Earlier this week, Facebook publicly denied a bounty that was claimed by a Palestinian researcher over a security flaw found in Facebook's code. Basically the flaw allowed Khalil Shreateh to post on any Facebook user's wall regardless of their security settings, whether he was their friend or not.
After reporting the bug to Facebook several times, the white hat hacker took matters into his own hands and managed to post on Mark Zuckerberg's wall. This obviously got the attention of Facebook's support staff, but they denied Shreateh's penalty claim saying that by hacking posts onto users walls, he actually violated Facebook's terms of service.
This is where Marc Maiffret, CTO of BeyondTrust comes into the picture. He feels that Shreateh's efforts to inform the social network of a serious security flaw should not go unnoticed and should be compensated accordingly. He has turned to crowdfunding site GoFundMe to raise $10,000 to compensate the hacker for his efforts. Maiffret put his money where his mouth is and started the campaign with $3000 out of his own pocket.
"Let us all send a message to security researchers across the world and say that we appreciate the efforts they make for the good of everyone," Maiffret posted on the campaign. As of this writing, the campaign has surpassed its goal of $10,000 and is continuing to climb by the hour. Seeing actions like this happen make me really happy and I hope that it served as a wake-up call to companies like Facebook who choose not to compensate those who find serious security breaches in their online services.