Programmer hacks into CEO’s page to report Facebook bug

Khalil Shreateh said he has received numerous job offers since he exposed a Facebook security flaw.
EPA/ABED Al Hashlamoun
Khalil Shreateh said he has received numerous job offers since he exposed a Facebook security flaw.

YATTA, West Bank — After discovering a privacy bug on Facebook, an unemployed Palestinian programmer, Khalil Shreateh, said he just wanted to collect the traditional $500 bounty the social network offers to those who expose its glitches.

But when Facebook ignored his first two reports, Shreateh took his message to the top — and hacked into chief executive Mark Zuckerberg’s personal page to prove his point.

‘‘Sorry for breaking your privacy,’’ he wrote. ‘‘I has no other choice to make after all the reports I sent to Facebook team . . . as you can see iam not in your friend list and yet i can post to your timeline.’’


The stunt cost the 30-year-old Palestinian the bounty, but earned him praise — and numerous job offers.

Get Talking Points in your inbox:
An afternoon recap of the day’s most important business news, delivered weekdays.
Thank you for signing up! Sign up for more newsletters here

Shreateh, unable to find a job since graduating two years ago with a degree in information technology, told Facebook that he found a way that allowed anyone to post on anyone else’s wall. ‘‘I told them that you have a vulnerability and you need to close it,’’ he told the Associated Press. ‘‘I wasn’t looking to be famous.’’

In a message posted to Hacker News, a security news site, Facebook software engineer Matthew Jones said the initial report was poorly worded, although he acknowledged that the company should have pressed for more information.

He said Shreateh would not be paid a bounty because he violated the terms of service.

Jones added that the bug was fixed Thursday.


Shreateh said after being inundated with job offers he is pleased with how things worked out.

‘‘I am looking for a good job to start a normal life like everybody,’’ he said. ‘‘I am so proud to be the Palestinian who discovered that exploit in Facebook.’’