A researcher who hails from Palestine has taken over Mark Zuckerberg’s Facebook page by posting a bug report on his wall. It is his attempt to point out how he was ignored by Facebook’s white hat security staff despite pleas to the contrary.
Facebook has a policy of welcoming people who point out vulnerabilities in the system. They even pay $500 per breach which is shown by well-wishers. This is hacking for a good purpose. But recently a Palestinian IT expert was repeatedly ignored after he made several attempts at showing a very vital flaw in Facebook’s pre-existing set up. Finally, after much frustration he was forced to actually hack Mark Zuckerberg’s home page in a drastic move to attract some attention. The chink in the cyber-structure of Facebook allows anyone to post anything they want on anybody else’s account. The man’s name was Khalil Shreateh and he got a rude and abrupt reply from the Security Team. “Sorry this is not a bug” was the only rejoinder to his messages.
In a last ditch effort, Khalil posted some odd content on Mark Zuckerberg’s page. He began by saying that he was sorry for the intrusion. But he also spoke of how it was necessary after all the rejection he faced. The bug allowed you to post your info on anyone’s home page even if you were not a friend of that person. After Khalil’s actions he deserves $500 for pointing out a major mistake. Yet there is talk of withholding any reward. It is said that his acts went against the Terms of Service. However, he was welcomed as far as pointing out any future cracks in the system was concerned.
A Facebook security engineer, MKJones has explained through a post on Hacker News this Saturday. He said, "To be clear, we fixed this bug on Thursday. The OP is correct that we should have asked for additional repro instructions after his initial report. Unfortunately, all he submitted was a link to the post he'd already made (on a real account whose consent he did not have - violating our ToS and responsible disclosure policy), saying that "the bug allow facebook users to share links to other facebook users". Had he included the video initially, we would have caught this much more quickly."