Crowd Funds Facebook Hacker for His Work on Their Behalf

Print Share on LinkedIn More


August 20, 2013; C|Net


NPQ takes an interest when the public votes with their cash when they think a wrong needs to be redressed or a good deed needs to be rewarded. The school bus monitor, and the owner of the boat that was shot up by police in their attempt to capture the Boston Marathon suspect, both had funds set up in their names to which the public contributed. (The boat owner said he did not wish to take the money, sending it along to help people who had suffered worse damage). And now we have Khalil Shreateh, who will receive more than $11,000 from a fund at GoFundMe. Facebook ignored Shreateh after he tried to report a bug that allowed people to post to people’s walls, regardless of whether they were friends or not. In response, he took advantage of the flaw and posted about the problem directly on the wall of Facebook CEO Mark Zuckerberg.

Facebook normally pays a bounty for such finds and puts the names of the troubleshooters on a “White List” as a form of acclaim. However, when Shreateh pulled off his stunt, not only did they not offer him a reward, but they banned him from the service—a decision they quickly reversed. (There are those who suspect that Shreateh’s Palestinian origins might have something to do with their decisions.) Facebook has since said that they do not reward researchers who test bugs against real users.

Marc Maiffret, chief technology officer at security compliance company Beyond Trust, initiated the campaign to reward Shreateh for his effort. The campaign exceeded its $10,000 goal late Tuesday afternoon, and Maiffret tweeted that he has yet to figure out a way to transfer the funds to Shreateh.

Ha Lemon, one commenter and donor on the page said, “We all made Facebook, not just Mark Zuckerberg alone. And now, we should pay the person who helped make it safer for all of us.”—Ruth McCambridge