Facebook pays $10,000 to 10-year-old for finding Instagram flaw that allowed comments to be deleted

By midian182 ยท 4 replies
May 4, 2016
Post New Reply
  1. You have to be at least 13 years old to have an account on Instagram, but this didn’t stop one 10-year-old Finnish boy from exposing a vulnerability in the Facebook-owned photo-sharing application and winning $10,000 for his work.

    Helsinki-based Jani (his parents didn’t reveal his last name) discovered that he could erase any written content on Instagram by altering code on its servers. Facebook told Forbes that he verified this by deleting a comment the company posted on a test account.

    The Facebook spokesperson added that the problem came from a private application program interface not properly checking that the person deleting the comment was the same one who posted it.

    “I tested whether the comments section of Instagram can handle harmful code. Turns out it can’t. I noticed that I can delete other people’s comments from there,” Jani told Helskini-based newspaper Iltalehti. “I could have deleted anyone’s – like Justin Bieber’s for example.”

    Facebook’s bug bounty program rewards people who identify and report security issues. In the five years since it launched, it has paid $4.3 million to more than 800 researchers for over 2400 submissions. Instagram was added to the program in 2014.

    Payouts vary based on the level of risk a bug poses. Considering the average reward last year was only $1780, Jani’s $10,000 shows that Facebook regarded it as a fairly high-level threat.

    Jani, who learned his skills by watching YouTube instructional videos, is now the youngest person to receive a reward from the program, beating the record set by a 13-year-old back in 2013. He said he plans to buy a football and new bicycle with some of the money.

    Permalink to story.

    Last edited by a moderator: May 4, 2016
  2. Uncle Al

    Uncle Al TS Evangelist Posts: 3,347   +1,991

    All of $10,000? What a cheapskate! At least give the boy $100,000 to boost his college education. Hell, you might want to someday hire him! Guess he doesn't understand the concept of paying it forward or just a simple decent reward.
  3. Theinsanegamer

    Theinsanegamer TS Evangelist Posts: 860   +874

    I'm sorry, what? You a little salty there bud?

    $10000 for a bug isnt out of the ordinary for a junior bug-finder, especially for a non-critical bug. Also consider he is 10. 10k is a lot to an 8 year old. They could invest that 10k for 8 years and make a decent chunk of change.

    Also, college in finland is far more affordable than in the US. Perhaps you missed that $10k would pay for 4 years tuition at a VERY nice finnish university.
  4. EClyde

    EClyde TS Evangelist Posts: 1,308   +430

    He is one ugly dude
  5. davislane1

    davislane1 TS Grand Inquisitor Posts: 4,737   +3,757

    So. Quick forum game.

    How do you spot an American on the Internet?

    First person to answer correctly gets a fantastic prize.*

    *Eligibility rules may apply.
    Panda218 likes this.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...