White hat hacker uses Facebook bug to post on Zuckerberg's timeline

By David Tom
Aug 19, 2013
Post New Reply
  1. Facebook offers a pretty attractive bug bounty program that rewards white hatters for identifying and reporting vulnerabilities in their service. In search of a $500+ reward, Palestine’s Khalil Shreateh discovered a method to circumvent the website’s privacy settings, allowing him...

    Read more
  2. wastedkill

    wastedkill TechSpot Maniac Posts: 1,043   +218

    I read all this and how else was he going to get the point across to the stupid researchers at facebook? He did the right thing they all said it wasn't a bug so he proved it and he only did it on marks facebook page so how did he exploit it?

    He is in the right the researchers are in the wrong its their fault he had to go to the length he did to show them it is a bug that he is not just trying to make a quick buck.

    He deserves the cash its purely *****ic to deny him that if I owned facebook I wouldn't have denied him the cash as the researchers said it wasn't a bug so how else could he prove it? simple he had to prove it to them by showing them hence why he deserves it.

    Number one rule in life if you say a bug isn't a bug them when the guy proves it you don't deny him the cash as he did the right thing its just you have low IQ employee's so you show your gratitude to him by giving him whats rightfully his or would you rather have the bug exploited without you knowing?
    danhodge, Uvindu and cliffordcooley like this.
  3. Halfmad

    Halfmad Newcomer, in training

    Done without permission, in what way is he a white hat then? Surely he's a Gray-hat for exploiting it, even without malicious intent.

    He's a gray hat as he's exploited it and in doing so ensure it was made public.
  4. Tiberath

    Tiberath TechSpot Member

    The Facebook security team said "This is not a bug". You cannot exploit and make public something which the guys in charge of preventing just that scenario say isn't an exploit. They screwed up, not him.

    It's like arresting someone after telling them what they're about to do isn't illegal.
    Uvindu and cliffordcooley like this.
  5. Skidmarksdeluxe

    Skidmarksdeluxe TechSpot Evangelist Posts: 2,797   +702

    Now that's a kick in the teeth if I ever saw one. If I was this Kahlil person I'd try hack Zuckerberg's bank account and take what's rightfully mine plus a bit more for effort and leave a trail pointing to the NSA :p **sigh** It's nice to dream.
  6. TheBigFatClown

    TheBigFatClown TechSpot Booster Posts: 398   +136

    Mark Zergerburger has net assets worth 26 billion dollars and he offers a $500.00 reward for finding serious bugs? LOL. Can you spare it Mr. Zergerburger? That is hilarious. I'll bet Mr. Zergerburger laughs inside everytime he pays somebody $500.00 for finding serious bugs. That is what I call rape in the first degree.

    I'd kick mark right in the nuts if he tried to hand me a check for $500.00. What a slap in the face.
  7. cliffordcooley

    cliffordcooley TechSpot Paladin Posts: 5,752   +1,421

    Can you imagine what he does every time he uses a BS excuse, not to pay for legitimate claims?
  8. If FB said "it's not a bug" why the punishment, although no reason to pay either.. It's hard to compute solution to this :D
  9. tipstir

    tipstir TS Ambassador Posts: 4,576   +76

    Bad code on FB part should have been debugged.. Timeline is not secured as we all were told. FB like so many protection areas are not protected.
  10. Adhmuz

    Adhmuz TechSpot Paladin Posts: 893   +98

    Facebook is run by *******s, big surprise there, Mark Zuckerberg is the biggest of them all and this is just another reason to not have a FB account. If I was in Khalil Shreateh's shoes I'd do anything and everything in my power to make the jobs of the people running FB's security a living hell for the next foreseeable while. He got scammed, the way a lot of people do and he has all the right to be upset. Also $500 is such a joke, at least Google offers 10 times that for exploits and even more if its a serious issue.
    wastedkill and cliffordcooley like this.
  11. RenGood08

    RenGood08 TechSpot Booster Posts: 191   +13

    Wow...seriously Facebook? That is just....ugh. Makes me want to close my account even more.
     
  12. Lurker101

    Lurker101 TechSpot Addict Posts: 626   +122

    Instead of talking, why not just do it? Or are you one of those people who threaten to close their facebork profile every time there's a little bit of drama?
  13. RenGood08

    RenGood08 TechSpot Booster Posts: 191   +13

    No. I have family members I can get ahold of easily and they atleast have facebook. So I keep it JUST for them. =P
  14. RenGood08

    RenGood08 TechSpot Booster Posts: 191   +13

    I could be more dramatic about it. I THINK about it. Doesn't mean I WILL do it. =P
  15. Logic Overflow

    Logic Overflow Newcomer, in training

    It seems you're the type of person who just likes to stir the pot. *Corrected.
  16. Lurker101

    Lurker101 TechSpot Addict Posts: 626   +122

    I'm the sort of person who's more than a little sick of people constantly "threatening" to leave facebork. They'll happily sit there, draw a line in the sand and declare loud and clear "if facebook crosses this line, I'm done". Then facebook inevitably crosses the line and instead of leaving, they'll take a step back and draw a new line in the sand until eventually, they're out of the sand and into tropical tundra.
    St1ckM4n likes this.
  17. Cycloid Torus

    Cycloid Torus TechSpot Booster Posts: 163   +38

    Always thought FB full of holes, now certain. Never joined, probably never will.
    RenGood08 likes this.
  18. Adhmuz

    Adhmuz TechSpot Paladin Posts: 893   +98

    And what are you doing? If not contradicting yourself.
     
  19. NTAPRO

    NTAPRO TechSpot Enthusiast Posts: 807   +91

    "I has no choice"
  20. TheDreams

    TheDreams TechSpot Booster Posts: 467   +43

    I bet the Facebook security team caught hell for this :p
  21. tipstir

    tipstir TS Ambassador Posts: 4,576   +76

    We all have family and close friends on FB. But lately I've been moving things off my timeline after this news.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.