Tech Made Simple

Hot Topics: How to Fix Bluetooth Problems | How to Cut the Cable Cord | Best Fitness Trackers Under $50 | Complete Guide to Facebook Privacy

Top News Stories

author photo

Mark Zuckerberg's Facebook Timeline Hacked by Security Researcher

by on August 19, 2013
in Facebook, News, Computers and Software, Internet & Networking, Computer Safety & Support, Blog, Privacy, Social Networking :: 0 comments

Mark Zuckerberg Timeline hackMark Zuckerberg is a billionaire who owns one of the largest Internet companies in the world. But as an unemployed security researcher proved last week, even the most powerful man on the net can be hacked when Facebook disregards a security tip.

Recently, Palestinian security researcher Khalil Shreateh found a vulnerability that allowed him to disregard Facebook privacy settings and post to anyone’s wall – even people who were not his friends. He reported the security hole to Facebook using the site’s White Hat bug-reporting system, but had difficulty communicating the problem in English. As a result, Shreateh’s concerns were misunderstood and dismissed.

Feeling he was out of options, Shreateh decided to go over the heads of Facebook’s Security team and report the issue directly to the CEO using the bug. Wrote Shreateh directly on Zuckerberg’s timeline: “First sorry for breaking your privacy and post to your wall, I has no other choice to make after all the reports I sent to Facebook team [sic].”

Within minutes, a Facebook security engineer contacted Shreateh to get more information about the privacy problem. The issue has now been resolved, but not before Shreateh’s account was suspended “as a precaution.” It does not appear as if anyone exploited the vulnerability in a malicious manner before it was patched.

Normally, Facebook offers a $500 minimum bounty to those who report bugs and security vulnerabilities via the site's White Hat program. But because Shreateh broke a number of the program’s rules – hacking an account without permission is a no-no, even to prove a point – no money will be awarded. Facebook has since reinstated Shreateh's account.

Discussion loading

© 2015 Techlicious LLC. Home | About | Meet the Team | Sponsorship Opportunities | Newsletter Archive | Contact Us | Terms of Use | Privacy Policy

site design: Juxtaprose