Wow, A Palestinian man hacked into Zuckerberg's Facebook page to demonstrate how much its security sucks. This happened after his efforts to communicate the access hole were snubbed by the company's security team on numerous occasions.
Khalil, a Palestinian white hat hacker, submitted bug reports to Facebook about a vulnerability that allowed him to post on anyone's wall. But Facebook's security team didn't do anything. So Khalil wrote on Mark Zuckerberg’s wall about it.
Khalil explains on his blog that he submitted a full description of the bug, plus follow-up proof of its existence to the Facebook security feedback page, where researchers can win rewards of at least $500 for finding significant vulnerabilities. Then he submitted again. The second time he got an e-mail back that said, "I am sorry this is not a bug."
When he posted on Zuckerberg's wall, Khalil said, "First sorry for breaking your privacy and post to your wall , i has no other choice to make after all the reports i sent to Facebook team ." He then detailed the situation and provided links.
Within minutes, a Facebook engineer contacted Khalil for more information and then blocked his account "as a precaution" while a security team fixed the bug. Later his account was re-enabled.
No comments:
Post a Comment
WE LOVE TO HEAR FROM YOU, PLEASE DROP YOUR COMMENTS :)