Facebook Intern Gets Preemptive Ax For Exposing Security Flaw

Engadget reports that Harvard student Aran Khanna, who was about to begin an internship at Facebook, had that internship yanked after he created (and took down, but evidently too slowly for the company's taste) a browser plug-in that exposed a security flaw in Facebook, by allowing users to discover the location of other users when they use the Messenger app. Surely Khanna won't be jobless or internship-less for long. (Don't expect the app to work now; it's still in the Chrome store as a historical artifact, though, and at GitHub.)

Re:What did you expect to happen?

[alvinrod]

Sounds like a classic case of a brilliant engineer/programmer simply lacking in common sense, perhaps in this instance due to being young more than anything.

Re:What did you expect to happen?

[buchner.johannes]

It is not really a security flaw, it is a choice of design, and the extension showed what the consequences are -- namely that you can find out the habits and travels of a person, remotely.
This is similar to the mobile phone metadata, from which you can learn everything* about a person

Netherlands: https://www.bof.nl/2014/07/30/...
Germany: http://www.businessinsider.com...

*You put in some assumptions too, and being very confident about the conclusions of that person may have low validity, but that hasn't stopped the NSA.

Re:dear clueless megacorp and mediocre middle mgmn

[RatherBeAnonymous]

The curios part about this is that this privacy leakage flaw has been know since 2012 and was reported in the media. Facebook didn't care.

Aran Khanna MADE Facebook care. I don't know if he was trolling Facebook or if he is just naive. Either way, I applaud his results.