Kamikaze Pilot
BANNED
- Joined
- Jan 16, 2013
- Messages
- 5,241
- Reaction score
- -66
- Country
- Location
This incident is an apt metaphor for the caliber and mentality of CIA, FBI and US military. In fact the purpose the Palestinian hacker did this was to convey a message of warning and to demonstrate how fragile US defense and security systems are and how overconfident Yankees are. The hacking of Zuckerberg's FB account, the manner of doing it and the aftermath symbolize much more than just internet activity.
Computer expert hacks into Mark Zuckerberg's Facebook page to expose the site's vulnerability after his security warnings were dismissed (...they're taking it seriously now though)
By JOSHUA GARDNER
PUBLISHED: 16:56 GMT, 18 August 2013 | UPDATED: 15:37 GMT, 19 August 2013
A hacker from Palestine found a Facebook glitch that allowed anyone to post on a strangers wall, but when the company ignored his warnings he took them all the way to the top by posting about the issue on Mark Zuckerbergs wall.
Khalil Shreateh first contacted the Facebook security team after proving the glitch was real by writing on the wall of a friend of the Facebook founder.
But instead of thanking him and fixing the issue, Facebook said it wasnt a bug. And because of the methods Shreateh used to finally convince them of the threat, Facebook later denied him the reward usually given to programmers who report holes in the sites security.
My name is Khalil Shreateh. I finished school with B.A degree in Information Systems . I would like to report a bug in your main site (www.facebook.com) which i discovered it...The bug allow Facebook users to share links to other facebook users , I tested it on Sarah.Goodin wall and I got success post.
Shreateh, whose first language is Arabic, lives in Palestine and is in no way connected with Zuckerbergs fellow Harvard alum Goodin. He hoped his ability to post to her page, nonetheless, would help prove his case to Facebook security.
Took it to the top: Security expert Khalil Shreateh used a Facebook glitch to post to Mark Zuckerberg's wall after the site's security team refused to heed his warnings about the vulnerability
Pictured: Only your friends are supposed to be able to write on your Facebook wall, but using the glitch he found, Shreateh wrote about the issue on CEO and founder of Facebook Mark Zuckerberg's wall
However, instead of repairing the obvious security breach, Facebook replied to Shreateh by saying the issue was not a bug.
Undeterred, Shreateh used the glitch to hack his way onto Mark Zuckerbergs Facebook page.
Sorry for breaking your privacy, he wrote in a since removed post to Zuckerberg, I had no other choice after all the reports I sent to Facebook team.
Shreateh went on to recount his attempts to warn the website and posted a grab of the post on his blog.
Minutes later, his pleas were answered. Facebook contacted him demanding to know how hed hacked their bosses personal page.
We fixed this bug on Thursday, wrote Matt Jones from Facebooks security team in a Saturday post on Hacker News.
Facebook has a bounty program designed to bribe hackers into reporting glitches they find rather than exploiting them. Such validated reports are worth $500.
Smiling now? He was ignored twice by Facebook security, but Shreateh got a speedy response when he posted to Zuckerberg's wall. But he won't get the usual $500 reward because he violated their terms of service
But in his post, Jones explains that Shreateh will not be getting his money.
In order to qualify for a payout you must "make a good faith effort to avoid privacy violations" and "use a test account instead of a real account when investigating bugs, Jones writes.
By posting to Zuckerberg and Goodins accounts, says Jones, Shreateh violated the terms of service and will not be rewarded for his find.
Nonetheless, Facebook welcomes Shreateh to inform them of any additional glitches he finds for them in the future.
[We] will pay out for future reports from him, writes Jones, if they're found and demonstrated within these guidelines.
Victim? Zuckerberg uses Facebook to post about big life events, such as his marriage to Priscilla Chan, just like everyone else. And like everyone else, Zuckerberg's account was vulnerable to the glitch Shreatah found
Mark Zuckerberg's Facebook page hacked by Khalil Shreateh to expose site vulnerability | Mail Online
Computer expert hacks into Mark Zuckerberg's Facebook page to expose the site's vulnerability after his security warnings were dismissed (...they're taking it seriously now though)
- Palestinian hacker Khalil Shreateh discovered a glitch that allows anyone to post to a stranger's Facebook wall
- After Facebook ignored a report of the bug Shreateh sent, the hacker posted to Zuckerberg's wall and got a speedy response
- But Facebook won't pay the normal $500 bounty to Shreatah because they say his intrusive methods broke the rules
By JOSHUA GARDNER
PUBLISHED: 16:56 GMT, 18 August 2013 | UPDATED: 15:37 GMT, 19 August 2013
A hacker from Palestine found a Facebook glitch that allowed anyone to post on a strangers wall, but when the company ignored his warnings he took them all the way to the top by posting about the issue on Mark Zuckerbergs wall.
Khalil Shreateh first contacted the Facebook security team after proving the glitch was real by writing on the wall of a friend of the Facebook founder.
But instead of thanking him and fixing the issue, Facebook said it wasnt a bug. And because of the methods Shreateh used to finally convince them of the threat, Facebook later denied him the reward usually given to programmers who report holes in the sites security.
My name is Khalil Shreateh. I finished school with B.A degree in Information Systems . I would like to report a bug in your main site (www.facebook.com) which i discovered it...The bug allow Facebook users to share links to other facebook users , I tested it on Sarah.Goodin wall and I got success post.
Shreateh, whose first language is Arabic, lives in Palestine and is in no way connected with Zuckerbergs fellow Harvard alum Goodin. He hoped his ability to post to her page, nonetheless, would help prove his case to Facebook security.
Took it to the top: Security expert Khalil Shreateh used a Facebook glitch to post to Mark Zuckerberg's wall after the site's security team refused to heed his warnings about the vulnerability
Pictured: Only your friends are supposed to be able to write on your Facebook wall, but using the glitch he found, Shreateh wrote about the issue on CEO and founder of Facebook Mark Zuckerberg's wall
However, instead of repairing the obvious security breach, Facebook replied to Shreateh by saying the issue was not a bug.
Undeterred, Shreateh used the glitch to hack his way onto Mark Zuckerbergs Facebook page.
Sorry for breaking your privacy, he wrote in a since removed post to Zuckerberg, I had no other choice after all the reports I sent to Facebook team.
Shreateh went on to recount his attempts to warn the website and posted a grab of the post on his blog.
Minutes later, his pleas were answered. Facebook contacted him demanding to know how hed hacked their bosses personal page.
We fixed this bug on Thursday, wrote Matt Jones from Facebooks security team in a Saturday post on Hacker News.
Facebook has a bounty program designed to bribe hackers into reporting glitches they find rather than exploiting them. Such validated reports are worth $500.
Smiling now? He was ignored twice by Facebook security, but Shreateh got a speedy response when he posted to Zuckerberg's wall. But he won't get the usual $500 reward because he violated their terms of service
But in his post, Jones explains that Shreateh will not be getting his money.
In order to qualify for a payout you must "make a good faith effort to avoid privacy violations" and "use a test account instead of a real account when investigating bugs, Jones writes.
By posting to Zuckerberg and Goodins accounts, says Jones, Shreateh violated the terms of service and will not be rewarded for his find.
Nonetheless, Facebook welcomes Shreateh to inform them of any additional glitches he finds for them in the future.
[We] will pay out for future reports from him, writes Jones, if they're found and demonstrated within these guidelines.
Victim? Zuckerberg uses Facebook to post about big life events, such as his marriage to Priscilla Chan, just like everyone else. And like everyone else, Zuckerberg's account was vulnerable to the glitch Shreatah found
Mark Zuckerberg's Facebook page hacked by Khalil Shreateh to expose site vulnerability | Mail Online