<?xml version="1.0" encoding="UTF-8" standalone="yes"?><oembed><version><![CDATA[1.0]]></version><provider_name><![CDATA[Occupied Palestine | فلسطين]]></provider_name><provider_url><![CDATA[https://occupiedpalestine.wordpress.com]]></provider_url><author_name><![CDATA[occupiedpalestine]]></author_name><author_url><![CDATA[https://occupiedpalestine.wordpress.com/author/hajarhajar/]]></author_url><title><![CDATA[(Updated) No white hat-reward for Palestinian @khalilshreateh who &#8216;hacked&#8217; Zuckerberg Facebook page? | #HireKhalil&nbsp;;)]]></title><type><![CDATA[link]]></type><html><![CDATA[<p><span style="color:#0000ff;"><a href="http://www.maannews.net/eng/ViewDetails.aspx?ID=622292&amp;utm_source=feedburner&amp;utm_medium=feed&amp;utm_campaign=Feed%3A+imeu%2FnewsAnalysis+%28IMEU+%3A+News+%26+Analysis%29" target="_blank"><span style="color:#0000ff;"><strong>Ma&#8217;an News Agency | Aug 20, 2013</strong></span></a><span style="color:#000000;"> (<em>Developments are updated below this post</em>)</span></span><br />
<a href="https://twitter.com/MaanNewsAgency" class="twitter-follow-button" data-show-count="false">Follow @MaanNewsAgency</a></p>
<div id="BODYdiv">
<p><img loading="lazy" data-attachment-id="143360" data-permalink="https://occupiedpalestine.wordpress.com/2013/08/20/no-reward-for-palestinian-who-hacked-zuckerberg-facebook-page-hirekhalil/233958_345x2301/" data-orig-file="https://occupiedpalestine.files.wordpress.com/2013/08/233958_345x2301.jpg" data-orig-size="345,245" data-comments-opened="0" data-image-meta="{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;}" data-image-title="233958_345x230[1]" data-image-description="" data-medium-file="https://occupiedpalestine.files.wordpress.com/2013/08/233958_345x2301.jpg?w=345" data-large-file="https://occupiedpalestine.files.wordpress.com/2013/08/233958_345x2301.jpg?w=345" class="alignright size-full wp-image-143360" alt="233958_345x230[1]" src="https://occupiedpalestine.files.wordpress.com/2013/08/233958_345x2301.jpg?w=345&#038;h=245" width="345" height="245" />SAN FRANCISCO (AFP) &#8212; A researcher who hacked into Facebook chief Mark Zuckerberg&#8217;s profile to expose a security flaw won&#8217;t get the customary reward payment from the social network.</p>
<p>While Facebook offers rewards for those who find security holes, it seems that Palestinian researcher Khalil Shreateh went too far by posting the information on Zuckerberg&#8217;s own profile page.</p>
<p>Shreateh said on his blog he found a way for Facebook users to circumvent security and modify a user&#8217;s timeline.</p>
<p>He said he took the unusual step of hacking into Zuckerberg&#8217;s profile after being ignored by the Facebook security team.</p>
<p>&#8220;So i did post to Mark Zuckerberg&#8217;s timeline , as those pictures shows,&#8221; he said, including screen shots of the posting.</p>
<p>&#8220;Dear Mark Zuckerberg,&#8221; he wrote.&#8221;First sorry for breaking your privacy and post to your wall, i had no other choice to make after all the reports i sent to Facebook team. My name is KHALIL from Palestine.&#8221;</p>
<p>His reward for exposing the flaw was having his Facebook account disabled.</p>
<p>He later got a message saying, &#8220;We are unfortunately not able to pay you for this vulnerability because your actions violated our Terms of Service. We do hope, however, that you continue to work with us to find vulnerabilities in the site.&#8221;</p>
<p>Facebook said it appreciates help with security but not by hacking into user accounts.</p>
<p>Facebook security engineer Matt Jones posted a comment Sunday on a security forum saying &#8220;we fixed this bug on Thursday,&#8221; and admitted that &#8220;we should have asked for additional &#8230; instructions after his initial report.&#8221;</p>
<p>&#8220;We get hundreds of reports every day,&#8221; Jones said. &#8220;We have paid out over $1 million to hundreds of reporters. However, many of the reports we get are nonsense or misguided.&#8221;</p>
<p>Jones added that &#8220;the more important issue here is with how the bug was demonstrated using the accounts of real people without their permission.&#8221;</p>
<p>&#8220;We welcome and will pay out for future reports from him (and anyone else!) if they&#8217;re found and demonstrated within these guidelines,&#8221; Jones said on the YCombinator hacker news forum.</p>
<p>Independent security researcher Graham Cluley said he had &#8220;some sympathy&#8221; with Facebook on the issue.</p>
<p>&#8220;Although he was frustrated by the response from Facebook&#8217;s security team, Shreateh did the wrong thing by using the flaw to post a message on Mark Zuckerberg&#8217;s wall,&#8221; Cluley said on his blog.</p>
<p><em><br />
</em><br />
<span style="color:#000000;"> <strong>Note from occpal</strong></span></p>
<p>&#8220;White hat-hackers&#8221; have made the internet safety what it is today. Without people like Khalil, reporting bugs and security holes your own safety online would never be on the level which it is today.</p>
<p>I regard it a very lame action of FB  to deny Khalil&#8217;s access after several previous reports of the bug.</p>
<p><em><br />
</em></p>
<h3><span style="color:#000000;"><strong>A Reminder for  Zuckerberg</strong></span></h3>
<p><span style="color:#000000;"><em><img data-attachment-id="143416" data-permalink="https://occupiedpalestine.wordpress.com/2013/08/20/no-reward-for-palestinian-who-hacked-zuckerberg-facebook-page-hirekhalil/imagesbike/" data-orig-file="https://occupiedpalestine.files.wordpress.com/2013/08/imagesbike.jpg" data-orig-size="253,199" data-comments-opened="0" data-image-meta="{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;}" data-image-title="imagesbike" data-image-description="" data-medium-file="https://occupiedpalestine.files.wordpress.com/2013/08/imagesbike.jpg?w=253" data-large-file="https://occupiedpalestine.files.wordpress.com/2013/08/imagesbike.jpg?w=253" class="alignleft  wp-image-143416" alt="imagesbike" src="https://occupiedpalestine.files.wordpress.com/2013/08/imagesbike.jpg?w=220" width="220" srcset="https://occupiedpalestine.files.wordpress.com/2013/08/imagesbike.jpg?w=220 220w, https://occupiedpalestine.files.wordpress.com/2013/08/imagesbike.jpg 253w" sizes="(max-width: 220px) 100vw, 220px" />&#8220;One can not break into your home if  you leave the key on the door!&#8221; Did you build a faulty one and call a professional for a &#8216;repair&#8217; of the lock to secure the lock, you&#8217;d pay him as well for improving your safety and your own data. </em></span></p>
<p><span style="color:#000000;">Or one day, if you stay a miser, you will be not this lucky to get honest reports from intelligent people and end up  like the person who owns this bike. It was locked but they still got away with it&#8217;s essential parts!<em> </em></span></p>
<p><span style="color:#000000;">Not white hat style mind you!<em><br />
</em></span></p>
<p><span style="color:#000000;"><strong>In the meanwhile&#8230;.</strong></span></p>
<p>Not Facebook but several supporter initiatives are reported in media in effort  to reward Khalil for his work. <a href="http://vr-zone.com/articles/hacker-gets-10000-for-hacking-mark-zuckerbergs-facebook-page/52327.html" target="_blank"><span style="text-decoration:underline;"><span style="color:#0000ff;text-decoration:underline;"><strong>here</strong> </span></span></a>and <a href="http://www.canberratimes.com.au/it-pro/security-it/facebook-hacker-khalil-shreateh-to-be-rewarded-with-11000-20130820-hv1hc.html" target="_blank"><span style="text-decoration:underline;color:#0000ff;"><strong>here</strong></span></a>. Resulting in a <a href="http://www.gofundme.com/3znhjs" target="_blank"><span style="text-decoration:underline;color:#0000ff;"><strong>fundraiser</strong></span></a> started by Marc Maiffret stating:</p>
<blockquote><p><span style="color:#000000;"><em>&#8220;Let us all send a message to security researchers across the world and say that we appreciate the efforts they make for the good of everyone.&#8221;</em></span></p></blockquote>
<p><em><br />
</em></p>
<h3><span style="color:#000000;"><strong>Noblesse oblige Mark Zuckerberg!</strong></span></h3>
<p>If Facebook pretends to have a white-hat-reward policy they should be grateful for the reporting of the security breach and live up to their policy especially since their own team of programmers did oversee and ignored these reports and only came into action after Khalil was left no other choice than to show it at the best place where it would get, and now really gets mainstream media attention!</p>
<p><em><br />
</em></p>
<h3><span style="color:#000000;"><strong>Not one but several free wall of shame-pages for Zuckerberg!</strong></span></h3>
<p><img data-attachment-id="143414" data-permalink="https://occupiedpalestine.wordpress.com/2013/08/20/no-reward-for-palestinian-who-hacked-zuckerberg-facebook-page-hirekhalil/images_rectangle_fullsize/" data-orig-file="https://occupiedpalestine.files.wordpress.com/2013/08/images_rectangle_fullsize.jpg" data-orig-size="450,258" data-comments-opened="0" data-image-meta="{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;}" data-image-title="images_rectangle_fullsize" data-image-description="" data-medium-file="https://occupiedpalestine.files.wordpress.com/2013/08/images_rectangle_fullsize.jpg?w=450" data-large-file="https://occupiedpalestine.files.wordpress.com/2013/08/images_rectangle_fullsize.jpg?w=450" class="alignright  wp-image-143414" alt="images_rectangle_fullsize" src="https://occupiedpalestine.files.wordpress.com/2013/08/images_rectangle_fullsize.jpg?w=220" width="220" srcset="https://occupiedpalestine.files.wordpress.com/2013/08/images_rectangle_fullsize.jpg?w=220 220w, https://occupiedpalestine.files.wordpress.com/2013/08/images_rectangle_fullsize.jpg?w=440 440w" sizes="(max-width: 220px) 100vw, 220px" />Shame on you Zuckerberg. You ignored a talent and acted like a schmuck in stead of praising G-d on your knees for people like Khalil and even violated your own terms of rewards. Shows about what Facebook is about when it comes to paying the locksmith!  Thank the same Allaah/G-d/God this story got the attention it deserved the other way around and no data of users was abused on public walls but Zuckerberg&#8217;s own greed and <span style="color:#000000;"><strong>selective reward policy created own pages and nailed him on his own </strong><strong>worldwide wall of shame and it did not cost him a single shekel!! </strong></span> Way to go Facebook!!! You can&#8217;t suspend what &#8220;bugs&#8221; people!!!</p>
<p><em><br />
</em></p>
<h3><span style="color:#000000;"><strong>Facebook Bounty</strong></span></h3>
<p>If you want to assist in the Facebook bounty <span style="color:#0000ff;"><a href="http://www.gofundme.com/3znhjs" target="_blank"><span style="color:#0000ff;"><strong>you can donate on this page.</strong></span></a><span style="color:#0000ff;">  </span></span>Oh and don&#8217;t forget to read the comments Mark Zuckerberg. Comments at that page are free!</p>
<p>Kudos to Khalil;) Thank you for your alertness and for being one of the people that every day, improve our safety on the webz! For the people who prefer bytes over beats you&#8217;re our Arab Idol;)</p>
<p>I have asked Khalil to confirm the reports online to assure ourselves if the financial compensation as promised in several articles actually is or will be received or if <em>, </em>in the meanwhile, a real smart CEO who is not as short sighted as Zuckerberg did <span style="color:#0000ff;"><strong><a href="https://twitter.com/search?q=%23hirekhalil&amp;src=typd&amp;mode=realtime" target="_blank"><span style="color:#0000ff;">#HireKhalil</span></a></strong></span> in the meanwhile 🙂 We&#8217;ll keep you posted!</p>
<p><em><br />
</em><br />
<strong><span style="color:#000000;">You can follow and contact Khalil at twitter:</span></strong><br />
<a href="https://twitter.com/khalilshreateh" class="twitter-follow-button" data-show-count="false">Follow @khalilshreateh</a><br />
<em><br />
</em></p>
<h3><span style="color:#000000;"><strong>Related</strong></span></h3>
<ul>
<li><a href="http://edition.cnn.com/2013/08/19/tech/social-media/zuckerberg-facebook-hack/index.html?hpt=hp_t3" target="_blank"><span style="text-decoration:underline;color:#0000ff;"><strong>Zuckerberg&#8217;s Facebook page hacked to prove security flaw</strong></span></a> &#8211; Incl Video &#8211; CNN</li>
<li><span style="color:#0000ff;"><strong><a href="http://theimeu.tumblr.com/post/58713184118/hacker-discovers-serious-facebook-security-flaw-denied"><span style="color:#0000ff;">Hacker discovers serious Facebook security flaw, denied $500 reward </span></a></strong></span></li>
</ul>
<div data-shortcode="caption" id="attachment_143361" style="width: 598px" class="wp-caption alignnone"><a href="https://occupiedpalestine.files.wordpress.com/2013/08/4e2cc072098211e3ba8122000a1f9262_7.jpg"><img loading="lazy" aria-describedby="caption-attachment-143361" data-attachment-id="143361" data-permalink="https://occupiedpalestine.wordpress.com/2013/08/20/no-reward-for-palestinian-who-hacked-zuckerberg-facebook-page-hirekhalil/4e2cc072098211e3ba8122000a1f9262_7/" data-orig-file="https://occupiedpalestine.files.wordpress.com/2013/08/4e2cc072098211e3ba8122000a1f9262_7.jpg" data-orig-size="612,612" data-comments-opened="0" data-image-meta="{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;}" data-image-title="4e2cc072098211e3ba8122000a1f9262_7" data-image-description="" data-medium-file="https://occupiedpalestine.files.wordpress.com/2013/08/4e2cc072098211e3ba8122000a1f9262_7.jpg?w=588" data-large-file="https://occupiedpalestine.files.wordpress.com/2013/08/4e2cc072098211e3ba8122000a1f9262_7.jpg?w=588" class="size-large wp-image-143361" alt="A Palestinian has coined the &quot;Zucker Punch&quot;, brilliant!! #HireKhalil  Photo via @ImNadz (Click to enlarge)" src="https://occupiedpalestine.files.wordpress.com/2013/08/4e2cc072098211e3ba8122000a1f9262_7.jpg?w=588&#038;h=588" width="588" height="588" srcset="https://occupiedpalestine.files.wordpress.com/2013/08/4e2cc072098211e3ba8122000a1f9262_7.jpg?w=588&amp;h=588 588w, https://occupiedpalestine.files.wordpress.com/2013/08/4e2cc072098211e3ba8122000a1f9262_7.jpg 612w" sizes="(max-width: 588px) 100vw, 588px" /></a><p id="caption-attachment-143361" class="wp-caption-text">A Palestinian has coined the &#8220;Zucker Punch&#8221;, brilliant!! #HireKhalil<br />Photo by @ImNadz<br />(Click to enlarge)</p></div>
</div>
<p><em><br />
</em><br />
<em><br />
</em></p>
]]></html><thumbnail_url><![CDATA[https://occupiedpalestine.files.wordpress.com/2013/08/233958_345x2301.jpg?fit=440%2C330]]></thumbnail_url><thumbnail_width><![CDATA[345]]></thumbnail_width><thumbnail_height><![CDATA[245]]></thumbnail_height></oembed>