Hacker News new | comments | show | ask | jobs | submit login

This obviously is cause of language barrier. It seems bug reporter didn't have any evil intentions but was just trying to get attention of facebook so this can be fixed. so I think he should paid. maybe you can ask for an apology for tampering user data as he was wrong on that part but still he did discover a valid flaw in facebook's iron clad security.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact