Entries with tag independent security research.

Internet Users Raise Bounty for Palestinian Researcher

A former hacker created a crowdfunding campaign in support of a Palestinian security researcher after the man was denied a bug bounty by Facebook. Khalil Shreateh discovered a vulnerability that allows a user to post to anyone’s wall, friend or not. After his initial report was dismissed, he posted a note to Mark Zuckerberg’s wall, stating he had “no other choice.” Facebook claims there was insufficient technical detail provided by Shreateh, which did not allow them to replicate the bug and denied him the reward for finding the flaw. The campaign to remunerate Shreateh was launched by Marc Maiffret, a security researcher now with BeyondTrust, and was a teen hacker in the 1990s who infamously hacked Microsoft as well as other corporate and government websites. He says this incident highlights the importance of independent security researchers who do the right thing by contacting companies about security issues they find. To date, the GoFundMe campaign has raised US$11,000 in a single day.  Maiffret told Businessweek, “I equally hope it has reminded other researchers that while working with technology companies can sometimes be frustrating, we can never forget the greater goal; to help the internet community at large.” (AFP at The Herald Sun)(Businessweek)

Showing 1 result.