News

Zuckerberg's Timeline Hacked By Guy Proving Point

by Jenny Hollander

Oh, Zuck, this is awkward.

A Palestinian hacker got into Mark Zuckerberg's Timeline and posted on Zuck's Wall, making the point that Facebook had a bug making it easy to do just that. Web developer Khalil Shreateh had contacted Facebook's security authorities when he first spotted the bug, but when they didn't fix things, he took matters into his own hands.

Usually, when technies spot a bug impairing Facebook's function, they can submit it to the company's "white hat disclosure" program and receive money in return. (At least $500, according to this info page.) Shreateh tried that, but, according to Facebook, he didn't include enough technical information for them to fix the bug. So Facebook just, uh, left it.

The bug gave users the opportunity to post publicly on anyone's Facebook wall, regardless of whether or not they knew them or were Facebook friends with them. On Thursday, Facebook announced it had fixed the bug — we imagine, quite shamefully.

Shreateh wasn't allowed to submit his bug for a bounty after his Zuck-invasion. "Unfortunately," explained Facebook in a written response, "you have violated our Terms of Service." Oh, and his account got suspended.

Sheesh.