http://www.wired.com/threatlevel/2013/08/researcher-denied-facebook-bounty/
By Kim Zetter
Threat Level
Wired.com
08.19.13
Now that Facebook has refused to pay a Palestinian security researcher the
bug bounty he hoped to earn for reporting a problem with its service, a
top security researcher has launched a campaign to pay him the money
Facebook denied him.
The campaign, launched by security pro Marc Maiffret, has raised $6,030
for Khalil Shreateh thus far, more than ten times the amount that
Facebook’s bug bounty program pays out for bugs of this sort.
Shreateh, a Palestinian researcher, got attention last week when he
"hacked" the Facebook page of Facebook founder Mark Zuckerberg after the
company's security team gave him the brush off for a security flaw he
reported. The bug would have allowed anyone, including spammers and
scammers, to post messages to another user’s account, even if the person
is not on the user’s Friends list.
"That would be an extremely valuable bug," says Maiffret. "There’s so many
ways to leverage that in cybercrime attacks."
[...]
--
Find the best InfoSec talent without breaking your
recruiting budget! Post a Job, $99 for 31 days.
Hot InfoSec Jobs - http://www.hotinfosecjobs.com/
