A
man who hacked into Mark Zuckerberg's Facebook page to expose a
software bug is getting donations from hackers around the world after
the company declined to pay him under a program that normally rewards
people who report flaws.
Khalil
Shreateh discovered and reported the flaw but was initially dismissed
by the company's security team. He then posted a message on the
billionaire's wall to prove the bug's existence. Now,
Marc Maiffret, chief technology officer of cybersecurity firm
BeyondTrust, is trying to mobilise fellow hackers to raise a $10,000
reward for Shreateh after Facebook refused to compensate him. Maiffret,
a high school dropout and self-taught hacker, said on Tuesday he has
raised about $9,000 so far, including the $2,000 he initially
contributed. He
and other hackers say Facebook unfairly denied Shreateh, a Palestinian,
a payment under its "Bug Bounty" program. It doles out at least $500 to
individuals who bring software bugs to the company's attention. "He
is sitting there in Palestine doing this research on a five-year-old
laptop that looks like it is half broken," Maiffret said. "It's
something that might help him out in a big way." Shreateh
uncovered the flaw on the company's website that allows members to post
messages on the wall of any other user, including Zuckerberg's. He
tried to submit the bug for review but the website's security team did
not accept his report. He
then posted a message to Zuckerberg himself on the chief executive
officer's private account, saying he was having trouble getting his
team's attention.
"Sorry for breaking your privacy," Shreateh said in the post.
No comments:
Post a Comment