1. TechSpot is dedicated to computer enthusiasts and power users. Ask a question and give support. Join the community here.
    TechSpot is dedicated to computer enthusiasts and power users.
    Ask a question and give support.
    Join the community here, it only takes a minute.
    Dismiss Notice

White hat hacker uses Facebook bug to post on Zuckerberg's timeline

By David Tom · 20 replies
Aug 19, 2013
Post New Reply
  1. Facebook offers a pretty attractive bug bounty program that rewards white hatters for identifying and reporting vulnerabilities in their service. In search of a $500+ reward, Palestine’s Khalil Shreateh discovered a method to circumvent the website’s privacy settings, allowing him...

    Read more
  2. wastedkill

    wastedkill TS Evangelist Posts: 1,423   +350

    I read all this and how else was he going to get the point across to the stupid researchers at facebook? He did the right thing they all said it wasn't a bug so he proved it and he only did it on marks facebook page so how did he exploit it?

    He is in the right the researchers are in the wrong its their fault he had to go to the length he did to show them it is a bug that he is not just trying to make a quick buck.

    He deserves the cash its purely *****ic to deny him that if I owned facebook I wouldn't have denied him the cash as the researchers said it wasn't a bug so how else could he prove it? simple he had to prove it to them by showing them hence why he deserves it.

    Number one rule in life if you say a bug isn't a bug them when the guy proves it you don't deny him the cash as he did the right thing its just you have low IQ employee's so you show your gratitude to him by giving him whats rightfully his or would you rather have the bug exploited without you knowing?
    danhodge, Uvindu and cliffordcooley like this.
  3. Halfmad

    Halfmad TS Rookie

    Done without permission, in what way is he a white hat then? Surely he's a Gray-hat for exploiting it, even without malicious intent.

    He's a gray hat as he's exploited it and in doing so ensure it was made public.
  4. Tiberath

    Tiberath TS Member

    The Facebook security team said "This is not a bug". You cannot exploit and make public something which the guys in charge of preventing just that scenario say isn't an exploit. They screwed up, not him.

    It's like arresting someone after telling them what they're about to do isn't illegal.
    Uvindu and cliffordcooley like this.
  5. Skidmarksdeluxe

    Skidmarksdeluxe TS Evangelist Posts: 7,986   +2,879

    Now that's a kick in the teeth if I ever saw one. If I was this Kahlil person I'd try hack Zuckerberg's bank account and take what's rightfully mine plus a bit more for effort and leave a trail pointing to the NSA :p **sigh** It's nice to dream.
  6. TheBigFatClown

    TheBigFatClown TS Guru Posts: 669   +245

    Mark Zergerburger has net assets worth 26 billion dollars and he offers a $500.00 reward for finding serious bugs? LOL. Can you spare it Mr. Zergerburger? That is hilarious. I'll bet Mr. Zergerburger laughs inside everytime he pays somebody $500.00 for finding serious bugs. That is what I call rape in the first degree.

    I'd kick mark right in the nuts if he tried to hand me a check for $500.00. What a slap in the face.
  7. cliffordcooley

    cliffordcooley TS Guardian Fighter Posts: 9,171   +3,262

    Can you imagine what he does every time he uses a BS excuse, not to pay for legitimate claims?
  8. If FB said "it's not a bug" why the punishment, although no reason to pay either.. It's hard to compute solution to this :D
  9. tipstir

    tipstir TS Ambassador Posts: 2,425   +112

    Bad code on FB part should have been debugged.. Timeline is not secured as we all were told. FB like so many protection areas are not protected.
  10. Adhmuz

    Adhmuz TechSpot Paladin Posts: 1,769   +598

    Facebook is run by *******s, big surprise there, Mark Zuckerberg is the biggest of them all and this is just another reason to not have a FB account. If I was in Khalil Shreateh's shoes I'd do anything and everything in my power to make the jobs of the people running FB's security a living hell for the next foreseeable while. He got scammed, the way a lot of people do and he has all the right to be upset. Also $500 is such a joke, at least Google offers 10 times that for exploits and even more if its a serious issue.
    wastedkill and cliffordcooley like this.
  11. RenGood08

    RenGood08 TS Booster Posts: 185   +13

    Wow...seriously Facebook? That is just....ugh. Makes me want to close my account even more.
  12. Lurker101

    Lurker101 TS Evangelist Posts: 798   +318

    Instead of talking, why not just do it? Or are you one of those people who threaten to close their facebork profile every time there's a little bit of drama?
  13. RenGood08

    RenGood08 TS Booster Posts: 185   +13

    No. I have family members I can get ahold of easily and they atleast have facebook. So I keep it JUST for them. =P
  14. RenGood08

    RenGood08 TS Booster Posts: 185   +13

    I could be more dramatic about it. I THINK about it. Doesn't mean I WILL do it. =P
  15. Logic Overflow

    Logic Overflow TS Rookie

    It seems you're the type of person who just likes to stir the pot. *Corrected.
  16. Lurker101

    Lurker101 TS Evangelist Posts: 798   +318

    I'm the sort of person who's more than a little sick of people constantly "threatening" to leave facebork. They'll happily sit there, draw a line in the sand and declare loud and clear "if facebook crosses this line, I'm done". Then facebook inevitably crosses the line and instead of leaving, they'll take a step back and draw a new line in the sand until eventually, they're out of the sand and into tropical tundra.
    St1ckM4n likes this.
  17. Cycloid Torus

    Cycloid Torus TS Evangelist Posts: 2,627   +490

    Always thought FB full of holes, now certain. Never joined, probably never will.
    RenGood08 likes this.
  18. Adhmuz

    Adhmuz TechSpot Paladin Posts: 1,769   +598

    And what are you doing? If not contradicting yourself.
  19. NTAPRO

    NTAPRO TS Evangelist Posts: 809   +102

    "I has no choice"
  20. TheDreams

    TheDreams TS Addict Posts: 628   +68

    I bet the Facebook security team caught hell for this :p
  21. tipstir

    tipstir TS Ambassador Posts: 2,425   +112

    We all have family and close friends on FB. But lately I've been moving things off my timeline after this news.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...