A lot of Facebook users dream of hacking their friend’s accounts. In fact, a lot of friends have asked me personally to teach them hack FB accounts, even though I have no idea how. But, I think this Palestinian guy could definitely help those desperate people because he has just hacked the single most important account on Facebook, the account of its’ creator, Mark Zuckerberg.
Khalil Shreateh only did this to raise awareness over an exploit on Facebook systems that allowed anyone to post on a profile timeline. Apparently he reported this bug several times and ended up getting the same response from Facebook, which said “this is not a bug”. But this immediately became a bug after he demonstrated this on Mark Zuckerberg’s account.
As soon as this happened, Khalil’s Facebook account got disabled and Mr. Zuck has removed this controversial post from his timeline as well. And, after the Facebook security team has fixed this bug, they gave back Khalil’s account. However, it seems like he won’t receive the $500 prize money for discovering a bug on the system as he has violated Facebook terms of service by hacking someone else’s account. As Khalil explains on his blog post, his only intention was to let Facebook know of this bug, in the hopes of landing himself a job. Clearly, this guy’s got great coding skills, I admire him for going this length to prove Facebook wrong. But it seems he has followed some unconventional ways to do it.
With this story going viral, Facebook Security Engineer Matt Jones came to explain the situation via a Hacker News post.
“We get hundreds of reports every day. Many of our best reports come from people whose English isn’t great – though this can be challenging, it’s something we work with just fine and we have paid out over $1 million to hundreds of reporters. However, many of the reports we get are nonsense or misguided, ” Jones also explained why they couldn’t accept Khalil’s bug report “However, the more important issue here is with how the bug was demonstrated using the accounts of real people without their permission. Exploiting bugs to impact real users is not acceptable behavior for a white hat.”
I think Khalil’s inability to speak English fluently may have caused this to end up badly. And, it’s clear that Facebook didn’t take this matter very seriously from the beginning, which lead this guy no choice to take drastic measures to prove his theory. I’m no expert but, I think Facebook should make an exception just this once to appreciate this guy’s efforts.
(All the images, trademarks, logo’s shown on this post are the property of their respective owners)
Roshan Jerad Perera