Thursday, 17 December 2015

Mark Zuckerberg Just Quits his Job at Facebook — Check Yourself!

facebook-mark-zuckerberg-hack

Yes, you heard it right.

Mark Zuckerberg has left his job at Facebook. Don’t believe me? I can prove it to you.



This is weird, Isn’t it?

But, don’t be surprised or shocked, because what you just saw was only an illusion.

This is actually a minor bug in the popular social media website that allows anyone to manipulate the life event of any user who has his work status posted on Facebook.

The bug, uncovered by the independent hacker Sachin Thakuri, is not a technical flaw.

So how was he able to do this?

All Thakuri did is took the original URL of Mark Zuckerberg life event:
https://www.facebook.com/zuck/timeline/story?ut=32&wstart=-2051193600&wend=2147483647&hash=971179541251&pagefilter=3&ustart=1&__mref=message_bubble
...and remove the ustart=1 parameter, which left him with:
https://www.facebook.com/zuck/timeline/story?ut=32&wstart=-2051193600&wend=2147483647&hash=971179541251&pagefilter=3&&__mref=message_bubble
Clicking on the above manipulated URL displays the same life event page of Mark Zuckerberg but with the text: Left Job at Facebook instead displaying Started Working at Facebook.

Although this is not a serious privacy or security bug, but it could be used maliciously by bad actors in order to trick victims into believing that someone have quit their job.

Thakuri reported this bug to the Facebook security team, but the bug has not been fixed as of yet. So, we can expect from the company to fix this issue as soon as possible.