A hacker who goes by the name of Khalil says he was forced to submit a bug report via Mark Zuckerberg’s Facebook wall today after his attempts to submit through traditional means were ignored. The Palestinian information system expert says he found a vulnerability in Facebook’s security system that wall posts from non-friends.
The security breech allows anyone to post on anyone else’s wall, whether they are on your list of friends or not. Khalil reported the vulnerability once he found it through the official Facebook security feedback page. The security team offers a $500 reward to those who find and report real security bugs. However, his report was ignored.
Khalil included a link to a post he made on another Facebook wall as an example, but the security crew responded with, “Sorry, this is not a bug.” In response, he felt he had no other option but to post the issue straight to Mark Zuckerberg’s, wall. He included his experience with the security team and screenshots of the whole ordeal in his post.
Within minutes, Khalil was contacted by a Facebook engineer about the issue. He was asked for more details on the vulnerability he found and his account was blocked earlier today until the security flaw was fixed. Even though the security team finally recognized his bug report, Khalil will receive no compensation because he violated Facebook’s terms of service in the way he brought it to their attention.
Facebook has since reinstated his account. You can view video Khalil took while reproducing the bug below:
VIA RT News