This picture shows what Khalil posted on Zuckerberg's Profile |
Khalil said on his blog that he submitted several reports to Facebook's "white hat" team about a site vulnerability that allowed him to post on anybody's wall, despite their security settings.
Researchers who submit a full description of a flaw, plus proof of its existence to Facebook's security page can get rewards of at least $500, but the second time Khalil submitted the error, he received an e-mail telling him "I am sorry this is not a bug."
Finally, Khalil decided to post on Zuckerberg's wall to prove that he'd found a bug. His post read: "First sorry for breaking your privacy and post to your wall, i has no other choice to make after all the reports i sent to Facebook team. My name is KHALIL from Palestine. "
His reward for exposing the flaw was having his Facebook account disabled.
He later got a message saying, "We are unfortunately not able to pay you for this vulnerability because your actions violated our Terms of Service. We do hope, however, that you continue to work with us to find vulnerabilities in the site."
Facebook said it appreciates help with security but not by hacking into user accounts.
Jones said that "the more important issue here is with how the bug was demonstrated using the accounts of real people without their permission."
"We welcome and will pay out for future reports from him (and anyone else!) if they're found and demonstrated within these guidelines," Jones said on the YCombinator hacker news forum.
You have read this articleNews
with the title Facebook Won't Reward Khalil Shreateh, Zuckerberg's Profile Hacker. You can bookmark this page URL http://astrofuturetrends.blogspot.com/2013/08/facebook-won-reward-khalil-shreateh.html. Thanks!
Write by:
RC - Monday, August 19, 2013
Comments "Facebook Won't Reward Khalil Shreateh, Zuckerberg's Profile Hacker"
Post a Comment