Finally getting his message across by targeting the CEO himself, Khalil Shreateh posted on Mark Zuckerberg”s Facebook timeline to demonstrate a serious security flaw with the site.
The Palestinian security researcher repeatedly reported the bug to the company, that allowed people to post on a non-friend”s timeline, but was told “this is not a bug.”
Getting nowhere, Shreateh then went straight to the source and posted on Zuckerberg”s timeline the following message, “First, sorry for breaking your privacy and post(ing) to your wall, I (had) no other choice to make after all the reports I sent to (the) Facebook team.” Later, he shared a YouTube video detailing the process.
According to Facebook software engineer Matt Jones, “We should have asked for additional repro[duction] instructions after his initial report. Unfortunately, all he submitted was a link to the post he”d already made Had he included the video initially, we would have caught this much more quickly.” The hole has since been patched.