In order
to prove that social media giant Facebook has a security flaw that can
allow people to post on someone's wall without being in their friends'
list, a security researcher went a step ahead to prove his point and
posted about the bug on the CEO's wall.
Palestine initially tried to report the bug to Facebook's security team
before posting something to Sarah Goodin's wall, a friend of Facebook
CEO Mark Zuckerberg but he was not taken seriously till then.
Shreateh then used the bug and posted a message on Zuckerberg's wall
and explained about the flaw which prompted immediate action and within
minutes the site's security engineer contacted him and asked for the
details.
Facebook has a bounty program where it pays people to report bugs instead of using them maliciously but it did not pay the $US500+ fee amount to Shreateh because they cited him violating the site's terms of service, although, they asked him to continue to help them find bugs.
The site's security team then later confirmed that the bug had been fixed and added that bounty was denied because Shreateh did not include enough technical info when he tried to report the bug, the report added.
Facebook has a bounty program where it pays people to report bugs instead of using them maliciously but it did not pay the $US500+ fee amount to Shreateh because they cited him violating the site's terms of service, although, they asked him to continue to help them find bugs.
The site's security team then later confirmed that the bug had been fixed and added that bounty was denied because Shreateh did not include enough technical info when he tried to report the bug, the report added.
Comments
Post a Comment