Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Security expert kick-starts fund to pay Facebook bug finder a $10K bounty

Gregg Keizer | Aug. 21, 2013
Khalil Shreateh, who was rebuffed by Facebook, says, 'Thank you so much'

During the interview, Maiffret also said he would pay Shreateh himself if Facebook would not. "If Mark Zuckerberg doesn't have the $2,000 to set this guy on the right path, if he contacts me I'd be happy to do it personally," Maiffret said.

Zuckerberg has the $2,000: In July, the CEO's net worth was estimated by Forbes at $16.1 billion, or nearly $3 billion more than in March.

Within minutes of Maiffret's move to fund a bounty, others began to pitch money into the pot. Firas Bushnaq, who co-founded eEye Digital Security with Maiffret in 1998, also contributed $3,000.

"This was a one-off in the sense that I just wanted to do something cool for the guy," said Maiffret in an interview today. "I want to inspire the technology companies to pay attention [to researchers] a little bit more, and for researchers to do their part, too. It was much more for an awareness thing for me."

Maiffret, a high-school drop-out and self-proclaimed hacker when he was younger, is one of the country's best-known security researchers, having founded eEye when he was a teenager. Among his notable finds was the notorious "Code Red" worm that plagued Microsoft's IIS Server in mid-2001.

"Before the [CNN] interview, I was watching television, and it had all the news about Egypt," said Maiffret today. "It felt weird, that we were going to talk about something so small in a way, and I wondered what I could do to make it better. The point is, even with an old broken laptop and the Internet you can teach yourself and take the right path."

Today Shreateh expressed his gratitude. "I appreciate it, and my best wishes to everyone out there," said Shreateh.

Shreateh, who lists himself as unemployed on his Facebook page, said he has received job offers in the security business, but has not yet accepted one.

When asked what he might do with the $10,000, Shreateh said, "It's not in my pocket yet."

Maiffret intends it will soon be.


Previous Page  1  2 

Sign up for Computerworld eNewsletters.