Security expert hacks Mark Zuckerbergs Facebook page expose site vulnerability listen warnings glitch
Palestinian hacker Khalil Shreateh discovered a glitch that allows anyone to post to a stranger's Facebook wall
A hacker from Palestine found a Facebook glitch that allowed anyone to post on a stranger’s wall, but when the company ignored his warnings he took them all the way to the top by posting about the issue on Mark Zuckerberg’s wall.
Khalil Shreateh first contacted the Facebook security team after proving the glitch was real by writing on the wall of a friend of the Facebook founder.
But instead of thanking him and fixing the issue, Facebook said it wasn’t a bug. And because of the methods Shreateh used to finally convince them of the threat, Facebook later denied him the reward usually given to programmers who report holes in the site’s security.
‘My name is Khalil Shreateh. I finished school with B.A degree in Information Systems . I would like to report a bug in your main site (www.facebook.com) which i discovered it...The bug allow Facebook users to share links to other facebook users , I tested it on Sarah.Goodin wall and I got success post.’
Shreateh, whose first language is Arabic, lives in Palestine and is in no way connected with Zuckerberg’s fellow Harvard alum Goodin. He hoped his ability to post to her page, nonetheless, would help prove his case to Facebook security.
Pictured: Only your friends are supposed to be able to write on your Facebook wall, but using the glitch he found, Shreateh wrote about the issue on CEO and founder of Facebook Mark Zuckerberg's wall
Shreateh went on to recount his attempts to warn the website and posted a grab of the post on his blog.
However, instead of repairing the obvious security breach, Facebook replied to Shreateh by saying the issue ‘was not a bug.’Undeterred, Shreateh used the glitch to hack his way onto Mark Zuckerberg’s Facebook page.‘Sorry for breaking your privacy,’ he wrote in a since removed post to Zuckerberg, ‘I had no other choice…after all the reports I sent to Facebook team.’
No comments:
Post a Comment