Copyright Policy Privacy Policy Contact Us Instagram Facebook
Top Rated Posts ....
Oye Saman Uthao, Ab Nhn Chalay Ga - Maryam Nawaz warns against abuse of authority in PERA Oye Saman Uthao, Ab Nhn Chalay Ga - Maryam Nawaz warns against abuse of authority in PERA 14 Prisoners escaped Adiala Jail prison van in dramatic way 14 Prisoners escaped Adiala Jail prison van in dramatic way WhatsApp announces to introduce a new but unique feature WhatsApp announces to introduce a new but unique feature Amazing scene: Turkmenistan witnesses rare Amazing scene: Turkmenistan witnesses rare "Roll Cloud" Hackers played Pakistan National Anthem on Indian news channels during Presidential speech Hackers played Pakistan National Anthem on Indian news channels during Presidential speech Virat Kohli meets special Pakistani kid at Lords Virat Kohli meets special Pakistani kid at Lords


Facebook CEO Mark Zuckerberg is unlikely to forget the name Khalil Shreateh in a hurry after what happened to him recently.

Some time back, Palestinian security researcher Khalil got in touch with Facebook team to inform them about a bug that lets anyone post to someone's Facebook wall, even if they are not friends with the individual on Facebook. Khalil claims he shared details of the vulnerability with the Facebook team after having successfully tested it by posting to the Facebook wall of Sarah Goodin, a friend of the Facebook CEO.

Despite having attached a screenshot of his post on Goodin's wall (someone who he obviously wasn't Facebook friends with), the Facebook security team rejected Khalil's claims saying, "I am sorry this is not a bug."

Upset at the rebuff, Khalil decided to notify Facebook Mark Zuckerberg himself, by using the bug to post directly to his wall. Within minutes of the post, Khalil reportedly heard from Facebook security engineer Ola Okelola, requesting details of the exploit. Facebook also temporarily disabled Khalil's account as it investigated the issue, to prevent him from exploiting the bug.

Ultimately, Facebook acknowledged the bug and re-enabled Khalil's account. However, Khalil, who detailed the incident on his blog, will not be eligible for the $500 payout that Facebook gives to security researchers that help find bugs, as he used real accounts instead of dummy accounts to demonstrate the bug, which is a violation of Facebook's policies.

In case you are wondering what happened to the bug itself, another Facebook engineer has revealed that the bug was fixed on Thursday.

Source



Comments...