Skip to main content
  1. Home
  2. Social Media
  3. News

A guy spammed Mark Zuckerberg’s wall because Facebook ignored his bug report

By
a guy spammed mark zuckerbergs wall because facebook ignored his bug report zuckerberg hack
Image used with permission by copyright holder

You often hear stories about how a hacker breaks into a business’s website, then the company ends up hiring said hacker as some sort of consultant to prevent future attacks. For some reason, we doubt Facebook is going to take on Khalil Shreateh, an IT researcher from Palestine, after he hacked into Mark Zuckerberg’s wall to prove his security bug report.

Let’s be fair, we’re sure Shreateh had good intentions. Earlier this month, the researcher discovered a bug that allowed him to post on any user’s Facebook wall regardless of privacy settings. He even tested the vulnerability on Sarah Goodin – one of Zuckerberg’s Harvard friends. After reporting the bug to Facebook, the company’s security engineer identified as Emrakul did little to help, only replying in one sentence responses. “I dont see anything when I click link except an error,” wrote one email. “I am sorry this is not a bug.”

Recommended Videos

Frustrated, Shreateh felt he had to choice but to prove his point on the Zuck’s wall, hoping that by reporting to the CEO directly, someone will address the security flaw. “First sorry for breaking your privacy and post to your wall , i has no other choice to make after all the reports i sent to Facebook team,” Shreateh wrote, before providing descriptions and links to the issue. As if the matter wasn’t comical enough, Shreateh’s profile photo is a picture of Edward Snowden. 

Related

Shortly after the post, another Facebook engineer named Ola Okelola contacted Shreateh for more details. As a result, Shreateh’s Facebook was temporarily disabled as a “precaution,” and Okelola explained to Shreateh that his report did not contain enough technical information for the team to take action. Facebook also said it cannot pay Shreateh a reward since he exploited the vulnerability, thus violating the site’s terms of service.

“We get hundreds of reports every day,” a Facebook engineer commented on Hacker News, noting that the bug had been fixed since last Thursday. “Exploiting bugs to impact real users is not acceptable behavior for a white hat [report].” The company does admit, however, that the first engineer should have followed up and asked Shreateh for more details – so it looks like the whole situation was just a case of two completely misguided IT men.

Editors' Recommendations

Topics
Natt Garun
Natt Garun
Former Digital Trends Contributor
An avid gadgets and Internet culture enthusiast, Natt Garun spends her days bringing you the funniest, coolest, and strangest…
Bluesky barrels toward 1 million new sign-ups in a day
Bluesky social media app logo.

Social media app Bluesky has picked nearly a million new users just a day after exiting its invitation-only beta and opening to everyone.

In a post on its main rival -- X (formerly Twitter) -- Bluesky shared a chart showing a sudden boost in usage on the app, which can now be downloaded for free for iPhone and Android devices.

Read more
How to make a GIF from a YouTube video
woman sitting and using laptop

Sometimes, whether you're chatting with friends or posting on social media, words just aren't enough -- you need a GIF to fully convey your feelings. If there's a moment from a YouTube video that you want to snip into a GIF, the good news is that you don't need complex software to so it. There are now a bunch of ways to make a GIF from a YouTube video right in your browser.

If you want to use desktop software like Photoshop to make a GIF, then you'll need to download the YouTube video first before you can start making a GIF. However, if you don't want to go through that bother then there are several ways you can make a GIF right in your browser, without the need to download anything. That's ideal if you're working with a low-specced laptop or on a phone, as all the processing to make the GIF is done in the cloud rather than on your machine. With these options you can make quick and fun GIFs from YouTube videos in just a few minutes.
Use GIFs.com for great customization
Step 1: Find the YouTube video that you want to turn into a GIF (perhaps a NASA archive?) and copy its URL.

Read more
I paid Meta to ‘verify’ me — here’s what actually happened
An Instagram profile on an iPhone.

In the fall of 2023 I decided to do a little experiment in the height of the “blue check” hysteria. Twitter had shifted from verifying accounts based (more or less) on merit or importance and instead would let users pay for a blue checkmark. That obviously went (and still goes) badly. Meanwhile, Meta opened its own verification service earlier in the year, called Meta Verified.

Mostly aimed at “creators,” Meta Verified costs $15 a month and helps you “establish your account authenticity and help[s] your community know it’s the real us with a verified badge." It also gives you “proactive account protection” to help fight impersonation by (in part) requiring you to use two-factor authentication. You’ll also get direct account support “from a real person,” and exclusive features like stickers and stars.

Read more