Need to get Facebook to pay attention when you want to report a bug? Here's how.
Snubbed by Facebook, Security Researcher Hacks Zuckerberg's Page : Read more
Snubbed by Facebook, Security Researcher Hacks Zuckerberg's Page : Read more
Snubbed by Facebook, Security Researcher Hacks Zuckerberg's Page
- Thread starter Guest
- Start date
-
- Tags
- Status
dalethepcman
Distinguished
- Jul 1, 2010
- 541
- 0
- 18,940
"Top Facebook hacker Nir Goldshlager, who's received many Facebook bug bounties, lives right over the border in Israel."
Uhh... yeah because Palestinians and Israelite's are historically known for getting along great...
That was sarcasm by the way.
On topic, This guy really should have given facebook more than 2 days to deal with this.
Uhh... yeah because Palestinians and Israelite's are historically known for getting along great...
That was sarcasm by the way.
On topic, This guy really should have given facebook more than 2 days to deal with this.
I think he handled it pretty well. He didn't hack zuckerberg's page and delete everything replacing his profile pic with fail.gif. He posted a very straightforward message stating the exact nature of the exploit.
They shouldn't snuff the only guy that actually cares about facebook's security. Either pay him or deduct $5000 from the guy who ignored his warning.
They shouldn't snuff the only guy that actually cares about facebook's security. Either pay him or deduct $5000 from the guy who ignored his warning.
No. Pay him and it's open season on reporting exploits. They are quite right. I think from his English the fact that he couldn't even link his own proof, I am not going to vilify the guy that turned down his email.
Still all credit to him for finding such an exploit. I don't think however the vulnerability extended to allowing him to delete all of Mr. Zuckerbergs posts.
Still all credit to him for finding such an exploit. I don't think however the vulnerability extended to allowing him to delete all of Mr. Zuckerbergs posts.
All lot of comprehension errors here.
The security guy blew it when he clicked on the link without using his authority to view the page. If you click on the page without being a friend as he clearly stated, it would not work Duh.
He did not delete anything on Zuck's page.
@mman74 Did you bother to read the article? FB pays for bug reports.
FB sec is about as good as Geek Squad.
Pay the man, he needs the money, he chose to do the right thing.
The security guy blew it when he clicked on the link without using his authority to view the page. If you click on the page without being a friend as he clearly stated, it would not work Duh.
He did not delete anything on Zuck's page.
@mman74 Did you bother to read the article? FB pays for bug reports.
FB sec is about as good as Geek Squad.
Pay the man, he needs the money, he chose to do the right thing.
razor512
Distinguished
- Jun 16, 2007
- 501
- 0
- 18,940
That is complete disrespect. He should release the exploit before they can patch it. Or sell the next few exploits.
If I ran a company that had a security policy of paying people to report exploits and a worker did this to someone attempting to report a security issue. I would fire them on the spot, and depending on how pissed off I was, I would sue them for trying to destroy the company.
If I ran a company that had a security policy of paying people to report exploits and a worker did this to someone attempting to report a security issue. I would fire them on the spot, and depending on how pissed off I was, I would sue them for trying to destroy the company.
razor512
Distinguished
- Jun 16, 2007
- 501
- 0
- 18,940
That is complete disrespect. He should release the exploit before they can patch it. Or sell the next few exploits.
If I ran a company that had a security policy of paying people to report exploits and a worker did this to someone attempting to report a security issue. I would fire them on the spot, and depending on how pissed off I was, I would sue them for trying to destroy the company.
If I ran a company that had a security policy of paying people to report exploits and a worker did this to someone attempting to report a security issue. I would fire them on the spot, and depending on how pissed off I was, I would sue them for trying to destroy the company.
For those who REFUSE to read anything other than the mangled version of this story on Tom's he DID report the bug to Facebook several times and was ignored. It was only after being IGNORED several times that he hacked Zuckerberg's page (good riddance). The "We didn't understand you" excuse only came out AFTER Facebook refused to pay the bounty on the bug and there was a backlash.
This whole other security researcher is just in there to throw gas on the fire and has absolutely NOTHING to do with what actually happened.
This whole other security researcher is just in there to throw gas on the fire and has absolutely NOTHING to do with what actually happened.
Since quotes don't work with this retarded new comment system, I'll manually quote:
"This guy really should have given facebook more than 2 days to deal with this."
No, he should not have. How long does it take to fix a reproducible bug like this? 2 weeks? FB would need to fire their security coders if it took that long. The ridiculous length of time for bug fixing is the same reason Microsoft's products are so well known for being insecure.
"This guy really should have given facebook more than 2 days to deal with this."
No, he should not have. How long does it take to fix a reproducible bug like this? 2 weeks? FB would need to fire their security coders if it took that long. The ridiculous length of time for bug fixing is the same reason Microsoft's products are so well known for being insecure.
- Status
Similar threads
TRENDING THREADS
-
-
Discussion What new phone technology trends should we keep an eye on?- Started by Vandna Jadhav
- Replies: 2
-
-
Question What if the EU forced laptop makers to allow upgradeable ram and storage?
- Started by kionbo2
- Replies: 2
-
Question Why are windows laptop cameras so bad compared to other's?
- Started by bakriwa5
- Replies: 2
-
Question Best laptops for a student going to high school
- Started by joninte2
- Replies: 2
-
Question Which games are you playing right now please suggest me some- Started by happyclub
- Replies: 8
Facebook
Twitter