A skilled computer hacker from the Palestinian Authority, Khalil Shreateh, found a dangerous glitch in the privacy sector of Facebook. Yet, after his warnings were generally ignored by Facebook, Shreateh took matters up with the CEO of the company, Mark Zuckerberg, by breaking the rules and posting on Zuckerbergs’s wall, reported the Daily Mail.
The native Arabic speaker wrote to the Facebook security team: “My name is Khalil Shreateh. I finished school with B.A degree in Information Systems . I would like to report a bug in your main site (www.facebook.com) which i discovered it [sic]…The bug allow Facebook users to share links to other facebook users, I tested it on Sarah.Goodin wall and I got success post.”
Shreateh is referring to Mark Zuckerberg’s fellow Harvard alumnus, Sarah Goodin, whose Facebook page was used to prove the point that hackers have the ability to post information on anyone’s pages, regardless if you are “friends” with that person.
The security team, however, responded to Shreateh saying that it “was not a bug” and did not fix the obvious issue.
That’s when Shreateh used the hacking method to write on the Facebook founder’s personal wall with this message: “First sorry for breaking your privacy and post to your wall, I has no other choice to make after all the reports I sent to Facebook team.”
The post has since been removed from Zuckerberg’s page, but the plea was answered within minutes after Shreateh contacted the founder’s Facebook.
Since Shreateh used this unorthodox method to catch Facebook’s attention in order to finally convince them of the threat, Facebook later denied him the bounty reward usually given to programmers who report holes in the site’s security.
Validated reports of glitches are usually worth $500.
“In order to qualify for a payout you must make a good faith effort to avoid privacy violations and use a test account instead of a real account when investigating bugs,”’ said Matt Jones from Facebook’s security team.
By posting to Zuckerberg and Goodin’s accounts, says Jones, Shreateh violated the terms of service and will not be rewarded for his find.
Facebook said that it welcomes Shreateh to inform them of any additional glitches he may find for them in the future.
“[We] will pay out for future reports from him,’ writes Jones, “if they’re found and demonstrated within these guidelines.”
Source material can be found at this site.