Skip to main content

A guy spammed Mark Zuckerberg’s wall because Facebook ignored his bug report

You often hear stories about how a hacker breaks into a business’s website, then the company ends up hiring said hacker as some sort of consultant to prevent future attacks. For some reason, we doubt Facebook is going to take on Khalil Shreateh, an IT researcher from Palestine, after he hacked into Mark Zuckerberg’s wall to prove his security bug report.

Let’s be fair, we’re sure Shreateh had good intentions. Earlier this month, the researcher discovered a bug that allowed him to post on any user’s Facebook wall regardless of privacy settings. He even tested the vulnerability on Sarah Goodin – one of Zuckerberg’s Harvard friends. After reporting the bug to Facebook, the company’s security engineer identified as Emrakul did little to help, only replying in one sentence responses. “I dont see anything when I click link except an error,” wrote one email. “I am sorry this is not a bug.”

Recommended Videos

Frustrated, Shreateh felt he had to choice but to prove his point on the Zuck’s wall, hoping that by reporting to the CEO directly, someone will address the security flaw. “First sorry for breaking your privacy and post to your wall , i has no other choice to make after all the reports i sent to Facebook team,” Shreateh wrote, before providing descriptions and links to the issue. As if the matter wasn’t comical enough, Shreateh’s profile photo is a picture of Edward Snowden. 

Shortly after the post, another Facebook engineer named Ola Okelola contacted Shreateh for more details. As a result, Shreateh’s Facebook was temporarily disabled as a “precaution,” and Okelola explained to Shreateh that his report did not contain enough technical information for the team to take action. Facebook also said it cannot pay Shreateh a reward since he exploited the vulnerability, thus violating the site’s terms of service.

“We get hundreds of reports every day,” a Facebook engineer commented on Hacker News, noting that the bug had been fixed since last Thursday. “Exploiting bugs to impact real users is not acceptable behavior for a white hat [report].” The company does admit, however, that the first engineer should have followed up and asked Shreateh for more details – so it looks like the whole situation was just a case of two completely misguided IT men.

Natt Garun
An avid gadgets and Internet culture enthusiast, Natt Garun spends her days bringing you the funniest, coolest, and strangest…
Bluesky finally adds a feature many had been waiting for
A blue sky with clouds.

Bluesky has been making a lot of progress in recent months by simplifying the process to sign up while at the same time rolling out a steady stream of new features.

As part of those continuing efforts, the social media app has just announced that users can now send direct messages (DMs).

Read more
Reddit just achieved something for the first time in its 20-year history
The Reddit logo.

Reddit’s on a roll. The social media platform has just turned a profit for the first time in its 20-year history, and now boasts a record 97.2 million daily active users, marking a year-over-year increase of 47%. A few times during the quarter, the figure topped 100 million, which Reddit CEO and co-founder Steve Huffman said in a letter to shareholders had been a “long-standing milestone” for the site.

The company, which went public in March, announced the news in its third-quarter earnings results on Tuesday.

Read more
Worried about the TikTok ban? This is how it might look on your phone
TikTok splash screen on an Android phone.

The US Supreme Court has decided to uphold a law that would see TikTok banned in the country on January 19. Now, the platform has issued an official statement, confirming that it will indeed shut down unless it gets some emergency relief from the outgoing president.

“Unless the Biden Administration immediately provides a definitive statement to satisfy the most critical service providers assuring non-enforcement, unfortunately TikTok will be forced to go dark on January 19,” said the company soon after the court’s verdict.
So, what does going dark mean?
So, far, there is no official statement on what exactly TikTok means by “going dark.” There is a lot of speculation out there on how exactly the app or website will look once TikTok shutters in the US.

Read more