Only a day after a page was launched on crowdfunding platform GoFundMe, the internet community has raised over $10,000 for the Palestinian security researcher who exposed a flaw in Facebook’s digital infrastructure.
Khalil Shreateh last week found a bug in Facebook’s coding that allowed him to post on any user’s wall, even if the two were not friends. Shreateh claims that he sent multiple emails to Facebook about this leak and after receiving a response that claimed it was not a bug, decided to prove his point by posting on co-founder Mark Zuckerberg’s wall.
Despite this being a major breach—the implication being that spammers could post to multiple user accounts without being friends with them—Facebook did not compensate Shreateh in any way, which it would normally do for so-called “white hat” hackers who identify security flaws in its systems. According to Facebook, Shreateh was ineligible for the minimum $500 payout because he violated Facebook’s terms of service by infringing on the privacy of users he was not friends with.
To counter this, California-based security professional Marc Maiffret launched a fund-raising campaign for Shreateh, stressing the importance of online safety. The page description for the campaign reads:
Khalil Shreateh found a vulnerability in Facebook.com and, due to miscommunication, was not awarded a bounty for his work. Let us all send a message to security researchers across the world and say that we appreciate the efforts they make for the good of everyone.
In just 24 hours nearly 150 people from places as far flung as the United States, Croatia, Morocco and Bangladesh, had donated money, demonstrating how important Facebook users consider privacy and security to be.
Tech-minded netizens concerned about internet security have also criticized the social network for its handling of Shreateh’s finding. In a blog post dated August 2, Facebook claimed that it has paid out over $1 million to researchers who have discovered security bugs. The social media company has previously hired people who have hacked into its system, including user Chris Putnam, who redesigned his Facebook page to resemble rival network MySpace. Shreateh looks unlikely to get a job for his efforts, but at least he can enjoy the money.