Slashdot Mirror

← Back to Stories (view on slashdot.org)

Security Researcher Makes His Point By Hacking Into Zuckerberg's Facebook Page

Posted by samzenpus on from the do-you-see-it-now? dept.

Eugriped3z writes "Whitehat Palestinian hacker Kahlil Shreateh submitted a bug report to Facebook's Whitehat bug reporting page not once, but twice. After it was ignored the first time and denied outright on the second occasion (which included links to an example as proof), he hacked Mark Zuckerberg's personal timeline, leaving both an explanation and an apology. From the article: 'In less than a minute, Shreateh's Facebook account was suspended and he was contacted by a Facebook security engineer requesting all the details of the exploit. 'Unfortunately your report to our Whitehat system did not have enough technical information for us to take action on it,' the engineer wrote in an email. 'We cannot respond to reports which do not contain enough detail to allow us to reproduce an issue.' Facebook has a policy that it will pay a minimum $500 bounty for any security flaws that a hacker finds. However, the company has refused to pay Shreateh for discovering the vulnerability because his actions violated Facebook's Terms of Service.'"

4 of 266 comments (clear)

  1. Re:Won't pay? by vswee · · Score: 1, Offtopic

    Agreed. Also, hackers are not really the people you'd want to shortchange. They're a vengeful bunch I've heard.

  2. Re:Won't pay? by mrclisdue · · Score: -1, Offtopic

    Exactly - fuck me once, shame on you, fuck me twice...

    B-but what if she's like, super HOT, and I really, really want a second fuck? It'll last more than 4 milliseconds next time, honest!

    cheers,

  3. Re:Take it public by aitikin · · Score: -1, Offtopic

    The guy posted his e-mail that he sent to facebook as "proof" that he tried to go about it the correct way. I think it was on his personal blog.

    Basically all he did is say "I posted to someone's timeline, this is a bug" and linked to the post he made. He didn't explain anything.

    The communication was secure between him and facebook.

    ...and the NSA...

    --
    "Don't meddle in the affairs of a patent dragon, for thou art tasty and good with ketchup." ~ohcrapitssteve
  4. Re:What next? by gd2shoe · · Score: -1, Offtopic

    You presume that the presence of an army is prerequisite for being targeted by Palestinian rockets. What a silly notion.

    (Both sides of that particular "conflict" are way out of line... but especially so for the Palestinians.)

    --
    I won't join Slashcott. OTOH, If Beta goes live, I just won't be back until it's fixed. Sorry Dice.