Facebook hacker comes clean on 'what really happened'

Glenn Mangham of York, England, said he meant no harm and hoped Facebook would let him off the hook

The hacker who stole Facebook's source code has gone public with a deeper explanation of how he penetrated the world's most popular social network.

Glenn Mangham, of York, England, posted a lengthy writeup on his blog and a video, saying that he accepts full responsibility for his actions and that he did not think through the potential ramifications.

"Strictly speaking what I did broke the law because at the time and subsequently it was not authorized," Mangham wrote. "I was working under the premise that sometimes it is better to seek forgiveness than to ask permission."

Mangham implied he meant to contact Facebook once he had noticed the social-networking site had observed his intrusions, which he did little to hide. He didn't use proxy servers because he said it made auditing take longer due to the time delay between each request made to a server. He was also hoping that even when he got caught, Facebook would let him off the hook.

That didn't happen. He was charged and eventually pleaded guilty to three counts of unauthorized access to computer material and unauthorized modification of computer data, according to The Press newspaper in York.

Mangham was sentenced to eight months in prison in February, but the sentence was reduced to four months by an appeals court earlier this month. He was then eligible for release, subject to electronic monitoring and restrictions on his internet use.

Mangham used a vulnerability to download Facebook's source code, arguably the company's most valued and secret intellectual property.

Mangham portrayed himself as a security researcher who continued to probe Facebook because he wanted to look deeper for other security issues, since most systems have "a tough outer shell and a soft inside." He wrote that in the past he had been paid by Yahoo for finding vulnerabilities.

He said he took steps to prevent damage to Facebook's systems, hard-coding a delay in scripts he used to extract the source code to prevent "throttling of the server and impeding its availability."

After he knew Facebook was on his trail, Mangham wrote he "panicked because I knew how bad it looked without sufficient context." He maintained that "almost nobody" knew he had a copy of the site's source code, and that he kept it "physically detached from the internet."

"In many respects, it was better secured than the original," Mangham wrote.

Mangham's copy of the source code would surely have been of interest to cybercriminals who attempt to use Facebook to perpetuate scams. But he wrote he had no intention of selling the code.

"It is also worth mentioning that I had the source code for just over three weeks with absolutely nothing to prevent me from making copies and redistributing it, this was more than enough time to have caused significant damage to Facebook or to find a buyer, if that had ever actually been my intention but quite clearly it was not," Mangham wrote.

"When you consider that the only thing that stood between Facebook and potential annihilation were my ethics then I think the fact that it's all still in good working order should serve as some proof that I'm really not one of the bad guys," he wrote.

Send news tips and comments to jeremy_kirk@idg.com

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Jeremy Kirk

IDG News Service
Show Comments

Cool Tech

Breitling Superocean Heritage Chronographe 44

Learn more >

SanDisk MicroSDXC™ for Nintendo® Switch™

Learn more >

Toys for Boys

Family Friendly

Panasonic 4K UHD Blu-Ray Player and Full HD Recorder with Netflix - UBT1GL-K

Learn more >

Stocking Stuffer

Razer DeathAdder Expert Ergonomic Gaming Mouse

Learn more >

Christmas Gift Guide

Click for more ›

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?