Web Users Reward Researcher Who Exposed Facebook Flaw

SAN FRANCISCO – Internet users have raised more than $11,000 to reward a Palestinian security researcher who hacked into Facebook chief Mark Zuckerberg’s profile to expose a security flaw.

The fundraising campaign on the website GoFundMe raised $11,045 from 179 people in one day for Khalil Shreateh, and was continuing to take donations after he was denied a “Facebook Bounty.”

“I hope this has raised awareness of the importance of independent researchers,” said Marc Maiffret, a security expert at the firm Beyond Trust who led the effort.

“I equally hope it has reminded other researchers that while working with technology companies can sometimes be frustrating, we can never forget the greater goal; to help the Internet community at large.”

While Facebook offers rewards for those who find security holes, the company said Shreateh went too far by posting the information on Zuckerberg’s own profile page without getting consent.

Shreateh said on his blog he found a way for a Facebook user to circumvent security and modify another’s timeline, even if they were not friends on the network.

He said he took the unusual step of hacking into Zuckerberg’s profile after being ignored by the Facebook security team.