Fact: all the software bug. Applications are very complex and not always hold the developers are going to be errors. That simple truth has many software companies to bring these issues to the bug bounties, offer cash prizes. Thought it helps to build more secure software that not only is to find problems and bad guys to exploit them without knowing about it rather than to report them to motivate good people. Facebook has created its own reward program two years ago.
Late yesterday, RT news a security researcher from Palestine by the name of Khalil twice Facebook security team to submit a bug report. The second response just ' it's not a bug I'm sorry. "said, the problem of trying to persuade Facebook to safety after getting nowhere, Khalil decided to go directly to the Facebook CEO Mark Zuckerberg
Dear Mark Zuckerberg,
First sorry for breaking your privacy and post to your wall , i has no other choice to make after all the reports i sent to Facebook team .
My name is KHALIL, from Palestine .
couple days ago i discovered a serious Facebook exploit that allow users to post to other Facebook users timeline while they are not in friend list .
i report that exploit twice , first time i got a replay that my link has an error while opening , other replay i got was " sorry this is not a bug " . both reports i sent from www.facebook.com/whitehat , and as you see iam not in your friend list and yet i can post to your timeline .
this is the last email i sent including the Facebook team replay .
http://pastebin.com/zzi2WYK6
i appreciate your time reading this and getting some one from your company team to contact me .
sincerelyTo post a message to the wall of the Zuckerberg of Facebook within minutes of all of the details of the request to take advantage of Khalil contacted. They worked on a fix, while the company has blocked your account. The issue quickly was fixed by engineers of Facebook, but they claim their actions violate the terms of service because the company refuses to pay the bug bounty.
khalil
They may be technically correct-the first one posted on the wall of random woman instead to a test account must be created to follow the spirit of the rules-we had been and still must be paid to its conclusion. Facebook security issues, but a cap on the amount paid the minimum amount is $ 500.
It was a bug in the Cynics, but used the NSA to spy on those glasses may not be part of the program that are saying, but we find that hard to believe.
Source: RT News
Post a Comment
Note: only a member of this blog may post a comment.