Today on Bud’s Weekly Geek-out . . . What’s a conscientious geek to do when he discovers a Facebook exploit (allowing anyone to post anything to anyone else’s Timeline), but Facebook security doesn’t believe him?
Why, post it on Mark Zuckerberg’s Timeline, of course!
That’s exactly what Palestinian security researcher Khalil Shreateh did when Facebook’s own security services wouldn’t follow up on his report of the exploit.
Of course, posting about it on Zuck’s Timeline got him action within minutes. Action like having his Facebook account disabled as a security precaution.
Facebook says the initial report didn’t contain enough technical information to move on, and suggested that he make a video next time. After patching the exploit and restoring Khalil’s account, they did indeed admit that they should’ve asked for more details when it was first reported. =) Bud