Roy Castillo from Danao City, Cebu receives $4,500 or P193,000.00 reward.
Last week, a facebook bug has been found that discloses anyone’s Facebook primary email addresses. Now, another bug is found with the same effect by a Filipino security researcher “Roy Castillo”.
The bug however is limited only to Facebook users that set their email addresses privacy to “Only me.” Go to Roy’s blog and read the full technical details in reproducing the flaw.
Roy Castillo is also the guy behind “Off to Danao” XSS appearing to Facebook user’s walls years ago.
The Pinoy researcher is also listed and acknowledged by Facebook, Google, Apple, Twitter,eBay, Zynga, RedHat etc. for reporting security vulnerabilities.