Facebook bug catchers, Windows XP and Ubuntu Edge: IT Pro's web comment round-up

Facebook likes

The IT Pro community can always be relied on to provide some fresh, enlightening and (often) humorous perspective on the week's biggest news stories, features and reviews. And, thankfully, this week is no exception.

Over the past seven days, our readers have passed comment on Facebook's security bug catching policies, Canonical's recent smartphone funding efforts and the merits of keeping Windows XP.

Facebook bug catching debacle

The common reaction of most people who feel like they're being ignored after raising a serious customer service issue with a large organisation is to escalate the complaint to someone higher up the firm.

And that's precisely what Palestinian security researcher Khalil Shreateh did when Facebook, which offers $500 rewards to people who uncover security bugs within the site, denied he'd discovered a genuine flaw when he reported a vulnerability that allowed users to post on any member's timeline.

Thanking the reporter would be to acknowledge they had made a cock-up.

To prove his point, Shreateh posted a message on Facebook founder Mark Zuckerberg's timeline, claiming he had no other choice but to bring the issue directly to his attention as the firm's White Hat programme team were refusing to act.

As thanks for publicly pointing out the flaw, the researcher had his Facebook account closed and was told he wasn't eligible for a $500 reward because his actions violated the social networking giant's terms and conditions. Nice.

IT Pro readers were particularly sympathetic to Shreateh's plight, with several claiming big firms rarely show their appreciation to the security research community for spotting vulnerabilities.

"Never, never, never report vulnerabilities to companies [because] they will neither pay nor thank you for it. Even worse, they will try to sue you," said Paskwyno.

"When you discover a vulnerability you should just use it, or make it available to everybody. This is what the companies deserve." Oh, that sounds like fighting talk to us.

Simon Nicholls said he's had similar experiences when trying to report security issues in the past to search giant Yahoo and social networking site LinkedIn.

"I suppose it's part of the usual arrogance and blame culture of such commercial organisations...[because] acknowledging the issue and thanking the reporter would be to acknowledge they had made a cock-up," explained Nicholls.

RIP Windows XP

With Microsoft's aged operating system, Windows XP, set to be pensioned off in April 2014, IT Pro examined the pros and cons associated with keeping XP or upgrading to something a little more modern.

The article sparked nearly as much debate as the news Hollywood actor Ben Affleck is to play Batman in the caped crusader's next cinematic outing. Oh, and just for the record, we're team Affleck all the way at IT Pro.

Anyway, back to XP and Justin Coleman said there were certain use cases that make abandoning the Microsoft OS almost impossible.

"I run a small store and the till runs Windows XP. I just cannot chance switching over to another OS and nothing working...if it works, don't fix it," Coleman cautioned.

The interestingly named Babyboomer49 said everything he uses works fine with XP, despite its age, so he's sticking with the operating system and that, as they say, is that.

"Windows 7 or 8 would not improve my computer usage one iota," he sniped. "In fact it could leave me with hardware for which there is no driver and older programmes that may not reinstall. I will use XP until my PC bites the dust."

John Stolarczyk emerged as another reader backing Windows XP ahead of its newer and nimbler replacements.

"I have tried Windows 7 and 8 and neither is better than XP for everyday use," he said.

"Most users do not need or desire the bells and whistles of the newer operating systems [and] Windows 8 is clearly designed for touch screens that most do not need or desire."

Canonical's Edge of glory

Canonical's bid to raise $32 million in a month through crowd-sourcing site Indiegogo so that it could ship its dual Ubuntu/Android smartphone, known as Edge, was always going to be a tall order.

Sadly, despite smashing the record for the amount raised through a crowd-funded project, the firm ended up $20 million short of its target when the deadline for pledges passed this week.

As a result, the project has been shelved, much to the dismay of several IT Pro readers who felt given some more time Canonical would have no problem hitting its target.

"If the timing is increased, we will be able to clear this obstacle...now news is spreading at a very fast rate," fumed Neelabhi Rai.

Meanwhile, IT Pro fan V1Dar said he was a big fan of the handset, claiming its $695 asking price and specifications represent great value for money.

"Ubuntu Edge is dead cheap, and it has amazing specifications. It really depends on how many people [are] aware of this project at the end," he added.

Caroline Donnelly is the news and analysis editor of IT Pro and its sister site Cloud Pro, and covers general news, as well as the storage, security, public sector, cloud and Microsoft beats. Caroline has been a member of the IT Pro/Cloud Pro team since March 2012, and has previously worked as a reporter at several B2B publications, including UK channel magazine CRN, and as features writer for local weekly newspaper, The Slough and Windsor Observer. She studied Medical Biochemistry at the University of Leicester and completed a Postgraduate Diploma in Magazine Journalism at PMA Training in 2006.