A hacker recently attacked Mark Zuckerberg’s own Facebook page in an attempt to showcase just how flawed the security settings of some of the leading internet services. Facebook now has 1 billion people signed up, and the fact that such a hacking attempt should be so successful has sent shockwaves through the web. The hacker, Khalil Shreateh claimed to have used a simple battered laptop to identify and exploit the vulnerability of the service, showing just how easy it can be to post a message on someone else’s page, even if their settings don’t allow for this. Shreateh has so far refused to publicly disclose which vulnerability it was that allowed him to achieve his aims.
More Accounts to Be Attacked?
Facebook has said that it currently does not have enough information to investigate the flaw. It’s feared that the flaw could enable scores of companies to use other people’s accounts for the purposes of spam, and could even allow disgruntled users who have had Facebook requests turn down to vandalise other’s accounts. Shreateh said that he attempted to warn Facebook about the flaw but received no appropriate response, leading him to unleash the attack. He has not only written a blog about his activities but produced a video detailing them too.
Reports Not Dealt With Efficiently?
The message left on Zuckerberg’s wall read: “First sorry for breaking your privacy and post to your wall . . . I [had] no other choice to make after all the reports I made to Facebook team.” Screenshots of the post went viral after the message was removed. Some reports of vulnerabilities are rewarded by Facebook with cash, but these don’t include findings achieved through unauthorised postings. Some have accused Facebook with being more concerned with raising cash than protecting its users. Facebook says that vulnerabilities can be identified and reported through the medium of test accounts.