Facebook Wrong in Refusing to Pay Helpful Hacker A hacker who found a flaw in Facebook reported it to the company but was ignored. When he finally got the company's attention by posting directly on Mark Zuckerberg's wall, he was punished for it.

By Ray Hennessey

Opinions expressed by Entrepreneur contributors are their own.

Hey, Facebook: Pay the man.

A hacker found a flaw in Facebook, reported it, eventually (and that's the sticky part) got results and then went for the $500 he was owed as part of Facebook's own bug-bounty program.

Facebook has declined. Why? Because the hacker didn't follow the company's rules.

The story is simple, and without dispute. A person identifying himself as a Palestinian named Khalil found that he could actually post information on other people's Walls, even if they weren't friends. So he put a message on the wall of Sarah Goodin, who is a college friend of Facebook founder Mark Zuckerberg. He then alerted Facebook.

Facebook's response? It's not really a bug.

Knowing that he was right, Khalil escalated the issue in an innovative way: He posted a message on Zuckerberg's own Wall, with an apology (and less-than-Oxford grammar).

"Dear Mark Zuckerberg," his post read. "First sorry for breaking your privacy and post to your wall , I has no other choice to make after all the reports I sent to Facebook team."

That certainly got Facebook's attention. It fixed the bug, and then decided to shoot the messenger.

First, Facebook suspended Khalil's account "as a precaution," as if Khalil might do the unthinkable and point out another flaw.

Then, it blamed him for not explaining himself correctly. "Unfortunately your report to our Whitehat system did not have enough technical information for us to take action on it," a company engineer wrote to him. "We cannot respond to reports which do not contain enough detail to allow us to reproduce an issue."

Then, to make it clear that this whole, unfortunate incident was Khalil's fault, the company told him he can't get the $500 bounty "because your actions violated our Terms of Service." You see, Khalil did a very naughty thing by discovering this bug and exploiting it, Facebook reminded him, when he should have alerted the company to the problem and let the very helpful and responsive Facebook staff fix it. Oh wait...see above.

Facebook could be making lemonade out of this lemon, but it instead has made lighter fluid. The money is small, as the company has paid out about $1 million in bounties over the past two years. It is a small price to pay for making this issue disappear.

Plus it is the right thing to do. Facebook set up the bounty system to reward people for pointing out its flaws. It is a cheap, easy way to ensure quality. Khalil helped Facebook. He didn't harm the company in any way. Maybe Zuckerberg didn't like someone hacking his page, but it didn't have to come to that.

But what about the principle involved? Didn't Khalil exploit the flaw? Yes, but only because Facebook refused to see it had a problem. It argued with him. Worse, it blamed him. Rather than citing a technicality, it should be more introspective about its own handling of the situation. If the company doesn't want to compensate Khalil, is it equally looking into the compensation of all the Facebook employees who touched this issue and did nothing?

Pay the man. Facebook has benefited greatly from the incident. Why should Khalil have to pay for that?

Tell us what you think. Did Facebook mistreat Khalil?

Ray Hennessey

Former Editorial Director at Entrepreneur Media

Ray Hennessey is the former editorial director of Entrepreneur.

Editor's Pick

Related Topics


Don't Just Babble on LinkedIn — You Need to Carve Out Your Own Niche. Here's Why.

To ultimately unlock the full potential of your LinkedIn experience, you need to establish yourself as a thought leader in a specific niche. This is why (and how).

Growing a Business

How an Executive Coach Can Help You Set Better Goals — And Transform Your Business

Ways to enhance your competitive advantage — and psychological wellbeing — with the assistance of a seasoned, results-focused professional.

Side Hustle

He Launched His Creative Side Hustle Out of a Garage. Now It's Worth $225 Million.

Tom Humble, CXO and founder of E.C.D. Automotive Design, followed his passion for custom auto design into big business.

Business News

This Company Promised to Transform Drive-Thrus With AI — But the Secret Powering Its Tech? Humans.

Presto Automation Inc., one of several major players in AI-ordering tech, has made headlines for using off-site employees in places like the Phillippines.

Side Hustle

Anyone Can Start a Passive Income Side Hustle For Easy Money — But Only If You Know These 5 Essential Tips First.

The rise of digital automation technology has made starting a passive income side hustle easier and more accessible than ever before.

Growing a Business

7 Strategies to Secure Business from Fellow Entrepreneurs

When implemented, these seven strategies will be valuable and helpful in growing your brand and ultimately increasing your revenue.