August 19, 2013
August 19, 2013
“Sorry for breaking your privacy” were the words of hacker from Palestine after he hacked his way onto Mark Zuckerberg’s Facebook page this month.
But the move seemingly didn’t intend to pose a threat to the Facebook founder.
Khalil Shreateh wanted to prove a point.
The hacker says he was ignored by the social network when he told them that he found a glitch that allowed anyone to post on a stranger’s wall.
Khalil Shreateh wanted to prove a point. (Photo courtesy: Google Plus)
On his blog, Shreateh posted the replies he received from the Facebook security team after filing his finding.
At Facebook, hackers or programmers are encouraged to submit any glitches they find through the company’s white hat disclosure program and get a reward, which could reportedly reach up to $500.
Shreateh, whose first language is Arabic, had written to Facebook saying: ‘My name is Khalil Shreateh. I finished school with B.A degree in Information Systems . I would like to report a bug in your main site (www.facebook.com) which i discovered it…The bug allow Facebook users to share links to other facebook users , I tested it on Sarah.Goodin wall and I got success post.’
In Shreateh’s case however, Facebook said “it wasn’t a bug.”
The Palestinian hacker used a glitch to hack his way onto Zuckerberg’s page. (Photo courtesy: Khalil Shreateh)
“Because of the methods Shreateh used to finally convince them of the threat, Facebook later denied him the reward usually given to programmers who report holes in the site’s security,” the Daily Mail reported on Sunday.
Undeterred and adamantly trying to prove his point, the hacker then used the glitch to hack his way onto Zuckerberg’s Facebook page by writing on the wall of a friend of the Facebook founder.
“Sorry for breaking your privacy,” he wrote in a post to Zuckerberg, “I had no other choice…after all the reports I sent to Facebook team,” posting an image grab of the post on his blog.
The move prompted an immediate reply from Facebook, contacting him to ask why he had hacked their Zuckerberg’s page
“We fixed this bug on Thursday,” wrote Matt Jones from Facebook’s security team in a Saturday post on Hacker News.
Shreateh had violated the terms of service, by posting to Zuckerberg and Goodin’s accounts, and will not be rewarded for his find, Jones said.
“In order to qualify for a payout you must ‘make a good faith effort to avoid privacy violations” and “use a test account instead of a real account when investigating bugs,’” the Daily Mail reported Jones as saying.
Still, Facebook welcomed Shreateh to inform them of any additional glitches in the future.
“[We] will pay out for future reports from him,” wrote Jones, “if they’re found and demonstrated within these guidelines.
Source: Al Arabiya