Baraa Habab is a young Syrian man who discovered security-loopholes in Facebook but was ignored when he messaged the company with his concerns. He then hacked the account of one of the Facebook founders, forcing them to thank him and employ him, as well as adding his name to their honours list.
The 25-year-old man from Damascus emerged after great suffering, as the war in Syria forced him to leave university, where he was studying Information Engineering and had to leave his country before achieving the dream of completing his studies.
He worked hard alone, bearing the hardships of living abroad and scientific discovery in silence. He was far from the “many theoretical matters still taught at universities” and was taken by his passion for the world of programming far beyond what he expected.
He worked patiently and diligently until he left his mark on the field of information security systems. This began in 2016 and 2017 when Baraa discovered a software error on Facebook. He wrote several times to them in Arabic and English, but they did not respond to him.
Ironically, Baraa did something the Facebook administration did not expect from a genius programmer, he accessed several private and public Facebook pages, without knowing the username, email or password associated with the page and without even contacting the owners of the pages.
READ: Facebook blocks Palestinian news agency’s page
Baraa tried to contact Facebook after this to inform them of this security-loophole but received no response. So, he had to take his actions up a notch to prove his discovery was true.
His actions included accessing the page of a Syrian adult film actor and writing “We are dishonoured by the fact that you are Syrian” on his wall, as well as accessing other public Arabic and English pages to send Facebook his new evidence, but to no avail.
Baraa decided to access the page of Facebook co-founder Chris Hughes and wrote in both English and Arabic, “There is no such thing as 100 per cent protection, there is always a missing loophole.”
Facebook decided to listen to him, and he had important documents with which he managed to convince a global company like Facebook that it had a security-loophole in its site. Facebook thanked him, and even hired him to protect its security.
After he was hired, he continued with his passion and discovered a second loophole in 2018, allowing him to violate the privacy of millions of users without their knowledge. He discovered a technical loophole that tells hackers what image, video or story a user has downloaded from Facebook on their device but did not publish it.
Such a loophole is very sensitive for a large company like Facebook to protect the privacy of its users and for its reputation, which would have been shaken if the young Syrian man had not discovered it, among others.
This is just the tip of the iceberg, because the most important thing that he does is he helps many people find solutions to technical problems, as well as many who were victims of fraud on Facebook. Habab also assists companies with information security and protection. He also provides information security content to educate people more on electronic extortion and to provide a safe space for all of our online accounts and matters, especially social media. Perhaps Baraa and his story will inspire many other ambitious and successful young people in our societies.
READ: Syria Government page shut down by Facebook for a song glorifying Russia