Story highlights
Facebook CEO Mark Zuckerberg's personal page was hacked to make a point
Palestinian researcher says security team didn't take his reports seriously
Facebook says volume of reports, language barrier hindered its response
Khalil Shreateh won't get a reward for reporting the flaw
He tried to warn them.
A Palestinian researcher posted a message on Facebook CEO Mark Zuckerberg’s page last week after he says the site’s security team didn’t take his warnings about a security flaw seriously.
“First, sorry for breaking your privacy and post(ing) to your wall,” wrote Khalil Shreateh. “I (have) no other choice to make after all the reports I sent to (the) Facebook team.”
Shreateh, who describes himself as an unemployed security researcher with a degree in information systems, said he found a hole in Facebook’s systems that let him post to any user’s page, including users not on his Friends list.
Such an exploit would be a virtual gold mine for spammers, scam artists and others seeking to take advantage of the site’s roughly 1 billion users worldwide.
On his blog, Shreateh posted a series of e-mails he said were exchanged between him and Facebook security. After the first one, a Facebook employee responded that the link he attached was bad.
