Please Try again!
expand

A Guy Hacked Zuck's Wall After Facebook Ignored His Bug Report

A Guy Hacked Zuck's Wall After Facebook Ignored His Bug Report
Facebook

A Guy Hacked Zuck's Wall After Facebook Ignored His Bug Report

Khalil, a Palestinian white hat hacker, submitted bug reports to Facebook about a vulnerability that allowed him to post on anyone's wall. But Facebook's security team didn't do anything. So Khalil wrote on Mark Zuckerberg's wall about it and was generally a badass.

Khalil explains on his blog that he submitted a full description of the bug, plus follow-up proof of its existence to the Facebook security feedback page, where researchers can win rewards of at least $500 for finding significant vulnerabilities. Then he submitted again. The second time he got an e-mail back that said, "I am sorry this is not a bug."

When he posted on Zuckerberg's wall, Khalil said, "First sorry for breaking your privacy and post to your wall , i has no other choice to make after all the reports i sent to Facebook team ." He then detailed the situation and provided links.

Within minutes, a Facebook engineer contacted Khalil for more information and then blocked his account "as a precaution" while a security team fixed the bug. Later his account was re-enabled. But Facebook says that he cannot claim a reward for the find because in hacking Zuck's wall he violated Facebook's terms of service. They commented that, "exploiting bugs to impact real users is not acceptable behavior for a white hat. In this case, the researcher used the bug he discovered to post on the timelines of multiple users without their consent." Facebook admits, though, that its team should have been more diligent in following up on Khalil's submission. So. Cool. Problem solved. [RT, The Verge]

Contribute to Gizmodo

Write for Us
Taio Cruz Builds Social Network, Reminds Us Of His ExistanceNext StoryTaio Cruz Builds Social Network, Reminds Us Of His Existance

Also on Gizmodo

Comments ()

X
Sort By:

TIMES GLOBAL PARTNERS

Times Global Partners is an initiative focused on partnering with Established and Emerging Global Digital Companies for growing their presence and business in India through growth in their Brand, audience, adoption, distribution and monetization.