Hacker Exposes Facebook Flaw by Posting on Mark Zuckerberg's Timeline


Hacker Exposes Facebook Flaw by Posting on Mark Zuckerberg's Timeline

Finally getting his message across by targeting the CEO himself, Khalil Shreateh posted on Mark Zuckerberg”s Facebook timeline to demonstrate a serious security flaw with the site.

The Palestinian security researcher repeatedly reported the bug to the company, that allowed people to post on a non-friend”s timeline, but was told “this is not a bug.”

Getting nowhere, Shreateh then went straight to the source and posted on Zuckerberg”s timeline the following message, “First, sorry for breaking your privacy and post(ing) to your wall, I (had) no other choice to make after all the reports I sent to (the) Facebook team.” Later, he shared a YouTube video detailing the process.

According to Facebook software engineer Matt Jones, “We should have asked for additional repro[duction] instructions after his initial report. Unfortunately, all he submitted was a link to the post he”d already made Had he included the video initially, we would have caught this much more quickly.” The hole has since been patched.