Mark Zuckerberg Hacked By Palestinian! Researcher Posts On Mark Zuckerberg’s Timeline To Let Zuckerberg Know About Bug [VIDEO & REPORT]

By Jobs & Hire Staff Reporter | Aug 19, 2013 04:10 PM EDT

TEXT SIZE    

If you ever discover a bug on social networking site Facebook that allows just about anyone to post on your Timeline, then demonstrating it on the CEO's Timeline is the best way to demonstrate the problem -this is exactly what a Palestinian hacker Khalil Shreateh did.

Shreateh, a security researcher, first told Facebook about the bug but got a response that what he identified as a bug "was not a bug". The response prompted Shreateh to try out the bug on the CEO's Timeline just to prove a point.

"First sorry for breaking your privacy and post to your wall," Shreateh posted on Mark Zuckerberg's Timeline. "I has no other choice to make after all the reports I sent to Facebook team." Facebook Timeline is a place on Facebook where users' photos, stories, and statuses are located.

The social networking site fixed the bug Thursday and clarified to reporters that the original tip from Shreateh did not go unheard but that the researcher did not provide ample information about the bug.

Facebook's Matt Jones, a software engineer for the website wrote on Hacker News that the team "should have asked for additional reproduction instructions after his initial report." Jones added in Hacker News' forum, "Unfortunately, all he submitted was a link to the post he'd already made ... Had he included the video initially, we would have caught this much more quickly."

Khalil Shreateh posted a YouTube video showing how he posted on Zuckerberg's Timeline even if the two aren't friends later on to show the team and the world what he had found. Jones also posted in the forum that the Palestinian Shreateh's English was difficult to understand but noted that the social networking site gets the "best reports come from people whose English isn't great."

With the Facebook White Hat program, researchers and hackers can report vulnerabilities to Facebook in exchange for a monetary reward. Shreateh however will not be getting a reward for finding this particular vulnerability because he exploited another person's account to demonstrate the bug without their express permission.

pre post  |  next post
More Sections