Zuckerberg's Facebook page hacked to prove security flaw

  • 20 August 2013
  • 9 replies
  • 3 views

Userlevel 7

CNN Mon August 19, 2013

 
"A Palestinian researcher posted a message on Facebook CEO Mark Zuckerberg's page last week after he says the site's security team didn't take his warnings about a security flaw seriously."
 
Full Article
 
Apparently letting Facebook know about a vulnerability was not enough to prove it, so the hole in question was tested and proven on Zuckerberg's own Facebook profile.  For a company that holds profiles and personal information for a massive number of people (myself included), I find it even more disturbing that evidently the researcher had tried other ways to warn Facebook of the vulnerability only to have the warning dismissed.
 
Security holes happen, and many companies have paid a dear price for them, but in this case the hacker was not trying to steal information, only to inform the company before someone less savory did.  Facebook needs to seriously question its methods and means of keeping secure, as well as how they treat reports of potential breaches. 
 



 
Shame on you Facebook, you really dropped the ball on this one.  I am just glad it was someone with an honest intent who discovered it and hope that he is the only one who has found it!
 
 
 
 

9 replies

Userlevel 7
Badge +56
Another good reason I'm not a facebook user.


 
Daniel
Userlevel 7
@ wrote:
Another good reason I'm not a facebook user.


 
I'll second that TH. Thanks David for posting. I showed my Wife this post but I don't think it did any good. Now she's tweeting and she want's to get a tablet soon. Tweeting / Facebook / Tablet / Happy Clicker, I think I'll be joining the Funny Farm soon.

Userlevel 7
Badge +56
@ wrote:
@ wrote:
Another good reason I'm not a facebook user.


 
I'll second that TH. Thanks David for posting. I showed my Wife this post but I don't think it did any good. Now she's tweeting and she want's to get a tablet soon. Tweeting / Facebook / Tablet / Happy Clicker, I think I'll be joining the Funny Farm soon.


At least you have WSA to protect you from her happy clicking and then yelling at you about it.


 
Daniel in the Lions Den.
Userlevel 7
Yes, Yes...... Thank you Webroot! 

Userlevel 7
Badge +56
@ wrote:
Yes, Yes...... Thank you Webroot! 


This is news to me! Wow...
Userlevel 7
Badge +56
Hello and Welcome to the Webroot Community!
 
Not really it's from a year ago.
 
Cheers,
 
Daniel 😉
Userlevel 5
I like the sleeping emoji
Userlevel 7
Badge +56
The article is pretty interesting.  Because he exploited the breach after the failed report, he is disqualified from receiving a bug bounty under FB's program.  Due to that a kind soul started a fundraiser to get him some money as compensation and raised over $8k.

Reply