Slashdot Mirror

← Back to Stories (view on slashdot.org)

Facebook Paid $10,000 To A 10-Year-Old For Hacking Instagram (thenextweb.com)

Posted by BeauHD on from the bounty-program dept.

An anonymous reader writes: Facebook has paid $10,000 to a 10-year-old hacker who discovered how one could hack into Instagram and delete comments made by users. Speaking to local publication Iltalehti, Jani said: "I would have been able to eliminate anyone, even Justin Bieber." The Finnish hacker just became the youngest person to receive cash from Facebook for hacking its products. The previous record was set by a 13-year-old back in 2013. What's funny is Jani isn't technically old enough to sign-up and use Facebook or Instagram, as it's supposed to be restricted to those under the age of 13. Jani found he could alter code on Instagram's servers and force-delete users' posts. This was confirmed by Facebook using a test account and patched in February, Facebook told Forbes. Facebook has received more than 2,400 valid submissions and awarded upwards of $4.3 million to over 800 researchers since the bounty program launched in 2011.

13 of 62 comments (clear)

  1. missed opportunity! by Gravis+Zero · · Score: 4, Funny

    "I would have been able to eliminate anyone, even Justin Bieber."

    ah hell, i would have paid him $20K if he actually had. *sigh*

    --
    Anons need not reply. Questions end with a question mark.
  2. $10K to Facebook is cheap! by FlyHelicopters · · Score: 4, Insightful

    Frankly, this is smart on Facebook's part... For $10K they avoided a serious flaw in their systems that they didn't catch. Had they not offered the money, he might not have told them.

    Or he might have, but better safe than sorry.

    10 years old? Sheesh, Facebook should hire the kid! :)

    1. Re:$10K to Facebook is cheap! by ttyX · · Score: 2

      They sure did get off cheap here. The bounty doesn't seem reasonable considering the severity.

  3. Re:Simple question by wonkey_monkey · · Score: 3, Insightful

    How does a 10 year old getting paid $10k by Facebook affect my life or most people's lives in any significant manner? I'd really like to know.

    Again, I would ask why you think it matters to anyone that you, personally, aren't interested in this particular story.

    Slashdot isn't here to cater to your personal tastes. If you're not interested in a particular story, just ignore it, you moron.

    I expect I'll be downmodded into the oblivion of -1 because nobody can give me a good answer.

    No, you'll get downmodded because it's a stupid question from an idiot.

    --
    systemd is Roko's Basilisk.
  4. 2400 security issues in 5 years by El_Muerte_TDS · · Score: 3, Interesting

    That's more than 1 a day. Maybe Facebook should improve their software development.
    And with 1 security issue a day do you really want to put your "private" info on that system.

    1. Re:2400 security issues in 5 years by drinkypoo · · Score: 2

      And with 1 security issue a day do you really want to put your "private" info on that system.

      I have never understood why anyone has ever used anything other than "public" on social networking, because the only safe thing is to assume that it's all public anyway.

      With that said, I picked up a habit for public blathering with my first website when I was 15, and the web was shiny and new. It doesn't seem to be going away.

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
  5. UKism? by LMariachi · · Score: 4, Interesting

    > it's supposed to be restricted to those under the age of 13

    Is this an Anglicanism I don't know about? In U.S. English, "restricted to" means "only allowed for," e.g. "R-rated movies are restricted to viewers over 17." Viewers under 17 are restricted from viewing them.

    1. Re:UKism? by n6kuy · · Score: 2

      You're right. In American English anyway.

      "Restricted to X" means available only to X.

      --
      If you disagree with me on social issues, then it's pretty clear that you are a narrow-minded bigot.
  6. How did he do it? by Anonymous Coward · · Score: 3, Insightful

    TFA gave a lot of useless information and stats but nothing actually of interest.

    How did he do it seems like a more appropriate question.

  7. That's the reason for these programs in the first by waspleg · · Score: 2, Interesting

    place - that they don't have to hire anyone. It's another form of temp worker program. They don't owe benefits don't owe pension or 401k matching nor do they even have the possibility of being sued despite the kid being too young to work basically anywhere.

    How much would they have paid a professional security firm or on staff IT to audit them and get this result?

  8. Re:Under 13 by tomhath · · Score: 2

    But his parents did. Do you really think the kid found the hack? Or maybe he got a little assistance?

  9. Re:Simple question by Wovel · · Score: 2

    Pro tip. Create an account and log in to post. For many (perhaps most or even all) people, posts by ACs start at -1. This is sensible since most AC posts are completely worthless. Since there is really nothing in your post to suggest it should be significantly modded up, you are likely stuck in that hole.

  10. Only $10,000? by twmcneil · · Score: 2

    Cheap Bastards.

    --
    "The ferrets, they're every where I tell you!"