New Delhi: An IT expert from Palestine who claimed to have discovered a Facebook vulnerability said he took his bug report to Mark Zuckerberg's Facebook page after being ignored by the social network's security team.
Khalil Shreateh first contacted the Facebook security team after proving the glitch was real by writing on the wall of a friend of the Facebook founder. But instead of fixing the issue, Facebook said it wasn't a bug. At the same time, Facebook also denied him the reward usually given to programmers who report holes in the site's security.
“My name is Khalil Shreateh. I finished school with B.A degree in Information Systems . I would like to report a bug in your main site (www.facebook.com) which i discovered it...The bug allow Facebook users to share links to other facebook users , I tested it on Sarah.Goodin wall and I got success post,” he said.
“Sorry for breaking your privacy,” he wrote in a since removed post to Zuckerberg, “I had no other choice…after all the reports I sent to Facebook team.”
Shreateh also warned about the security glitch and posted a grab of the post on his blog.
It is reported that executives at the social network site contacted him demanding to know how he'd hacked their bosses personal page.
Facebook has program which offers hackers reporting glitches around $500.
However, Facebook has denied giving Shreateh the money as it said: “In order to qualify for a payout you must "make a good faith effort to avoid privacy violations" and "use a test account instead of a real account when investigating bugs.”
By posting to Zuckerberg and Goodin's accounts, says Jones, Shreateh has violated the terms of service and will not be rewarded for his find.