all the reports I sent to Facebook team.”

But it’s not exactly newsworthy that Shreateh found a bug. In fact, Facebook runs a program that encourages white-hat hackers to find and report bugs in Facebook infrastructure in exchange for a cash reward. What is unusual is that Facebook didn’t respond to Shreateh’s initial reports about the bug, and that Shreateh then exploited it in violation of Facebook’s policies for white-hat hackers.

“The more important issue here is with how the bug was demonstrated using the accounts of real people without their permission,” Matt Jones, a Facebook software engineer said. So why didn’t Facebook respond right away to Shreateh’s reports? It seems his bug was lost – literally – in translation. Shreateh’s English is a little shaky, and the Facebook developer he corresponded with doesn’t seem to understand the report:

“Rhe vulnerability allow’s facebook users to share posts to non friends facebook users , i made a post to sarah.goodin timeline and I got success post… of course you may cant see the link because sarah’s timeline friends posts shares only with her friends, you need to be a friend of her to see that post or you can use your own authority.”

“I am sorry this is not a bug,” a Facebook employee reportedly fired back.

Read more: http://www.theage.com.au/national/just-not-good-friends–zuckerberg-hacked-by-man-with-a-bug-in-his-bonnet-20130820-2s99w.html#ixzz2cWLyGolH

, , , , , , ,

Comments are closed.
%d bloggers like this: