Hack Mark Zuckerberg’s Facebook page, collect $11,000


Turns out, hacking Mark Zuckerberg’s Facebook page is a great idea.

Khalil Shreateh, the Palestinian security researcher who made headlines earlier this week after posting a message to Zuckerberg’s Timeline to prove that he had discovered a flaw in Facebook’s security settings, will receive more than $11,000 for his efforts. But the money is not coming from Facebook. Instead, Shreateh can thank a crowdfunding campaign launched by a fellow member of the security community for his payday.

Khalil Shreateh
Khalil Shreateh

The campaign was started on Monday by BeyondTrust CTO Marc Maiffret, who contributed the first $3,000 towards the $10,000 campaign goal. According to ZDNet, another $3,000 came from Firas Bushnaq, founder of eEye Digital Security, a BeyondTrust subsidiary. At the time of this writing, the campaign has raised $11,335 (and counting) from more than 200 donors.

“All proceeds raised from this fund will be sent to Khalil Shreateh to help support future security research,” writes Maiffret in a note on the campaign page.

Shreateh had previously reported the vulnerability to Facebook’s engineers, as part of the company’s bug bounty program, which awards those who discover bugs a minimum of $500 for their discoveries. But the company ignored Shreateh’s bug report. In the message posted to Zuckerberg’s Facebook page, Shreateh said he had “no other choice” but to demonstrate the vulnerability in a public fashion.

Facebook later said it would investigate the bug, which lets anyone post on any Facebook user’s page, regardless of privacy settings – a flaw that could allow spammers to wreak havoc on the social network. Rather than pay Shreateh for bringing it to their attention, however, the company temporarily shut down Shreateh’s Facebook page, and said he was ineligible for a bug bounty because he violated the social network’s terms of service.

We’ve reached out to Shreateh for a response to the community’s generosity, and will update this post with any response we receive. Update: Shreateh tells Digital Trends, “I would thank Marc and all those who donate to make this word a better and more secure.”

Smart Home

Angee’s security service switches from sales to subscriptions

Angee, a successful startup that raised nearly half a million dollars for its home security hub, has pivoted its business model to offer its home security platform as a subscription rather than a smart home product.

Despite serious security flaws, D-Link will (again) not patch some routers

D-Link revealed that it won't patch six router models despite warnings raised by a security researcher. The manufacturer, for the second time in a span of about a year, cited end-of-life policies for its decision to not act.
Emerging Tech

You’re so vein: Palm-based biometric system could help confirm your identity

Move over, Face ID! The next biometric security systems could rely on analyzing the unique vein patterns in your palm print. Here are some of the ways the technology could prove useful.
Social Media

Tumblr promises it fixed a bug that left user data exposed

A bug on blogging site Tumblr left user data exposed. The company says that once it learned of the flaw, it acted quickly to fix it, adding that it's confident no data linked to its users' accounts was stolen.
Social Media

These are the best ways to make an animated GIF

Love sharing GIFs with your friends and peers, but wish you could make your own? Here's how to do so in Photoshop, or using a few other methods that don't require you to shell out a premium fee with each calendar year.

Hinge's new feature wants to know who you've gone out on dates with

With its new "We Met" feature, Hinge wants to learn how your dates are going with matches in its app. That way, it can inject the information into its algorithm to provide future recommendations that better suit its users' preferences.
Social Media

Like a pocketable personal stylist, Pinterest overhauls shopping tools

Pinterest shopping just got a bit better with a trio of updates now rolling out to Pinterest. The first replaces Buyable Pins with Product Pins for more features, including knowing whether or not a product is in stock.
Smart Home

Facebook’s new Portal device can collect your data to target your ads

Facebook confirmed that its new Portal smart displays, designed to enable Messenger-enabled video calls, technically have the capability to gather data on users via the camera and mic onboard.
Social Media

YouTube is back after crashing for users around the world

It's rare to see YouTube suffer serious issues, but the site went down around the world for a period of time on October 16. It's back now, and we can confirm it's loading normally on desktop and mobile.
Social Media

Twitter has sorted out those weird notifications it was sending

Twitter started churning out weird notifications of seemingly nonsensical letters and numbers to many of its users on Tuesday morning. The bizarre incident even prompted Twitter boss Jack Dorsey to get involved.

Adobe MAX 2018: What it is, why it matters, and what to expect

Each year, Adobe uses its Adobe MAX conference to show off its latest apps, technologies, and tools to help simplify and improve the workflow of creatives the world over. Here's what you should expect from this year's conference.
Home Theater

Facebook might be planning a streaming box for your TV that watches you back

Facebook is reportedly working on a piece of streaming media hardware for your living room with a built-in camera for video calls, something people may not want given the company's recent controversies.

Adobe’s craziest new tools animate photos, convert recordings to music in a click

Adobe shared a glimpse behind the scenes at what's next and the Creative Cloud future is filled with crazy A.I.-powered tools, moving stills, and animation reacting to real-time tweets.
Social Media

Over selfies and an onslaught of ads? Here's how delete your Instagram account

Despite its outstanding popularity and photo-sharing dominance, Instagram isn't for everyone. Thankfully, deleting your account is as easy as logging into the site and clicking a few buttons. Here's what you need to do.